wincovid.com Open in urlscan Pro
2606:4700:3030::681b:af0a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.wincovid.rwolf.co.il/
Effective URL:
https://wincovid.com/
Submission: On May 19 via automatic, source certstream-suspicious (May 19th 2020, 6:11:53 pm UTC)

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3030::681b:af0a, located in United States and belongs to CLOUDFLARENET, US. The main domain is wincovid.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 2nd 2020. Valid for: 7 months.

This is the only time wincovid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.218.117.69 81.218.117.69	8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone)
6	2606:4700:303... 2606:4700:3030::681b:af0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
6	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
5	72.247.224.27 72.247.224.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
44	13

1 81.218.117.69 (Tel Aviv, Israel) 1 redirects

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: israel64.jetserver.net

www.wincovid.rwolf.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::681b:af0a (United States)

ASN13335 (CLOUDFLARENET, US)

wincovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

cdn.rtlcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.247.224.27 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	shortpixel.ai cdn.shortpixel.ai	729 KB
6	cloudflare.com cdnjs.cloudflare.com	209 KB
6	wincovid.com wincovid.com	59 KB
5	media.net contextual.media.net lg3.media.net	40 KB
4	gstatic.com fonts.gstatic.com	28 KB
4	youtube.com img.youtube.com	142 KB
2	facebook.com www.facebook.com	349 B
2	google-analytics.com www.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	62 KB
1	googleapis.com fonts.googleapis.com	1014 B
1	googletagmanager.com www.googletagmanager.com	33 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	13 KB
1	rtlcss.com cdn.rtlcss.com	21 KB
1	rwolf.co.il 1 redirects www.wincovid.rwolf.co.il	335 B
44	14

	Domain	Requested by
9	cdn.shortpixel.ai	wincovid.com
6	cdnjs.cloudflare.com	wincovid.com
6	wincovid.com	wincovid.com
4	fonts.gstatic.com	wincovid.com
4	img.youtube.com	wincovid.com
3	contextual.media.net	wincovid.com
2	www.facebook.com	wincovid.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com wincovid.com
2	lg3.media.net	wincovid.com
2	connect.facebook.net	wincovid.com connect.facebook.net
1	fonts.googleapis.com	wincovid.com
1	www.googletagmanager.com	wincovid.com
1	maxcdn.bootstrapcdn.com	wincovid.com
1	cdn.rtlcss.com	wincovid.com
1	www.wincovid.rwolf.co.il	1 redirects
44	15

This site contains links to these domains. Also see Links.

Domain
govextra.gov.il

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-02` - `2020-10-09`	7 months	crt.sh
cdn.rtlcss.com Let's Encrypt Authority X3	`2020-05-06` - `2020-08-04`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.shortpixel.ai Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://wincovid.com/
Frame ID: EBDDC213CD52D45B47C1F5D409D64C25
Requests: 40 HTTP requests in this frame

Frame: https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU41N1N4&cpcd=XXNknWrJup8uPMS4PYjLNA%3D%3D&crid=888348942&size=728x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwincovid.com%2F&nse=0&vi=1589911892501343565&ugd=4&nb=1
Frame ID: EBCC7AADF785202FA39C4E72AF0E6492
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU41N1N4&https=1
Frame ID: 76484EF240B2E0AC962871A3FA8B4A68
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/page.php?adapt_container_width=true&app_id=124562130972000&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df1aeaef6cea9aa%26domain%3Dwincovid.com%26origin%3Dhttps%253A%252F%252Fwincovid.com%252Ff23aa91e6ae3e2c%26relation%3Dparent.parent&container_width=1110&height=70&hide_cover=true&href=https%3A%2F%2Ffacebook.com%2Fwincovid%2F&locale=he_IL&sdk=joey&show_facepile=false&small_header=true&tabs=timeline
Frame ID: 83E9FC124852A84A6CA27F4DB93D918B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.wincovid.rwolf.co.il/ HTTP 301
https://wincovid.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
script /angular.*\.js/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

44
Requests

100 %
HTTPS

79 %
IPv6

14
Domains

15
Subdomains

13
IPs

6
Countries

1358 kB
Transfer

2298 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://govextra.gov.il/ministry-of-health/corona/corona-virus/
Title: למשרד הבריאות

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.wincovid.rwolf.co.il/ HTTP 301
https://wincovid.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wincovid.com/
Redirect Chain

https://www.wincovid.rwolf.co.il/
https://wincovid.com/

27 KB
7 KB

882ms
834ms

Document
text/html

2606:4700:3030::681b:af0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:af0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: b9a20d2ef932c543f63300caf9181fdc38d760a5275f5de72d0e6dd55b6654c9

Request headers

:method: GET
:authority: wincovid.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 19 May 2020 18:11:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df02792c4e3507fdd99ed488a1558b04f1589911890; expires=Thu, 18-Jun-20 18:11:30 GMT; path=/; domain=.wincovid.com; HttpOnly; SameSite=Lax pll_language=he; expires=Wed, 19-May-2021 18:11:33 GMT; Max-Age=31536000; path=/; secure
x-powered-by: PHP/5.6.40
link: <https://wincovid.com/wp-json/>; rel="https://api.w.org/" <https://wincovid.com/>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 595fc7e5fc8fc2f9-FRA
content-encoding: br
cf-request-id: 02cfbb43be0000c2f93185c200000001

Redirect headers

status: 301
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
set-cookie: pll_language=he; expires=Wed, 19-May-2021 18:11:32 GMT; Max-Age=31536000; path=/; secure
x-redirect-by: Polylang
location: https://wincovid.com/
content-length: 0
date: Tue, 19 May 2020 18:11:32 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 bootstrap.min.css
cdn.rtlcss.com/bootstrap/v4.0.0/css/ 142 KB
21 KB 23ms
5ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rtlcss.com/bootstrap/v4.0.0/css/bootstrap.min.css?ver=5.3.2
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 918e60822d1266be9ec4e54a93ad0607ac9f637dd80a20d71dee569a293c72d1

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: d155fb7b3164c7c68082f79590f2f0d2d1c06e98
date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: gzip
age: 0
x-edge-location: defr
x-cache: MISS, HIT
status: 200
content-length: 21177
via: 1.1 varnish
x-served-by: cache-hhn4026-HHN
last-modified: Mon, 18 Feb 2019 22:49:01 GMT
server: keycdn-engine
x-github-request-id: BE7C:2215:6BDE2:88EDC:5E7B75CF
x-timer: S1585149392.906298,VS0,VE97
etag: W/"5c6b365d-23678"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Tue, 26 May 2020 18:11:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
link: <http://pull.rtlcss.com/bootstrap/v4.0.0/css/bootstrap.min.css?ver=5.3.2>; rel="canonical"
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ 56 KB
12 KB 39ms
17ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css?ver=5.3.2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6983652
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02cfbb471b00003260210c6200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Wed, 05 Feb 2020 14:31:26 GMT
server: cloudflare
etag: W/"5e3ad1be-dff5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 595fc7eb591b3260-FRA
expires: Sun, 09 May 2021 18:11:31 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 31 KB
7 KB 51ms
29ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.css?ver=5.3.2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1266635
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02cfbb471b00003260210c7200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:15 GMT
server: cloudflare
etag: W/"5afd494f-7d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 595fc7eb59253260-FRA
expires: Sun, 09 May 2021 18:11:31 GMT

GET
H2 200 jquery.js Show response
wincovid.com/wp-includes/js/jquery/ 95 KB
32 KB 216ms
214ms Script
application/javascript 2606:4700:3030::681b:af0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wincovid.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:af0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Mar 2020 01:07:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=2628000
cf-ray: 595fc7eb3c0fc2f9-FRA
cf-request-id: 02cfbb47070000c2f9318bc200000001
expires: Tue, 26 May 2020 18:11:33 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
13 KB 4000ms
2806ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js?ver=5.3.2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
status: 200
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 13105

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.1/ 162 KB
55 KB 41ms
20ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.1/angular.min.js?ver=5.3.2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3873815
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02cfbb471b00003260210c8200000001
served-in-seconds: 0.027
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:15:35 GMT
server: cloudflare
etag: W/"5afd4837-28886"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 595fc7eb59293260-FRA
expires: Sun, 09 May 2021 18:11:31 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/ 235 KB
60 KB 43ms
22ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js?ver=5.3.2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 17577816
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02cfbb471b00003260210c9200000001
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:15 GMT
server: cloudflare
etag: W/"5afd494f-3ab2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 595fc7eb592a3260-FRA
expires: Sun, 09 May 2021 18:11:31 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/ 1 KB
1022 B 36ms
15ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js?ver=5.3.2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2378619
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02cfbb471b00003260210ca200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:15 GMT
server: cloudflare
etag: W/"5afd494f-50b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 595fc7eb592b3260-FRA
expires: Sun, 09 May 2021 18:11:31 GMT

GET
H2 200 autoptimize_995bb7ccf34887aaaeb1c78d4763b6a2.css
wincovid.com/wp-content/cache/autoptimize/css/ 50 KB
8 KB 18ms
17ms Stylesheet
text/css 2606:4700:3030::681b:af0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wincovid.com/wp-content/cache/autoptimize/css/autoptimize_995bb7ccf34887aaaeb1c78d4763b6a2.css
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:af0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 742bf3309b40315371addb4e50f8c49de2181dd0d54a5197be2634d2112ced99

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Mar 2020 18:26:57 GMT
server: cloudflare
age: 44
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 595fc7eb3c0ac2f9-FRA
cf-request-id: 02cfbb47070000c2f9318ba200000001
expires: Sun, 09 May 2021 18:10:50 GMT

GET
H2 200 autoptimize_387ae617bfdbcba1bbd581bb9d6f9242.css
wincovid.com/wp-content/cache/autoptimize/css/ 514 B
385 B 14ms
13ms Stylesheet
text/css 2606:4700:3030::681b:af0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wincovid.com/wp-content/cache/autoptimize/css/autoptimize_387ae617bfdbcba1bbd581bb9d6f9242.css
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:af0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ee1172e75213d197af47a54c14eb4bc8fcaba69069f074e0beeec2c247edce

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Mar 2020 17:32:59 GMT
server: cloudflare
age: 44
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2628000
cf-ray: 595fc7eb3c0cc2f9-FRA
cf-request-id: 02cfbb47070000c2f9318bb200000001
expires: Sun, 09 May 2021 18:10:49 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 110 KB
38 KB 110ms
39ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU41N1N4

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

84f1fe8532354056bfe45f00289c5b46a2c8b7eec6931ef2cab8087e40f61ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-mnt-h: 8-8
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "3f0196a4496319fac0151c48c3d3a46b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=2400
date: Tue, 19 May 2020 18:11:32 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-21
content-length: 38793
expires: Tue, 19 May 2020 18:51:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 82 KB
33 KB 54ms
33ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16604350-2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4d40abd5108eaf642603f68e6da54855136412439ff11a541938b066014888d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33133
x-xss-protection: 0
expires: Tue, 19 May 2020 18:11:32 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/he_IL/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/he_IL/sdk.js

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24facec529f688d6bd7fe299ca60aaa4f51f3a9c567e099ae9a8b78057549c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://wincovid.com/
Origin: https://wincovid.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YS7FrYQTBClWjJyISNR7Sg==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
etag: "c0da92ace370ffcbcbf4ab9e98bd5487"
x-fb-debug: GeXJXolHtUYyjMlkccWv9OJADXwviAaZ4kCiNEo5I1DG5NaeuNUVQjEJV+gKIxr9h9XAKu16wof5MhUKLcqhIg==
x-fb-trip-id: 664085054
x-fb-content-md5: 84d5053224d5a8548cece4891b6fe26b
x-frame-options: DENY
date: Tue, 19 May 2020 18:11:32 GMT, Tue, 19 May 2020 18:11:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 May 2020 18:27:28 GMT

GET
H2 200 logo.png
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/ 3 KB
4 KB 246ms
194ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/logo.png
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 29eeac9851b2ad6a9f1296f3d5d8bd1989c41e2335e5fbaa648c6b6cba26c39d

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:32 GMT
last-modified: Mon, 20 Apr 2020 15:54:00 GMT
server: nginx
status: 200
etag: e3f54960454c2e9cc3949f82a656ede0
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=504884, s-maxage=504884
accept-ranges: bytes
link: <https://wincovid.com/wp-content/themes/corona/images/logo.png>; rel="canonical"
content-length: 3449
x-hw: 1589911892.cds039.pa1.hn,1589911892.cds020.pa1.c

GET
H2 200 icon_world.png
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/ 7 KB
7 KB 29ms
27ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/icon_world.png
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 29eef6d7b31d92f232ff38c31ba2f47650a96a508f8d3323b3c14fc9ff4d6b3e

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:32 GMT
last-modified: Mon, 20 Apr 2020 15:54:02 GMT
server: nginx
status: 200
etag: 1626a7cba9369e9f7083fe757d937764
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=74594, s-maxage=74594
accept-ranges: bytes
link: <https://wincovid.com/wp-content/themes/corona/images/icon_world.png>; rel="canonical"
content-length: 6776
x-hw: 1589911892.cds039.pa1.hn,1589911892.cds042.pa1.c

GET
H2 200 he_IL.png
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/polylang/ 881 B
1 KB 279ms
278ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/polylang/he_IL.png
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e37653d58d23da677203c3af6b33b453136e15f77ccf3cc2c1e68b86e5f5d7e2

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:32 GMT
last-modified: Mon, 20 Apr 2020 15:54:00 GMT
server: nginx
status: 200
etag: ff484f199bc53cd132d2146cc18cecae
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=74592, s-maxage=74592
accept-ranges: bytes
link: <https://wincovid.com/wp-content/polylang/he_IL.png>; rel="canonical"
content-length: 881
x-hw: 1589911892.cds039.pa1.hn,1589911892.cds016.pa1.c

GET
H2 200 mihail-macri-gq-IUqXTvB4-unsplash.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/ 98 KB
98 KB 26ms
26ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/mihail-macri-gq-IUqXTvB4-unsplash.jpg
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 06b4475a6ec88dcf16cb9327f28d2cff2ecb8155fc75d1df70bcea3fd3d90941

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:32 GMT
last-modified: Mon, 20 Apr 2020 15:53:57 GMT
server: nginx
status: 200
etag: c764bd6838df84f7c3bf09742c7bd816
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=74589, s-maxage=74589
accept-ranges: bytes
link: <https://wincovid.com/wp-content/uploads/2020/03/mihail-macri-gq-IUqXTvB4-unsplash.jpg>; rel="canonical"
content-length: 99968
x-hw: 1589911892.cds039.pa1.hn,1589911892.cds022.pa1.c

GET
H2 200 lucas-vasques-9vnACvX2748-unsplash-scaled.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/ 178 KB
178 KB 79ms
79ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/lucas-vasques-9vnACvX2748-unsplash-scaled.jpg
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ef67a5fd2491ccd5235c8824a575a16ed863ece435b927537aa2b749c3d2e6d7

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:32 GMT
last-modified: Mon, 20 Apr 2020 15:54:05 GMT
server: nginx
status: 200
etag: 5d3ae5d99bb5f6899ddf6b7ab76ce0cf
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=74597, s-maxage=74597
accept-ranges: bytes
link: <https://wincovid.com/wp-content/uploads/2020/03/lucas-vasques-9vnACvX2748-unsplash-scaled.jpg>; rel="canonical"
content-length: 182259
x-hw: 1589911892.cds039.pa1.hn,1589911892.cds030.pa1.c

GET
H2 200 british-library-GQ5ELi84owE-unsplash-scaled.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/ 319 KB
320 KB 702ms
702ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/british-library-GQ5ELi84owE-unsplash-scaled.jpg
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fd38614394cd918a3a36bdf193a56c26effaed5771373c9d90659b8abd1a15a

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:33 GMT
last-modified: Mon, 20 Apr 2020 15:54:06 GMT
server: nginx
status: 200
etag: 063451fb9fe97eab8ee148c748977481
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=74598, s-maxage=74598
accept-ranges: bytes
link: <https://wincovid.com/wp-content/uploads/2020/03/british-library-GQ5ELi84owE-unsplash-scaled.jpg>; rel="canonical"
content-length: 327100
x-hw: 1589911892.cds039.pa1.hn,1589911893.cds028.pa1.c

GET
H2 200 perry-grone-lbLgFFlADrY-unsplash.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/ 117 KB
117 KB 29ms
28ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/uploads/2020/03/perry-grone-lbLgFFlADrY-unsplash.jpg
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: efdecf0c4eb7482ee8401a198447e05a8c512d77ac0e9bbff682e4e1f0baa301

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:34 GMT
last-modified: Mon, 20 Apr 2020 15:53:57 GMT
server: nginx
status: 200
etag: a5bbd150f6e4e487869ad3236a78ff7f
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=504881, s-maxage=504881
accept-ranges: bytes
link: <https://wincovid.com/wp-content/uploads/2020/03/perry-grone-lbLgFFlADrY-unsplash.jpg>; rel="canonical"
content-length: 119580
x-hw: 1589911894.cds039.pa1.hn,1589911894.cds029.pa1.c

GET
H2 200 sddefault.jpg
img.youtube.com/vi/SEZGeTlFglo/ 45 KB
45 KB 73ms
52ms Image
image/jpeg 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/SEZGeTlFglo/sddefault.jpg

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d3cced38fcd81cab0f18115a196ca7257fc0ba5c66346581dc1f78a822148bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:34 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46113
x-xss-protection: 0
expires: Tue, 19 May 2020 20:11:34 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/nUCLZ3t6cQo/ 23 KB
23 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/nUCLZ3t6cQo/sddefault.jpg

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ea4f4cb47ef876c4fa2cd0ddd756dedfa25d5cb54c3e20fa2090f43803fd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:34 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23601
x-xss-protection: 0
expires: Tue, 19 May 2020 20:11:34 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/5OOV1eYOaIs/ 41 KB
41 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/5OOV1eYOaIs/sddefault.jpg

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb27c42f28dea90d1f78af99411177ceb866b4d186629881af40c14bbc987b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:34 GMT
x-content-type-options: nosniff
server: sffe
etag: "1584619159"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42226
x-xss-protection: 0
expires: Tue, 19 May 2020 20:11:34 GMT

GET
H2 200 sddefault.jpg
img.youtube.com/vi/KvYYL2yrq90/ 32 KB
32 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/KvYYL2yrq90/sddefault.jpg

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

860b1d293dd13468c7fe2b42742467c42f053b64fe9b6fd21407fd30e1b7557b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:34 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1584549526"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33155
x-xss-protection: 0
expires: Tue, 19 May 2020 20:11:34 GMT

GET
H2 200 autoptimize_7c2d49ec69e327933b84fb380a640ede.js Show response
wincovid.com/wp-content/cache/autoptimize/js/ 22 KB
8 KB 15ms
14ms Script
application/javascript 2606:4700:3030::681b:af0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wincovid.com/wp-content/cache/autoptimize/js/autoptimize_7c2d49ec69e327933b84fb380a640ede.js
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:af0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439131c14ceb18cde25f1c2e1ac97cea03a2cf9d0b138bbb87cf832c13772767

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Mar 2020 17:32:59 GMT
server: cloudflare
age: 46
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=2628000
cf-ray: 595fc7fadb53c2f9-FRA
cf-request-id: 02cfbb50c30000c2f9319b9200000001
expires: Sun, 09 May 2021 18:10:50 GMT

GET
H2 200 wp-emoji-release.min.js Show response
wincovid.com/wp-includes/js/ 14 KB
4 KB 140ms
137ms Script
application/javascript 2606:4700:3030::681b:af0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wincovid.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:af0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Mar 2020 01:07:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=2628000
cf-ray: 595fc7fafbd6c2f9-FRA
cf-request-id: 02cfbb50d90000c2f9319bc200000001
expires: Tue, 26 May 2020 18:11:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1014 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:300,400,500,700,800&display=swap&subset=hebrew

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46239df75b290cf9922b436b8fbe273c4917f9cef0bfee0522dd2a17fda7ca05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 May 2020 18:11:35 GMT
server: ESF
date: Tue, 19 May 2020 18:11:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 May 2020 18:11:35 GMT

GET
H2 200 nsov_back.png
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/ 4 KB
4 KB 33ms
32ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/nsov_back.png
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 39c179db44469c0cfd07af02331be48f97aa1cb6c928a553b8ea57d7380a1d3c

Request headers

Referer: https://wincovid.com/wp-content/cache/autoptimize/css/autoptimize_995bb7ccf34887aaaeb1c78d4763b6a2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:35 GMT
last-modified: Mon, 20 Apr 2020 15:54:00 GMT
server: nginx
status: 200
etag: 41047bc6f4a501dedfc53e2f13aae6da
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=74592, s-maxage=74592
accept-ranges: bytes
link: <https://wincovid.com/wp-content/themes/corona/images/nsov_back.png>; rel="canonical"
content-length: 3607
x-hw: 1589911895.cds039.pa1.hn,1589911895.cds002.pa1.c

GET
H2 200 NGS6v5_NC0k9P9H2TbFhsqMA.woff2
fonts.gstatic.com/s/heebo/v7/ 10 KB
10 KB 31ms
10ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v7/NGS6v5_NC0k9P9H2TbFhsqMA.woff2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51936c566538e82fffaad2472f613e1060b1a5f434478961d216e487669118e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Heebo:300,400,500,700,800&display=swap&subset=hebrew
Origin: https://wincovid.com

Response headers

date: Mon, 18 May 2020 19:27:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 May 2020 17:31:08 GMT
server: sffe
age: 81839
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10528
x-xss-protection: 0
expires: Tue, 18 May 2021 19:27:36 GMT

GET
H2 200 NGS3v5_NC0k9P9kFbqROkK4q06VEeW4.woff2
fonts.gstatic.com/s/heebo/v7/ 4 KB
4 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v7/NGS3v5_NC0k9P9kFbqROkK4q06VEeW4.woff2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8effc5a8b63b311cb25d86fff7532157e0ff7c3594a2c4f5e533836708d3dcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Heebo:300,400,500,700,800&display=swap&subset=hebrew
Origin: https://wincovid.com

Response headers

date: Fri, 15 May 2020 19:17:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 May 2020 17:31:07 GMT
server: sffe
age: 341649
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3584
x-xss-protection: 0
expires: Sat, 15 May 2021 19:17:26 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 74 KB
75 KB 32ms
16ms Font
application/octet-stream 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-solid-900.woff2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css?ver=5.3.2
Origin: https://wincovid.com

Response headers

date: Tue, 19 May 2020 18:11:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 8845747
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 76120
cf-request-id: 02cfbb5702000063b9f41b6200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Wed, 05 Feb 2020 14:31:26 GMT
server: cloudflare
etag: "5e3ad1be-12958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 595fc804dad263b9-FRA
expires: Sun, 09 May 2021 18:11:35 GMT

GET
H2 200 NGS6v5_NC0k9P9H0TbFhsqMA6aw.woff2
fonts.gstatic.com/s/heebo/v7/ 4 KB
4 KB 16ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v7/NGS6v5_NC0k9P9H0TbFhsqMA6aw.woff2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46378de5b310f818aa57de3c009f148a009f643b3adc9510b14904ef86e7742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Heebo:300,400,500,700,800&display=swap&subset=hebrew
Origin: https://wincovid.com

Response headers

date: Mon, 18 May 2020 19:27:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 May 2020 17:31:01 GMT
server: sffe
age: 81852
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3668
x-xss-protection: 0
expires: Tue, 18 May 2021 19:27:23 GMT

GET
H2 200 NGS3v5_NC0k9P9kFbqRMkK4q06VE.woff2
fonts.gstatic.com/s/heebo/v7/ 10 KB
10 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v7/NGS3v5_NC0k9P9kFbqRMkK4q06VE.woff2

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d146d946fd8be33dee0d3d9bb7410a52c574428cb789d5e26c61ef03dc87307e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Heebo:300,400,500,700,800&display=swap&subset=hebrew
Origin: https://wincovid.com

Response headers

date: Tue, 19 May 2020 01:33:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 May 2020 17:31:09 GMT
server: sffe
age: 59877
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10492
x-xss-protection: 0
expires: Wed, 19 May 2021 01:33:38 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/he_IL/ 198 KB
60 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/he_IL/sdk.js?hash=856a5068057e1e4a767bcb7211f67b96&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

646c5b8ddfafc216a06c243e438dd422ee773ce76a1b1c0520ed7cf1d29a5de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://wincovid.com/
Origin: https://wincovid.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: x84TPi0Il34e0+ZS5FGn1g==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 60961
etag: "dba36995db3fccccd0e0fd0167dc52c1"
x-fb-debug: iLkRsRUk75ZXN12uiOhPPPFWDo7glxQdptZzsVq4H4u2voczU/GxSMAOmrXkKeI2m0P54QKC8cZkooRPwmm9UQ==
x-fb-trip-id: 664085054
x-fb-content-md5: 2f12abdbd0f84dc735420bdda62af5f0
x-frame-options: DENY
date: Tue, 19 May 2020 18:11:35 GMT, Tue, 19 May 2020 18:11:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 19 May 2021 16:24:15 GMT

GET
H2 200 fcmdynet.js Show response
contextual.media.net/ Frame EBCC 3 KB
2 KB 251ms
251ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU41N1N4&cpcd=XXNknWrJup8uPMS4PYjLNA%3D%3D&crid=888348942&size=728x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwincovid.com%2F&nse=0&vi=1589911892501343565&ugd=4&nb=1

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3e95f585c695ea6bdec89a68936a94e5d3e97b0c9e12fee5793c75e348942adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=300
date: Tue, 19 May 2020 18:11:36 GMT
content-length: 1423
expires: Tue, 19 May 2020 18:16:36 GMT

GET
H2 200 checksync.php
contextual.media.net/ Frame 7648 0
0 25ms
24ms Document
text/html 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU41N1N4&https=1

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU41N1N4&https=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wincovid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://wincovid.com/

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Fri, 20 Nov 2020 18:11:35 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=477779
expires: Mon, 25 May 2020 06:54:34 GMT
date: Tue, 19 May 2020 18:11:35 GMT
content-length: 4507

GET
H2 200 bping.php
lg3.media.net/ 35 B
177 B 19ms
17ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU41N1N4&crid=888348942&vi=1589911892501343565&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781338&r=1589911895840&requrl=https%3A%2F%2Fwincovid.com%2F&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001589911895837031182208002812&gdpr=1
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 May 2020 18:11:35 GMT
server: Apache
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 19 May 2020 18:11:35 GMT

GET
H2 200 play.png
cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/ 678 B
883 B 27ms
27ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://wincovid.com/wp-content/themes/corona/images/play.png
Requested by: Host: wincovid.com
URL: https://wincovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e7af61bb1dc1a5f77f2d8640b68d5151b03760448bef886a10baa8a96e4ecddb

Request headers

Referer: https://wincovid.com/wp-content/cache/autoptimize/css/autoptimize_995bb7ccf34887aaaeb1c78d4763b6a2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:35 GMT
last-modified: Thu, 23 Apr 2020 19:43:13 GMT
server: nginx
status: 200
etag: a28a8316f2a4121ac629dc71ba43368c
vary: Accept-Encoding
x-tag: Domain:wincovid.com
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=347545, s-maxage=347545
accept-ranges: bytes
link: <https://wincovid.com/wp-content/themes/corona/images/play.png>; rel="canonical"
content-length: 678
x-hw: 1589911895.cds039.pa1.hn,1589911895.cds032.pa1.c

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16604350-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 4516
date: Tue, 19 May 2020 16:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 19 May 2020 18:56:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
349 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=124562130972000&ev=fb_page_view&dl=https%3A%2F%2Fwincovid.com%2F&rl=&if=false&ts=1589911895964&sw=1600&sh=1200

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 18:11:35 GMT, Tue, 19 May 2020 18:11:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 19 May 2020 18:11:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
196 B 15ms
14ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=948154609&t=pageview&_s=1&dl=https%3A%2F%2Fwincovid.com%2F&ul=en-us&de=UTF-8&dt=%D7%9E%D7%A0%D7%A6%D7%97%D7%99%D7%9D%20%D7%91%D7%99%D7%97%D7%93%20%D7%90%D7%AA%20%D7%94%D7%A7%D7%95%D7%A8%D7%95%D7%A0%D7%94%20-%20%D7%A2%D7%9E%D7%95%D7%93%20%D7%94%D7%91%D7%99%D7%AA&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1488734247&gjid=25370819&cid=1005652556.1589911896&tid=UA-16604350-2&_gid=2080121858.1589911896&_r=1&gtm=2ou561&z=377989516

Requested by

Host: wincovid.com
URL: https://wincovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 May 2020 18:11:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page.php
www.facebook.com/v6.0/plugins/ Frame 83E9 0
0 45ms
44ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/page.php?adapt_container_width=true&app_id=124562130972000&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df1aeaef6cea9aa%26domain%3Dwincovid.com%26origin%3Dhttps%253A%252F%252Fwincovid.com%252Ff23aa91e6ae3e2c%26relation%3Dparent.parent&container_width=1110&height=70&hide_cover=true&href=https%3A%2F%2Ffacebook.com%2Fwincovid%2F&locale=he_IL&sdk=joey&show_facepile=false&small_header=true&tabs=timeline

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js?hash=856a5068057e1e4a767bcb7211f67b96&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v6.0/plugins/page.php?adapt_container_width=true&app_id=124562130972000&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df1aeaef6cea9aa%26domain%3Dwincovid.com%26origin%3Dhttps%253A%252F%252Fwincovid.com%252Ff23aa91e6ae3e2c%26relation%3Dparent.parent&container_width=1110&height=70&hide_cover=true&href=https%3A%2F%2Ffacebook.com%2Fwincovid%2F&locale=he_IL&sdk=joey&show_facepile=false&small_header=true&tabs=timeline
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wincovid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0WfZP6vIE1Xb9e4EC..BexCFX...1.0.BexCFX.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://wincovid.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v6.0
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: XycKZaAtj94XNF3Es/Zc1KuWhPQ2nzZUMOXjzwy3TIIEhVC5RDnurfZj9Xzx0bF6ioeTZaHPSk1XkXkmf4909g==
date: Tue, 19 May 2020 18:11:36 GMT Tue, 19 May 2020 18:11:36 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 flping.php
lg3.media.net/ Frame EBCC 35 B
177 B 19ms
14ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/flping.php?reason=53&action=4&cme=TXGAsGhiAPf9eQTREod8BWe-GGz2TYjMho6OdWD_NtlkT8-4SDZWZXkpQ4R1fVF1PKb6Zuirja5xBR8OlDLd404GYIjxDEDDPbsiGtP2htcEV39ZgNomH75P4bgmyBZ77zB81Y4S6UiZA7qQO2vkM1mo5i1ksWleCE1Gx1NKx3MuXE55vSe72ArUPQbbbJA6xHZoEMqC8Jpg5IBDYdAiOeEtY2thDsrDjTkpvJGwK0TeXsrA95n9eEqb_YTSwgFhGhliDbkzBbPuRdJJba5zm5RQttDvbgR7c-GRd3QVtcP2HzRfqnQ_b1G2767Jr5qjMksTyPQFaHaoTSlpyskSZy_4rpSbhlK9DFCDyeUrwKeqyJM_54oVxq1bVsudgkChWetffO2BJSoB0BP1TXyyQPww_GqNZMWb98-A_pLbdNwRa8K79OHw6pCBhYHTIo1W1KVxPcauNWPw-_1LfUB2zsSqPk102idQ7Qz_ecAkQi6zT0MDM1aIixixJrzRmXjM9H9oXcl_AuHWKoDZ8o6SOlCW7FRdCSXY%7C%7C&gdpr=1&r=1589911896099&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer: https://wincovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 May 2020 18:11:36 GMT
server: Apache
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 19 May 2020 18:11:36 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wincovid.com/	1970-01-19 09:38:31	Name: _gat_gtag_UA_16604350_2 Value: 1
.wincovid.com/	1970-01-19 09:39:58	Name: _gid Value: GA1.2.2080121858.1589911896
.wincovid.com/	1970-01-20 03:09:43	Name: _ga Value: GA1.2.1005652556.1589911896
wincovid.com/	1970-01-19 09:38:33	Name: session_depth Value: wincovid.com%3D1%7C888348942%3D1
.media.net/	1970-01-19 14:04:55	Name: gdpr_status Value: 1
.wincovid.com/	1970-01-19 10:21:43	Name: __cfduid Value: dd17893c596ef45badad7b137ed849a4e1589911894

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://wincovid.com/wp-content/cache/autoptimize/js/autoptimize_7c2d49ec69e327933b84fb380a640ede.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rtlcss.com
cdn.shortpixel.ai
cdnjs.cloudflare.com
connect.facebook.net
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
img.youtube.com
lg3.media.net
maxcdn.bootstrapcdn.com
wincovid.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.wincovid.rwolf.co.il
151.139.128.11
2001:4de0:ac19::1:b:3b
2606:4700:3030::681b:af0a
2606:4700::6810:84e5
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0b:4d07:101::1
72.247.224.27
81.218.117.69
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
06b4475a6ec88dcf16cb9327f28d2cff2ecb8155fc75d1df70bcea3fd3d90941
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ee1172e75213d197af47a54c14eb4bc8fcaba69069f074e0beeec2c247edce
14ea4f4cb47ef876c4fa2cd0ddd756dedfa25d5cb54c3e20fa2090f43803fd16
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
24facec529f688d6bd7fe299ca60aaa4f51f3a9c567e099ae9a8b78057549c16
29eeac9851b2ad6a9f1296f3d5d8bd1989c41e2335e5fbaa648c6b6cba26c39d
29eef6d7b31d92f232ff38c31ba2f47650a96a508f8d3323b3c14fc9ff4d6b3e
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2d3cced38fcd81cab0f18115a196ca7257fc0ba5c66346581dc1f78a822148bf
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
39c179db44469c0cfd07af02331be48f97aa1cb6c928a553b8ea57d7380a1d3c
3e95f585c695ea6bdec89a68936a94e5d3e97b0c9e12fee5793c75e348942adc
439131c14ceb18cde25f1c2e1ac97cea03a2cf9d0b138bbb87cf832c13772767
46239df75b290cf9922b436b8fbe273c4917f9cef0bfee0522dd2a17fda7ca05
51936c566538e82fffaad2472f613e1060b1a5f434478961d216e487669118e1
5fd38614394cd918a3a36bdf193a56c26effaed5771373c9d90659b8abd1a15a
646c5b8ddfafc216a06c243e438dd422ee773ce76a1b1c0520ed7cf1d29a5de2
742bf3309b40315371addb4e50f8c49de2181dd0d54a5197be2634d2112ced99
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f1fe8532354056bfe45f00289c5b46a2c8b7eec6931ef2cab8087e40f61ec8
860b1d293dd13468c7fe2b42742467c42f053b64fe9b6fd21407fd30e1b7557b
8effc5a8b63b311cb25d86fff7532157e0ff7c3594a2c4f5e533836708d3dcfc
918e60822d1266be9ec4e54a93ad0607ac9f637dd80a20d71dee569a293c72d1
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
b9a20d2ef932c543f63300caf9181fdc38d760a5275f5de72d0e6dd55b6654c9
bb27c42f28dea90d1f78af99411177ceb866b4d186629881af40c14bbc987b6b
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
d146d946fd8be33dee0d3d9bb7410a52c574428cb789d5e26c61ef03dc87307e
d46378de5b310f818aa57de3c009f148a009f643b3adc9510b14904ef86e7742
dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd
e37653d58d23da677203c3af6b33b453136e15f77ccf3cc2c1e68b86e5f5d7e2
e4d40abd5108eaf642603f68e6da54855136412439ff11a541938b066014888d
e7af61bb1dc1a5f77f2d8640b68d5151b03760448bef886a10baa8a96e4ecddb
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef67a5fd2491ccd5235c8824a575a16ed863ece435b927537aa2b749c3d2e6d7
efdecf0c4eb7482ee8401a198447e05a8c512d77ac0e9bbff682e4e1f0baa301

wincovid.com Open in urlscan Pro 2606:4700:3030::681b:af0a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

79 %IPv6

14 Domains

15 Subdomains

13 IPs

6 Countries

1358 kBTransfer

2298 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wincovid.com Open in urlscan Pro
2606:4700:3030::681b:af0a Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

79 %
IPv6

14
Domains

15
Subdomains

13
IPs

6
Countries

1358 kB
Transfer

2298 kB
Size

6
Cookies

44 HTTP transactions
0 data transactions