icleancovid19.com Open in urlscan Pro
192.124.249.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://icleancovid19.com/
Effective URL:
https://icleancovid19.com/
Submission: On May 29 via api (May 29th 2020, 9:34:15 pm UTC) from BE

Summary HTTP 38 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 38 HTTP transactions. The main IP is 192.124.249.8, located in United States and belongs to SUCURI-SEC, US. The main domain is icleancovid19.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 21st 2020. Valid for: a year.

This is the only time icleancovid19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	192.124.249.8 192.124.249.8	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
4	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1 6	151.101.112.116 151.101.112.116	54113 (FASTLY) (FASTLY)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
38	11

12 192.124.249.8 (United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10008.sucuri.net

icleancovid19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.112.116 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

www.yelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

s3-media1.fl.yelpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	icleancovid19.com 1 redirects icleancovid19.com	417 KB
6	gstatic.com fonts.gstatic.com	96 KB
6	yelp.com 1 redirects www.yelp.com	2 KB
4	shortpixel.ai cdn.shortpixel.ai	68 KB
3	facebook.net connect.facebook.net	172 KB
2	facebook.com www.facebook.com	445 B
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	doubleclick.net stats.g.doubleclick.net	99 B
1	youtube.com www.youtube.com
1	yelpcdn.com s3-media1.fl.yelpcdn.com	1 KB
38	11

	Domain	Requested by
12	icleancovid19.com	1 redirects icleancovid19.com
6	fonts.gstatic.com	icleancovid19.com
6	www.yelp.com	1 redirects s3-media1.fl.yelpcdn.com
4	cdn.shortpixel.ai	icleancovid19.com
3	connect.facebook.net	icleancovid19.com connect.facebook.net
2	www.facebook.com	icleancovid19.com connect.facebook.net
2	www.google-analytics.com	icleancovid19.com
2	fonts.googleapis.com	icleancovid19.com
1	stats.g.doubleclick.net	icleancovid19.com
1	www.youtube.com	icleancovid19.com
1	s3-media1.fl.yelpcdn.com	icleancovid19.com
38	11

This site contains links to these domains. Also see Links.

Domain
www.cdc.gov
www.who.int
www.ppwpm.com
gbac.org
www.osha.gov

Subject Issuer	Validity	Valid
icleancovid19.com Go Daddy Secure Certificate Authority - G2	`2020-04-21` - `2021-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.shortpixel.ai Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-22` - `2021-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
yelp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-04-07`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://icleancovid19.com/
Frame ID: 46B2A930405D1540764BD7BAE6E5611F
Requests: 32 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HRrCBQi1aHo?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=0
Frame ID: F88993F1D567E298F49DF3A8A9FE2565
Requests: 1 HTTP requests in this frame

Frame: https://www.yelp.com/embed/ga
Frame ID: 94C4729A861ECFE0736225A09D6CE2D3
Requests: 1 HTTP requests in this frame

Frame: https://www.yelp.com/embed/review/mjiQUmbYT4dBt0zzcwxj3A?embed_location=icleancovid19.com
Frame ID: 5213E142526B48CACD1EEC878FB54D62
Requests: 1 HTTP requests in this frame

Frame: https://www.yelp.com/embed/review/sNoOUjfpvG77ZlxADyfT7g?embed_location=icleancovid19.com
Frame ID: 5CF64313F2224C26B5D6CDFCDF64EA3F
Requests: 1 HTTP requests in this frame

Frame: https://www.yelp.com/embed/review/xXmkTA-6Sxlk8jdqL4Ba8A?embed_location=icleancovid19.com
Frame ID: DB987F1AFC12640E3AAE5D94E04CC157
Requests: 1 HTTP requests in this frame

Frame: https://www.yelp.com/embed/review/3VEYLQ2JmAZlLZML043zrA?embed_location=icleancovid19.com
Frame ID: E3A338A18B53C33E22BDB120C98A26F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://icleancovid19.com/ HTTP 301
https://icleancovid19.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

38
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

11
IPs

4
Countries

775 kB
Transfer

2155 kB
Size

12
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cdc.gov/coronavirus/2019-ncov/cases-updates/index.html
Title: CDC

Search URL Search Domain Scan URL

URL: https://www.who.int/
Title: World Health Organization

Search URL Search Domain Scan URL

URL: https://www.ppwpm.com/
Title: Professional Powerwashing Maintenance

Search URL Search Domain Scan URL

URL: https://gbac.org/
Title: Global Biorisk Advisory Council

Search URL Search Domain Scan URL

URL: https://www.osha.gov/Publications/OSHA3990.pdf
Title: OSHA

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/coronavirus/2019-ncov/index.html
Title: Please Take Self Checker

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://icleancovid19.com/ HTTP 301
https://icleancovid19.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.yelp.com/embed/widgets.js HTTP 303
https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
icleancovid19.com/
Redirect Chain

http://icleancovid19.com/
https://icleancovid19.com/

95 KB
26 KB

15260ms
15219ms

Document
text/html

192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

ba59d797d8ca923cbf699915df0602adb3d57ec05da2207b8df614b2e07a1e33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: icleancovid19.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 29 May 2020 21:33:56 GMT
content-type: text/html; charset=UTF-8
content-length: 26190
x-sucuri-id: 15008
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
link: <https://icleancovid19.com/wp-json/>; rel="https://api.w.org/", <https://icleancovid19.com/>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS

Redirect headers

Server: Sucuri/Cloudproxy
Date: Fri, 29 May 2020 21:33:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 234
Connection: keep-alive
X-Sucuri-ID: 15008
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://icleancovid19.com/
X-Sucuri-Cache: EXPIRED

GET
H2 200 autoptimize_d98fa7287c1e6b756c71108f0acaf310.css
icleancovid19.com/wp-content/cache/autoptimize/css/ 339 KB
57 KB 62ms
61ms Stylesheet
text/css 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-content/cache/autoptimize/css/autoptimize_d98fa7287c1e6b756c71108f0acaf310.css

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

50e5a426880971d6aa79f2c08756aa0a409d1edeff927782540bd5bf21ee4eeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 57556
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Apr 2020 01:15:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8be1445-54dda-5a477cc65b64d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
769 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47e4af0784e1a26a5961a085f84759c573a214e2b5839fd985d5306c94a810da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 May 2020 21:33:56 GMT
server: ESF
date: Fri, 29 May 2020 21:33:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 May 2020 21:33:56 GMT

GET
H2 200 autoptimize_single_0d3e9d5f196acf01923724243da1577b.css
icleancovid19.com/wp-content/cache/autoptimize/css/ 17 KB
2 KB 67ms
66ms Stylesheet
text/css 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-content/cache/autoptimize/css/autoptimize_single_0d3e9d5f196acf01923724243da1577b.css?ver=1587496501

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

d2736cb5d0c6c12a224f7b40a1950b98208423f0fc048ceb11ec616e5e363c2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 1854
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Apr 2020 01:21:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8be0ec2-44d6-5a3ff30d082cd-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoptimize_single_d47e4c4d02feb08595f57153df6b34ce.css
icleancovid19.com/wp-content/cache/autoptimize/css/ 16 KB
2 KB 75ms
75ms Stylesheet
text/css 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-content/cache/autoptimize/css/autoptimize_single_d47e4c4d02feb08595f57153df6b34ce.css?ver=1587843128

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

b48d54e73aa8779b71794a030cca53a4f670759c47cc95b60daa94f1d36bf997

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 1711
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Apr 2020 19:04:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8be142d-3e96-5a422264af101-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 69 KB
2 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJosefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fef3e41c93feb1a65aea1d563b9aad5c91488405d14de4c5cad7c85ef0ef4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 May 2020 21:33:56 GMT
server: ESF
date: Fri, 29 May 2020 21:33:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 May 2020 21:33:56 GMT

GET
H2 200 jquery.js Show response
icleancovid19.com/wp-includes/js/jquery/ 95 KB
33 KB 52ms
51ms Script
application/javascript 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 33776
x-xss-protection: 1; mode=block
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8be0ba9-17a69-5890dc7401880-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 prevention.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_800/https://icleancovid19.com/wp-content/uploads/2020/04/ 50 KB
51 KB 721ms
657ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_800/https://icleancovid19.com/wp-content/uploads/2020/04/prevention.jpg
Requested by: Host: icleancovid19.com
URL: https://icleancovid19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 31bd24a29623f71d0025480a1dcb727a292239963b61e5cca9e1da2e4d71c573

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:57 GMT
last-modified: Sun, 24 May 2020 06:25:53 GMT
server: nginx
status: 200
etag: 05d18a635efa8818bd5a16eba1f11e78
vary: Accept-Encoding
x-tag: Domain:icleancovid19.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2101916, s-maxage=2101916
accept-ranges: bytes
link: <https://icleancovid19.com/wp-content/uploads/2020/04/prevention.jpg>; rel="canonical"
content-length: 51584
x-hw: 1590788037.cds035.pa1.hn,1590788037.cds011.pa1.s,1590788037.dop136.fr8.t,1590788037.cds085.fr8.p,1590788037.cds011.pa1.s,1590788037.dop003.fr8.t,1590788037.cds085.fr8.p,1590788037.cds011.pa1.p

GET
H2 200 ieha.png
cdn.shortpixel.ai/client/q_glossy,ret_img,w_1128/https://icleancovid19.com/wp-content/uploads/2020/04/ 10 KB
10 KB 91ms
65ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_1128/https://icleancovid19.com/wp-content/uploads/2020/04/ieha.png
Requested by: Host: icleancovid19.com
URL: https://icleancovid19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 335d12a1886c2b3b63f7d87dbbdf633a1ef65e7e9f032b9060b147871586585c

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:57 GMT
last-modified: Sun, 24 May 2020 04:48:24 GMT
server: nginx
status: 200
etag: 313fdba110fd47495dfc7bb62651fecc
vary: Accept-Encoding
x-tag: Domain:icleancovid19.com
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2586153, s-maxage=2586153
accept-ranges: bytes
link: <https://icleancovid19.com/wp-content/uploads/2020/04/ieha.png>; rel="canonical"
content-length: 9927
x-hw: 1590788037.cds035.pa1.hn,1590788037.cds011.pa1.s,1590788037.dop149.fr8.t,1590788037.cds127.fr8.c,1590788037.cds011.pa1.s,1590788037.dop005.fr8.t,1590788037.cds127.fr8.c,1590788037.cds011.pa1.p

GET
H2 200 Attachment_1587478519.gif
cdn.shortpixel.ai/client/q_glossy,ret_img,w_199,h_156/https://icleancovid19.com/wp-content/uploads/2020/04/ 3 KB
3 KB 181ms
155ms Image
image/gif 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_199,h_156/https://icleancovid19.com/wp-content/uploads/2020/04/Attachment_1587478519.gif
Requested by: Host: icleancovid19.com
URL: https://icleancovid19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 12a5db60f37f22e0e7a74c885d242cd0ec4fe02d6d7a0f14cf5aab245637a5e1

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:57 GMT
last-modified: Sun, 24 May 2020 02:52:56 GMT
server: nginx
status: 200
etag: 0b7cdbcccb9e8369121eca69a4ef413e
vary: Accept-Encoding
x-tag: Domain:icleancovid19.com
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2089139, s-maxage=2089139
accept-ranges: bytes
link: <https://icleancovid19.com/wp-content/uploads/2020/04/Attachment_1587478519.gif>; rel="canonical"
content-length: 2962
x-hw: 1590788037.cds035.pa1.hn,1590788037.cds038.pa1.s,1590788037.dop027.fr8.t,1590788037.cds041.fr8.p,1590788037.cds038.pa1.s,1590788037.dop136.fr8.t,1590788037.cds041.fr8.p,1590788037.cds038.pa1.p

GET
H2

200

widgets.js Show response
s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/
Redirect Chain

https://www.yelp.com/embed/widgets.js
https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

3 KB
1 KB

89ms
28ms

Script
application/javascript

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0590cb9c08f714372794eb08e5924ff437993c87378c2c5ebc00c5c883d38a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 924
x-served-by: cache-sjc10021-SJC, cache-hhn4079-HHN
x-timer: S1590788037.348585,VS0,VE0
etag: "88bd59a212012848a1b7a6074123af2d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=315360000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www.yelp.com/csp_report_only?id=b0ebd4e057e20415&page=full_site_ssl_csp_report_directives&policy_hash=b2ccf9e11dc27afc890ea17e5125d0aa&site=www&timestamp=1590788037; default-src https:; img-src https: data: https://*.adsrvr.org; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; connect-src https:; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src https: yelp-webview://* yelp://* data:; child-src https: yelp-webview://* yelp://*; media-src https:; object-src 'self'; worker-src blob: https:; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; form-action https: 'self'
x-cache: MISS
status: 303
x-routing-service: 10-65-115-212-useast1aprod; site=www
x-mode: ro
content-length: 0
x-xss-protection: 1; report=https://www.yelp.com/xss_protection_report
x-served-by: cache-hhn4053-HHN
pragma: no-cache
x-node: www_all, 10-65-102-185-useast1aprod-68015d01-a1ba-11ea-8b65-4e6fc2ed4
referrer-policy: origin-when-cross-origin
server: nginx
x-timer: S1590788037.094841,VS0,VE159
date: Fri, 29 May 2020 21:33:57 GMT
x-proxied: 10-65-186-1-useast1bprod
vary: User-Agent
content-type: text/html; charset=UTF-8
location: https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js
x-zipkin-id: f73d5776135344a1
expires: Fri, 29 May 2020 21:33:57 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, no-transform
content-security-policy: report-uri https://www.yelp.com/csp_block?id=b0ebd4e057e20415&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
accept-ranges: bytes, bytes
x-b3-sampled: 0
x-cache-hits: 0

GET
H2 200 bgs-1.jpg
cdn.shortpixel.ai/client/q_glossy,ret_img,w_180/https://icleancovid19.com/wp-content/uploads/2020/04/ 3 KB
4 KB 94ms
69ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_180/https://icleancovid19.com/wp-content/uploads/2020/04/bgs-1.jpg
Requested by: Host: icleancovid19.com
URL: https://icleancovid19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fd8ff579992d9d5963dd0c13606aeef206902ca88eced133dee6939a8360384

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:57 GMT
last-modified: Mon, 25 May 2020 23:38:02 GMT
server: nginx
status: 200
etag: 61d47405f45630b984183cf08be0c96d
vary: Accept-Encoding
x-tag: Domain:icleancovid19.com
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2568011, s-maxage=2568011
accept-ranges: bytes
link: <https://icleancovid19.com/wp-content/uploads/2020/04/bgs-1.jpg>; rel="canonical"
content-length: 3473
x-hw: 1590788037.cds035.pa1.hn,1590788037.cds018.pa1.s,1590788037.dop168.fr8.t,1590788037.cds129.fr8.c,1590788037.cds018.pa1.s,1590788037.dop016.fr8.t,1590788037.cds129.fr8.c,1590788037.cds018.pa1.p

GET
H2 200 autoptimize_9fdbe2d913d425dff470a58a3e66eb6f.js Show response
icleancovid19.com/wp-content/cache/autoptimize/js/ 431 KB
116 KB 41ms
39ms Script
application/javascript 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-content/cache/autoptimize/js/autoptimize_9fdbe2d913d425dff470a58a3e66eb6f.js

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

98a771d2e8f744f6ddbd4e8799325fd738ccde733425526659728b70a9b68fdf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Apr 2020 02:34:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8be143d-6bb03-5a4286e8b5e09-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3322
date: Fri, 29 May 2020 20:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 29 May 2020 22:38:35 GMT

GET
H2 200 wp-emoji-release.min.js Show response
icleancovid19.com/wp-includes/js/ 14 KB
5 KB 40ms
39ms Script
application/javascript 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 4653
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Nov 2019 22:04:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8be0c1d-364d-596a09c229880-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
32 KB 19ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: wL34Mw6eMxqBqkrBQsaKc818vPQSKvQzX6P1skBp2PoxDuRxduHjZPrsmpiumYqgzLm1iiss5gr/qfcwxJ7hSA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 29 May 2020 21:33:57 GMT, Fri, 29 May 2020 21:33:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 HRrCBQi1aHo
www.youtube.com/embed/ Frame F889 0
0 162ms
162ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HRrCBQi1aHo?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=0

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/HRrCBQi1aHo?feature=oembed&start&end&wmode=opaque&loop=0&controls=1&mute=0&rel=0&modestbranding=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://icleancovid19.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://icleancovid19.com/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
date: Fri, 29 May 2020 21:33:57 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=gYx5UYE6nZg; path=/; domain=.youtube.com; secure; expires=Wed, 25-Nov-2020 21:33:57 GMT; httponly; samesite=None YSC=bVD3njZdUA8; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=gYx5UYE6nZg; path=/; domain=.youtube.com; secure; expires=Wed, 25-Nov-2020 21:33:57 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 29-May-2020 22:03:57 GMT
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bgs.jpg
icleancovid19.com/wp-content/uploads/2020/04/ 54 KB
55 KB 18ms
18ms Image
image/jpeg 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icleancovid19.com/wp-content/uploads/2020/04/bgs.jpg

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

ad6db43eceb0b9f473fa656f54ec2dc468eb94950ff9b11fdd0a62740d315554

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/wp-content/cache/autoptimize/css/autoptimize_single_d47e4c4d02feb08595f57153df6b34ce.css?ver=1587843128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
content-length: 55616
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2020 14:15:50 GMT
server: nginx
etag: "8be0e9d-d940-5a3b9894408e1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bgs-1.jpg
icleancovid19.com/wp-content/uploads/2020/04/ 45 KB
46 KB 23ms
23ms Image
image/jpeg 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icleancovid19.com/wp-content/uploads/2020/04/bgs-1.jpg

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

1a379d28db38769a274496e2c9037a3d58f71a269d3c339597c7712dbfb46def

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/wp-content/cache/autoptimize/css/autoptimize_single_d47e4c4d02feb08595f57153df6b34ce.css?ver=1587843128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
content-length: 46456
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2020 16:01:28 GMT
server: nginx
etag: "8be0ea8-b578-5a3bb0309c6d3"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v15/ 26 KB
26 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v15/Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJosefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://icleancovid19.com

Response headers

date: Tue, 19 May 2020 09:25:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 23:04:56 GMT
server: sffe
age: 907727
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26876
x-xss-protection: 0
expires: Wed, 19 May 2021 09:25:10 GMT

GET
H2 200 fa-solid-900.woff2
icleancovid19.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
75 KB 59ms
57ms Font
font/woff2 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://icleancovid19.com/wp-content/cache/autoptimize/css/autoptimize_d98fa7287c1e6b756c71108f0acaf310.css
Origin: https://icleancovid19.com

Response headers

date: Fri, 29 May 2020 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Apr 2020 19:14:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8be131d-12934-5a3d1d31976d5-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/woff2
cache-control: max-age=315360000
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJosefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://icleancovid19.com

Response headers

date: Tue, 19 May 2020 09:27:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 907613
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Wed, 19 May 2021 09:27:04 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJosefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://icleancovid19.com

Response headers

date: Tue, 19 May 2020 23:24:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 857340
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Wed, 19 May 2021 23:24:57 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v4/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v4/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f707ac905bc601e7c615efef3341229528ef740fdea765fc4c98eec658670856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
Origin: https://icleancovid19.com

Response headers

date: Mon, 18 May 2020 19:11:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:05 GMT
server: sffe
age: 958944
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14092
x-xss-protection: 0
expires: Tue, 18 May 2021 19:11:33 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJosefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.4.1
Origin: https://icleancovid19.com

Response headers

date: Tue, 19 May 2020 03:35:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 928685
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Wed, 19 May 2021 03:35:52 GMT

GET
H2 200 jizAREVItHgc8qDIbSTKq4XkRi24_SI0q1vjitOh.woff2
fonts.gstatic.com/s/librefranklin/v4/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v4/jizAREVItHgc8qDIbSTKq4XkRi24_SI0q1vjitOh.woff2

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bac41f9892f4fadbd7355e6d863f2d74262f15047caa3dfd92b9e38423dfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
Origin: https://icleancovid19.com

Response headers

date: Tue, 19 May 2020 23:29:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:33 GMT
server: sffe
age: 857041
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14436
x-xss-protection: 0
expires: Wed, 19 May 2021 23:29:56 GMT

POST
H2 200 admin-ajax.php Show response
icleancovid19.com/wp-admin/ 0
439 B 1933ms
1933ms XHR
text/html 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://icleancovid19.com/wp-admin/admin-ajax.php

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/wp-content/cache/autoptimize/js/autoptimize_9fdbe2d913d425dff470a58a3e66eb6f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 May 2020 21:33:58 GMT
x-content-type-options: nosniff, nosniff
status: 200
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://icleancovid19.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1067307571&t=pageview&_s=1&dl=https%3A%2F%2Ficleancovid19.com%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20cleaning%20Services%20%26%20Disinfecting%20%7C%20icleancovid19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=2099389948&gjid=1068492026&cid=336854014.1590788037&tid=UA-164563491-1&_gid=844817466.1590788037&z=679134285

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 May 2020 04:35:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 925086
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
99 B 17ms
16ms Image
image/gif 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-164563491-1&cid=336854014.1590788037&jid=2099389948&gjid=1068492026&_gid=844817466.1590788037&_u=YGBAgUABC~&z=496735934

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 May 2020 21:33:57 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 42 KB
11 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.18

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 10701
x-xss-protection: 0
pragma: public
x-fb-debug: sB6Umq6pHt/LgqLpF8SpiiJ7Zud13LemM7ib94EviO/VjyaVmP0MoCWkT1cPTb009Yq7DVu7S6XMX/P+bIPy5A==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 29 May 2020 21:33:57 GMT, Fri, 29 May 2020 21:33:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2526549454324128 Show response
connect.facebook.net/signals/config/ 516 KB
130 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2526549454324128?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7aeda864e80676f89ec2be831e7f8b8237e7200fb1267bf85ea259fba8f4a956

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: haYZiDi6j9/42dRhjC6n3bud8fSSH8OlWBWGPllbByRnXhYFPTm6BO1CmAr90hr5yeJKHGrWbbxTPTMd9b161w==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 29 May 2020 21:33:57 GMT, Fri, 29 May 2020 21:33:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
361 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2526549454324128&ev=PageView&dl=https%3A%2F%2Ficleancovid19.com%2F&rl=&if=false&ts=1590788037346&sw=1600&sh=1200&v=2.9.18&r=stable&a=wordpress-5.4.1-2.0.2&ec=0&o=30&fbp=fb.1.1590788037345.412631939&it=1590788037242&coo=false&rqm=GET

Requested by

Host: icleancovid19.com
URL: https://icleancovid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 May 2020 21:33:57 GMT, Fri, 29 May 2020 21:33:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 29 May 2020 21:33:57 GMT

GET
H2 200 ga
www.yelp.com/embed/ Frame 94C4 0
0 184ms
184ms Document
text/html 151.101.112.116
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yelp.com/embed/ga

Requested by

Host: s3-media1.fl.yelpcdn.com
URL: https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.116 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.yelp.com/csp_block?id=3ccd76a7f8cccccc&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://.yelpcdn.com https://.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://.yelp.com https://.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://www.yelp.com/xss_protection_report

Request headers

:method: GET
:authority: www.yelp.com
:scheme: https
:path: /embed/ga
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://icleancovid19.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: bse=dd8812910c73471f8da990e6c0733185; hl=en_US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://icleancovid19.com/

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, no-transform
pragma: no-cache
set-cookie: pid=; Domain=.yelp.com; Max-Age=0; Path=/; expires=Wed, 31-Dec-97 23:59:59 GMT wdi=1|4FF9BA86676DD593|0x1.7b45ff15afa7bp+30|b7720bb661f2f762; Domain=.yelp.com; Path=/; Max-Age=630720000; Expires=Thu, 24 May 2040 21:33:57 GMT; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 May 2020 21:33:57 GMT
x-node: www_all 10-65-135-214-useast1bprod-54a2fbc2-a1c8-11ea-8b65-4e6fc2ed4
content-security-policy: report-uri https://www.yelp.com/csp_block?id=3ccd76a7f8cccccc&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
x-b3-sampled: 0
x-xss-protection: 1; report=https://www.yelp.com/xss_protection_report
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www.yelp.com/csp_report_only?id=3ccd76a7f8cccccc&page=full_site_ssl_csp_report_directives&policy_hash=b2ccf9e11dc27afc890ea17e5125d0aa&site=www&timestamp=1590788037; default-src https:; img-src https: data: https://*.adsrvr.org; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; connect-src https:; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src https: yelp-webview://* yelp://* data:; child-src https: yelp-webview://* yelp://*; media-src https:; object-src 'self'; worker-src blob: https:; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; form-action https: 'self'
x-zipkin-id: 83afec908b3898ac
x-routing-service: 10-65-160-161-useast1bprod; site=www
referrer-policy: origin-when-cross-origin
x-mode: ro
x-proxied: 10-65-90-221-useast1aprod
content-encoding: gzip
accept-ranges: bytes bytes
age: 0 0
date: Fri, 29 May 2020 21:33:57 GMT
via: 1.1 varnish
x-served-by: cache-hhn4053-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1590788037.375490,VS0,VE163
vary: User-Agent, Accept-Encoding

GET
H2 200 mjiQUmbYT4dBt0zzcwxj3A
www.yelp.com/embed/review/ Frame 5213 0
0 362ms
361ms Document
text/html 151.101.112.116
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yelp.com/embed/review/mjiQUmbYT4dBt0zzcwxj3A?embed_location=icleancovid19.com

Requested by

Host: s3-media1.fl.yelpcdn.com
URL: https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.116 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.yelp.com/csp_block?id=cefa381a6d5c2998&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://.yelpcdn.com https://.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://.yelp.com https://.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://www.yelp.com/xss_protection_report

Request headers

:method: GET
:authority: www.yelp.com
:scheme: https
:path: /embed/review/mjiQUmbYT4dBt0zzcwxj3A?embed_location=icleancovid19.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://icleancovid19.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: bse=dd8812910c73471f8da990e6c0733185; hl=en_US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://icleancovid19.com/

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, no-transform
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 May 2020 21:33:57 GMT
x-node: www_all 10-65-112-121-useast1aprod-68004b89-a1ba-11ea-8b65-4e6fc2ed4
content-security-policy: report-uri https://www.yelp.com/csp_block?id=cefa381a6d5c2998&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
x-b3-sampled: 0
x-xss-protection: 1; report=https://www.yelp.com/xss_protection_report
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www.yelp.com/csp_report_only?id=cefa381a6d5c2998&page=full_site_ssl_csp_report_directives&policy_hash=b2ccf9e11dc27afc890ea17e5125d0aa&site=www&timestamp=1590788037; default-src https:; img-src https: data: https://*.adsrvr.org; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; connect-src https:; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src https: yelp-webview://* yelp://* data:; child-src https: yelp-webview://* yelp://*; media-src https:; object-src 'self'; worker-src blob: https:; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; form-action https: 'self'
x-zipkin-id: 688ee0af2f68803f
x-routing-service: 10-65-77-149-useast1aprod; site=www
referrer-policy: origin-when-cross-origin
x-mode: ro
x-proxied: 10-65-126-124-useast1aprod
content-encoding: gzip
accept-ranges: bytes
date: Fri, 29 May 2020 21:33:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4053-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1590788037.377916,VS0,VE341
vary: User-Agent, Accept-Encoding
content-length: 2461

GET
H2 200 sNoOUjfpvG77ZlxADyfT7g
www.yelp.com/embed/review/ Frame 5CF6 0
0 366ms
366ms Document
text/html 151.101.112.116
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yelp.com/embed/review/sNoOUjfpvG77ZlxADyfT7g?embed_location=icleancovid19.com

Requested by

Host: s3-media1.fl.yelpcdn.com
URL: https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.116 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.yelp.com/csp_block?id=7e6726f01a694716&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://.yelpcdn.com https://.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://.yelp.com https://.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://www.yelp.com/xss_protection_report

Request headers

:method: GET
:authority: www.yelp.com
:scheme: https
:path: /embed/review/sNoOUjfpvG77ZlxADyfT7g?embed_location=icleancovid19.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://icleancovid19.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: bse=dd8812910c73471f8da990e6c0733185; hl=en_US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://icleancovid19.com/

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, no-transform
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 May 2020 21:33:57 GMT
x-node: www_all 10-65-160-161-useast1bprod-ceaece18-a1bb-11ea-8b65-4e6fc2ed4
content-security-policy: report-uri https://www.yelp.com/csp_block?id=7e6726f01a694716&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
x-b3-sampled: 0
x-xss-protection: 1; report=https://www.yelp.com/xss_protection_report
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www.yelp.com/csp_report_only?id=7e6726f01a694716&page=full_site_ssl_csp_report_directives&policy_hash=b2ccf9e11dc27afc890ea17e5125d0aa&site=www&timestamp=1590788037; default-src https:; img-src https: data: https://*.adsrvr.org; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; connect-src https:; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src https: yelp-webview://* yelp://* data:; child-src https: yelp-webview://* yelp://*; media-src https:; object-src 'self'; worker-src blob: https:; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; form-action https: 'self'
x-zipkin-id: 185bb327a1214f51
x-routing-service: 10-65-86-6-useast1aprod; site=www
referrer-policy: origin-when-cross-origin
x-mode: ro
x-proxied: 10-65-126-124-useast1aprod
content-encoding: gzip
accept-ranges: bytes
date: Fri, 29 May 2020 21:33:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4053-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1590788037.378405,VS0,VE346
vary: User-Agent, Accept-Encoding
content-length: 2524

GET
H2 200 xXmkTA-6Sxlk8jdqL4Ba8A
www.yelp.com/embed/review/ Frame DB98 0
0 358ms
357ms Document
text/html 151.101.112.116
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yelp.com/embed/review/xXmkTA-6Sxlk8jdqL4Ba8A?embed_location=icleancovid19.com

Requested by

Host: s3-media1.fl.yelpcdn.com
URL: https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.116 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.yelp.com/csp_block?id=b6207e0f4570ee1d&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://.yelpcdn.com https://.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://.yelp.com https://.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://www.yelp.com/xss_protection_report

Request headers

:method: GET
:authority: www.yelp.com
:scheme: https
:path: /embed/review/xXmkTA-6Sxlk8jdqL4Ba8A?embed_location=icleancovid19.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://icleancovid19.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: bse=dd8812910c73471f8da990e6c0733185; hl=en_US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://icleancovid19.com/

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, no-transform
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 May 2020 21:33:57 GMT
x-node: www_all 10-65-70-38-useast1aprod-c31da604-a1c9-11ea-8b65-4e6fc2ed439
content-security-policy: report-uri https://www.yelp.com/csp_block?id=b6207e0f4570ee1d&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
x-b3-sampled: 0
x-xss-protection: 1; report=https://www.yelp.com/xss_protection_report
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www.yelp.com/csp_report_only?id=b6207e0f4570ee1d&page=full_site_ssl_csp_report_directives&policy_hash=b2ccf9e11dc27afc890ea17e5125d0aa&site=www&timestamp=1590788037; default-src https:; img-src https: data: https://*.adsrvr.org; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; connect-src https:; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src https: yelp-webview://* yelp://* data:; child-src https: yelp-webview://* yelp://*; media-src https:; object-src 'self'; worker-src blob: https:; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; form-action https: 'self'
x-zipkin-id: da40b1d84ecd681c
x-routing-service: 10-65-160-161-useast1bprod; site=www
referrer-policy: origin-when-cross-origin
x-mode: ro
x-proxied: 10-65-167-150-useast1bprod
content-encoding: gzip
accept-ranges: bytes
date: Fri, 29 May 2020 21:33:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4053-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1590788037.379383,VS0,VE337
vary: User-Agent, Accept-Encoding
content-length: 2455

GET
H2 200 3VEYLQ2JmAZlLZML043zrA
www.yelp.com/embed/review/ Frame E3A3 0
0 295ms
294ms Document
text/html 151.101.112.116
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yelp.com/embed/review/3VEYLQ2JmAZlLZML043zrA?embed_location=icleancovid19.com

Requested by

Host: s3-media1.fl.yelpcdn.com
URL: https://s3-media1.fl.yelpcdn.com/assets/srv0/embedded_review_pages/0c5ef0f8fd44/assets/vendor/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.116 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.yelp.com/csp_block?id=edb985e35c487c2d&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://.yelpcdn.com https://.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://.yelp.com https://.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://www.yelp.com/xss_protection_report

Request headers

:method: GET
:authority: www.yelp.com
:scheme: https
:path: /embed/review/3VEYLQ2JmAZlLZML043zrA?embed_location=icleancovid19.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://icleancovid19.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: bse=dd8812910c73471f8da990e6c0733185; hl=en_US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://icleancovid19.com/

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, no-cache, no-store, private, no-transform
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 29 May 2020 21:33:57 GMT
x-node: www_all 10-65-82-42-useast1aprod-695e1632-a12f-11ea-8b65-4e6fc2ed439
content-security-policy: report-uri https://www.yelp.com/csp_block?id=edb985e35c487c2d&page=enforced_by_default_directives&policy_hash=7b6f2d6630868fdb2698dac44731677c&site=www&timestamp=1590788037; object-src 'self'; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com
x-b3-sampled: 0
x-xss-protection: 1; report=https://www.yelp.com/xss_protection_report
x-content-type-options: nosniff
content-security-policy-report-only: report-uri https://www.yelp.com/csp_report_only?id=edb985e35c487c2d&page=full_site_ssl_csp_report_directives&policy_hash=b2ccf9e11dc27afc890ea17e5125d0aa&site=www&timestamp=1590788037; default-src https:; img-src https: data: https://*.adsrvr.org; script-src https: data: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline' data:; connect-src https:; font-src data: 'self' https://*.yelp.com https://*.yelpcdn.com https://fonts.gstatic.com https://connect.facebook.net https://cdnjs.cloudflare.com https://apis.google.com https://www.google-analytics.com https://use.typekit.net https://player.ooyala.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src https: yelp-webview://* yelp://* data:; child-src https: yelp-webview://* yelp://*; media-src https:; object-src 'self'; worker-src blob: https:; base-uri 'self' https://*.yelpcdn.com https://*.adsrvr.org https://6372968.fls.doubleclick.net; form-action https: 'self'
x-zipkin-id: 8325f31530417f56
x-routing-service: 10-65-160-161-useast1bprod; site=www
referrer-policy: origin-when-cross-origin
x-mode: ro
x-proxied: 10-65-91-215-useast1aprod
content-encoding: gzip
accept-ranges: bytes
date: Fri, 29 May 2020 21:33:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4053-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1590788037.381936,VS0,VE272
vary: User-Agent, Accept-Encoding
content-length: 2437

POST
H2 200 /
www.facebook.com/tr/ 0
84 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://icleancovid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFWymtipg268yMCAU

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 29 May 2020 21:33:57 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://icleancovid19.com
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yelp.com/	1970-01-19 09:53:08	Name: _gat Value: 1
.icleancovid19.com/	1970-01-19 09:53:08	Name: _gat Value: 1
.youtube.com/	1970-01-19 09:53:09	Name: GPS Value: 1
.icleancovid19.com/	1970-01-19 12:02:44	Name: _fbp Value: fb.1.1590788037345.412631939
.youtube.com/	1970-01-19 14:12:20	Name: VISITOR_INFO1_LIVE Value: gYx5UYE6nZg
.yelp.com/	1970-01-20 03:24:20	Name: _ga Value: GA1.2.428002101.1590788038
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: bVD3njZdUA8
.icleancovid19.com/	1970-01-19 09:54:34	Name: _gid Value: GA1.2.844817466.1590788037
.yelp.com/	1970-01-19 09:54:34	Name: _gid Value: GA1.2.1728737513.1590788038
.yelp.com/	1970-01-26 17:05:08	Name: hl Value: en_US
.yelp.com/	1969-12-31 23:59:59	Name: bse Value: dd8812910c73471f8da990e6c0733185
.icleancovid19.com/	1970-01-20 03:24:20	Name: _ga Value: GA1.2.336854014.1590788037

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.shortpixel.ai
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
icleancovid19.com
s3-media1.fl.yelpcdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.yelp.com
www.youtube.com
151.101.112.116
151.101.114.2
151.139.128.11
192.124.249.8
2a00:1450:4001:801::200e
2a00:1450:4001:802::200e
2a00:1450:4001:815::200a
2a00:1450:4001:81b::2003
2a00:1450:400c:c03::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0590cb9c08f714372794eb08e5924ff437993c87378c2c5ebc00c5c883d38a90
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a5db60f37f22e0e7a74c885d242cd0ec4fe02d6d7a0f14cf5aab245637a5e1
1a379d28db38769a274496e2c9037a3d58f71a269d3c339597c7712dbfb46def
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fd8ff579992d9d5963dd0c13606aeef206902ca88eced133dee6939a8360384
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
31bd24a29623f71d0025480a1dcb727a292239963b61e5cca9e1da2e4d71c573
335d12a1886c2b3b63f7d87dbbdf633a1ef65e7e9f032b9060b147871586585c
3fef3e41c93feb1a65aea1d563b9aad5c91488405d14de4c5cad7c85ef0ef4e8
47e4af0784e1a26a5961a085f84759c573a214e2b5839fd985d5306c94a810da
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
50e5a426880971d6aa79f2c08756aa0a409d1edeff927782540bd5bf21ee4eeb
75bac41f9892f4fadbd7355e6d863f2d74262f15047caa3dfd92b9e38423dfd6
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7aeda864e80676f89ec2be831e7f8b8237e7200fb1267bf85ea259fba8f4a956
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
98a771d2e8f744f6ddbd4e8799325fd738ccde733425526659728b70a9b68fdf
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
ad6db43eceb0b9f473fa656f54ec2dc468eb94950ff9b11fdd0a62740d315554
ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0
b48d54e73aa8779b71794a030cca53a4f670759c47cc95b60daa94f1d36bf997
ba59d797d8ca923cbf699915df0602adb3d57ec05da2207b8df614b2e07a1e33
d2736cb5d0c6c12a224f7b40a1950b98208423f0fc048ceb11ec616e5e363c2d
d2be7803ce22ea4563d3577bf0d5bfa8de3e85a754cf233a65b8cd34a156807c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f707ac905bc601e7c615efef3341229528ef740fdea765fc4c98eec658670856

icleancovid19.com Open in urlscan Pro 192.124.249.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

64 %IPv6

11 Domains

11 Subdomains

11 IPs

4 Countries

775 kBTransfer

2155 kBSize

12 Cookies

6 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

icleancovid19.com Open in urlscan Pro
192.124.249.8 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

11
IPs

4
Countries

775 kB
Transfer

2155 kB
Size

12
Cookies

38 HTTP transactions
0 data transactions