gellerreport.com Open in urlscan Pro
192.124.249.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pamelageller.com/
Effective URL:
https://gellerreport.com/
Submission Tags: tranco_l324
Submission: On November 18 via api (November 18th 2021, 3:25:50 am UTC) from DE — Scanned from DE

Summary HTTP 26 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main IP is 192.124.249.17, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is gellerreport.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 13th 2021. Valid for: a year.

This is the only time gellerreport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	192.124.249.162 192.124.249.162	30148 (SUCURI-SEC) (SUCURI-SEC)
1	192.124.249.17 192.124.249.17	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
16	2607:f7c0:880... 2607:f7c0:8804::a	36444 (NEXCESS-NET) (NEXCESS-NET)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	192.190.220.34 192.190.220.34	32244 (LIQUIDWEB) (LIQUIDWEB)
26	7

2 192.124.249.162 (Menifee, United States) 2 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10162.sucuri.net

pamelageller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.17 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10017.sucuri.net

gellerreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f7c0:8804::a (United States)

ASN36444 (NEXCESS-NET, US)

eadn-wc02-4988931.nxedge.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.190.220.34 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: cloudhost-3569556.us-midwest-2.nxcli.net

b1ff5939f6.nxcli.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	nxedge.io eadn-wc02-4988931.nxedge.io	564 KB
4	nxcli.net b1ff5939f6.nxcli.net	272 KB
2	gstatic.com fonts.gstatic.com	65 KB
2	paypalobjects.com www.paypalobjects.com	4 KB
2	pamelageller.com 2 redirects pamelageller.com	747 B
1	googleapis.com fonts.googleapis.com	1 KB
1	gellerreport.com gellerreport.com	25 KB
26	7

	Domain	Requested by
16	eadn-wc02-4988931.nxedge.io	gellerreport.com
4	b1ff5939f6.nxcli.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.paypalobjects.com	gellerreport.com
2	pamelageller.com	2 redirects
1	fonts.googleapis.com	gellerreport.com
1	gellerreport.com
26	7

This site contains links to these domains. Also see Links.

Domain
www.feedblitz.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.paypal.com
b1ff5939f6.nxcli.net
www.amazon.com
gettr.com
www.whatfinger.com
www.commentarymagazine.com
afdi.us
superstore.wnd.com
www.storenvy.com

Subject Issuer	Validity	Valid
gellerreport.com Go Daddy Secure Certificate Authority - G2	`2021-04-13` - `2022-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
nexcesscdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-11-02` - `2022-03-15`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
b1ff5939f6.nxcli.net R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gellerreport.com/
Frame ID: 257DA285E654F03B95850FFCD465DA41
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Geller Report – Covering the news the media won't cover.

Page URL History Show full URLs

http://pamelageller.com/ HTTP 301
https://pamelageller.com/ HTTP 301
https://gellerreport.com/ Page URL

Page Statistics

26
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

932 kB
Transfer

1372 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://www.feedblitz.com/f/f.fbz?Sub=26412
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pamelageller

Search URL Search Domain Scan URL

URL: https://twitter.com/pamelageller

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/atlasshrugs2000

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pamelageller/

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=TV7ES3BWSZTLL
Title: Donate

Search URL Search Domain Scan URL

URL: http://b1ff5939f6.nxcli.net/category/atlas-articles/
Title: Articles

Search URL Search Domain Scan URL

URL: http://b1ff5939f6.nxcli.net/category/atlas-tv/
Title: Press

Search URL Search Domain Scan URL

URL: http://www.amazon.com/Pamela-Geller/e/B003815P0S/ref=sr_tc_2_0?qid=1387911392&sr=1-2-ent
Title: Books

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/atlasshrugs2000/videos
Title: Video

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=YUV8T94GKVWNN
Title: Donate Today

Search URL Search Domain Scan URL

URL: https://gettr.com/user/pamelageller
Title: <img class="aligncenter size-full wp-image-205669" src="http://b1ff5939f6.nxcli.net/wp-content/uploads/2021/07/Screen-Shot-2021-07-12-at-9.47.08-AM.png" alt="" width="582" height="106" />

Search URL Search Domain Scan URL

URL: http://www.whatfinger.com/
Title: <img style='width: 100%;' src='http://b1ff5939f6.nxcli.net/wp-content/uploads/2019/05/Whatfinger250x2505.jpg' alt='Ad' />

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Cant-We-Talk-About-This/dp/B078YD5KNS
Title: <img style='width: 100%;' src='http://b1ff5939f6.nxcli.net/wp-content/uploads/2020/09/cwtat-1-225x300.jpg' alt='Ad' />

Search URL Search Domain Scan URL

URL: https://www.commentarymagazine.com/politics-ideas/pamela-geller-threat-free-speech/
Title: <img src='http://b1ff5939f6.nxcli.net/wp-content/uploads/2020/09/commentary-1-216x300.jpg' alt='Ad' />

Search URL Search Domain Scan URL

URL: http://afdi.us/
Title: <img class="aligncenter size-full wp-image-144177" src="http://b1ff5939f6.nxcli.net/wp-content/uploads/2019/05/afdi-logo.jpg" alt="" width="227" height="222" />

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B078YD5KNS/ref=sr_1_1_dvt_1_wnzw_btn?s=instant-video&ie=UTF8&qid=1515711481&sr=1-1&keywords=can%27t+we+talk&autoplay=1
Title: <img width="150" height="200" src="https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/img/samples/cantwetalkabouthis.jpg" alt="" class="book-img">

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/1947979000/ref=sr_1_fkmr0_1?ie=UTF8&qid=1506028280&sr=8-1-fkmr0&keywords=fatwa+haunted+in+america
Title: <img width="345" height="499" src="https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/img/samples/fatwa-hunted-in-america.jpg" alt="" class="book-img">

Search URL Search Domain Scan URL

URL: http://superstore.wnd.com/books/Stop-the-Islamization-of-America-A-Practical-Guide-To-The-Resistance-Autographed-Hardcover
Title: <img width="190" height="284" src="https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/img/samples/stoptheislamizationofamerica.jpg" alt="" class="book-img">

Search URL Search Domain Scan URL

URL: http://www.amazon.com/Post-American-Presidency-Obama-Administrations-America-ebook/dp/B003LL2YOU/ref=tmm_kin_swatch_0?_encoding=UTF8&sr=&qid=
Title: <img width="260" height="343" src="https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/img/samples/pap-book.jpeg" alt="" class="book-img">

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Ground-Zero-Mosque-Second-Attacks/dp/B00563TR82/ref=sr_1_1?keywords=ground+zero+mosque&qid=1557940890&s=instant-video&sr=1-1-catcorr
Title: <img width="362" height="500" src="https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/img/samples/ground-zero-mosque.jpg" alt="" class="book-img">

Search URL Search Domain Scan URL

URL: http://www.storenvy.com/stores/121860-atlas-stuff
Title: Store

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pamelageller.com/ HTTP 301
https://pamelageller.com/ HTTP 301
https://gellerreport.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gellerreport.com/
Redirect Chain

http://pamelageller.com/
https://pamelageller.com/
https://gellerreport.com/

122 KB
25 KB

518ms
485ms

Document
text/html

192.124.249.17
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.17 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10017.sucuri.net

Software

nginx /

Resource Hash

b0bf99866059dc1548be99cceded1ef29ae90bef670e00fcdafdea7992c350ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Thu, 18 Nov 2021 03:25:44 GMT
content-type: text/html; charset=UTF-8
content-length: 25391
x-sucuri-id: 15017
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Thu, 18 Nov 2021 03:04:28 GMT
cache-control: max-age=0
expires: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: gzip
x-cache-nxaccel: BYPASS
accept-ranges: bytes
x-sucuri-cache: MISS

Redirect headers

server: nginx
date: Thu, 18 Nov 2021 03:25:43 GMT
content-type: text/html; charset=UTF-8
location: https://gellerreport.com/
x-sucuri-id: 22012
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 18 Nov 2021 04:25:44 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
x-redirect-agent: redirection
x-lw-cache: MISS
x-sucuri-cache: EXPIRED

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%20Condensed%3A700%7CRaleway%3A800&display=swap

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f58ffbffa7185342e37ba059fa297be034cfbd0f16b71441c0207a8c38fa900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 03:25:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 18 Nov 2021 03:25:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Nov 2021 03:25:44 GMT

GET
H2 200 style.min.css
eadn-wc02-4988931.nxedge.io/cdn/wp-includes/css/dist/block-library/ 79 KB
10 KB 85ms
14ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-nocache: 1
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.920-2a01:4f8:212:78e:31::1-303-4988931-
last-modified: Sun, 17 Oct 2021 01:00:31 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/monarch/css/ 113 KB
11 KB 85ms
14ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/monarch/css/style.css?ver=1.4.14

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: HIT
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.920-2a01:4f8:212:78e:31::1-55-4988931-
last-modified: Fri, 15 Oct 2021 16:30:53 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/dist/css/ 1 KB
477 B 86ms
15ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/dist/css/slick.css?ver=2.0.28

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

d8df77f34164e29466f34288eb6f0de05c3d8fb78372ecbee5747c001ad3c9d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: HIT
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.920-2a01:4f8:212:78e:31::1-66-4988931-
last-modified: Fri, 15 Oct 2021 16:57:11 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/dist/css/ 67 KB
11 KB 85ms
14ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/dist/css/app.css?ver=2.0.28

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

4d5877ddef204e757d3beea93f1d47d68ee83194cfab34644662441d352a9bdb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: HIT
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.920-2a01:4f8:212:78e:31::1-65-4988931-
last-modified: Fri, 15 Oct 2021 16:54:54 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modules.ttf
eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/monarch/core/admin/fonts/ 90 KB
91 KB 80ms
9ms Font
application/octet-stream 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/monarch/core/admin/fonts/modules.ttf

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gellerreport.com/
Origin: https://gellerreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
x-content-type-options: nosniff
x-edge-region: de-central-x
x-sucuri-cache: HIT
content-length: 92400
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.920-2a01:4f8:212:78e:31::1-311-4988931-
last-modified: Thu, 14 Oct 2021 15:09:30 GMT
server: Nexcess.net Edge CDN
etag: "6168482a-168f0"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/dist/css/ 960 B
561 B 13ms
13ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/dist/css/print.css?ver=2.0.28

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

c3b5fa9a441aaeac354e154c5f29b9edc09cfd207fa787166829c127ed1664b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: STALE
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.962-2a01:4f8:212:78e:31::1-66-4988931-
last-modified: Fri, 15 Oct 2021 15:49:35 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 btn_subscribeCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 3 KB
3 KB 49ms
6ms Image
image/gif 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_subscribeCC_LG.gif

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04933ef9298788901ccc7b429cb4e6d7e3d28b0bd2caf7d8665ee34371342d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=3111 idim=147x47 ifmt=gif ofsz=3111 odim=147x47 ofmt=gif
paypal-debug-id: 7d0a9fc6afb0a
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 3111
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10064-SJC, cache-fra19130-FRA
x-timer: S1637205945.000495,VS0,VE0
etag: "i6zNKTaJCWqB6fK8ESBpEI8nHVdGO1o4QfTFHhncDTo"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 1251, 2

GET
H2 200 formreset.min.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/ 4 KB
463 B 7ms
7ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.5.12

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: MISS
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.950-2a01:4f8:212:78e:31::1-70-4988931-
last-modified: Fri, 15 Oct 2021 16:18:50 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 formsmain.min.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/ 79 KB
11 KB 16ms
16ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.5.12

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

3136238ea70111f6926dad0884316cfa4aa10d047df719a4767676397187f37c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: MISS
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.953-2a01:4f8:212:78e:31::1-70-4988931-
last-modified: Fri, 15 Oct 2021 17:13:39 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 readyclass.min.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/ 30 KB
3 KB 14ms
12ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.5.12

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: MISS
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.962-2a01:4f8:212:78e:31::1-70-4988931-
last-modified: Fri, 15 Oct 2021 16:38:52 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 browsers.min.css
eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/ 8 KB
1 KB 14ms
12ms Stylesheet
text/css 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.5.12

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: MISS
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.962-2a01:4f8:212:78e:31::1-69-4988931-
last-modified: Fri, 15 Oct 2021 16:08:02 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
eadn-wc02-4988931.nxedge.io/cdn/wp-includes/js/ 1 KB
777 B 12ms
11ms Script
application/javascript 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-includes/js/wp-embed.min.js?ver=5.8.2

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-nocache: 1
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.962-2a01:4f8:212:78e:31::1-59-4988931-
last-modified: Sun, 17 Oct 2021 01:00:31 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazyload.min.js Show response
eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 13ms
12ms Script
application/javascript 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: gellerreport.com
URL: https://gellerreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: HIT
x-sucuri-cache: HIT
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205944.962-2a01:4f8:212:78e:31::1-68-4988931-
last-modified: Thu, 14 Oct 2021 20:01:28 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16fc43a830d5724df3ed1ff79d31c0414fcec3c15c09a924c6bf5abbfa8764e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cf7b20d5a27035f974e4f00cfe403d5b367b24a5b27d9690862fc60da41e671

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ba40163172d29638b581cac6630b59d262f6514fb6f4a1571cd2ee4b4439dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a669d157e322e700ac4ce3528b0a5b605b92e2435221cafa1f4958cd4d0d69e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8ef52bdb0478f99437a8d45ba7efc70d3be1f837aa63c497af2fee531e61690

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36c35d66de1e4dbccb12dd6f2e7c25a9021cd2981157730e63925f3f4a4b6033

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d27bbe6736526fd307037122489ba95db85255398396d3dab31a874cdc51a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74e53cd4daf805f5b294b961dc0e6209c9106e43dab37a40f5a4b0d84caf354b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26eb60e494bb9605fbb3146e2a686a0ff926882408b71af79031e0c949c52355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec47f63914c933e53b54d2a51635ffd8215c7ef53b11b821dcd1489ae5f13b84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d3e7f50c2509ed8729646d48bf2736d360d03cae1b6337ebc71d9649dd2d517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%20Condensed%3A700%7CRaleway%3A800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gellerreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 480823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:52:02 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ 21 KB
21 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%20Condensed%3A700%7CRaleway%3A800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gellerreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:51:13 GMT
x-content-type-options: nosniff
age: 480872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21344
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:39:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:51:13 GMT

GET
H2 200 logo.png
eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/img/ 64 KB
64 KB 9ms
7ms Image
image/png 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/themes/pamela-geller/assets/img/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

af5a5d04c5bf8f19a539cbcc4d4e24fbd07785c0b1d02a22a53817aa8172f640

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
x-content-type-options: nosniff
x-edge-region: de-central-x
x-sucuri-cache: HIT
content-length: 65640
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205945.085-2a01:4f8:212:78e:31::1-111-4988931-
last-modified: Thu, 14 Oct 2021 15:09:33 GMT
server: Nexcess.net Edge CDN
etag: "6168482d-10068"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screen-Shot-2021-11-17-at-3.23.04-PM-400x267.png
eadn-wc02-4988931.nxedge.io/cdn/wp-content/uploads/2021/11/ 183 KB
184 KB 9ms
7ms Image
image/png 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/uploads/2021/11/Screen-Shot-2021-11-17-at-3.23.04-PM-400x267.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

ba2d927af1f1d4d3427b46f4b15e78d384b75f3f5025ce006bf48832f1f32168

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: STALE
x-sucuri-cache: MISS
content-length: 187613
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205945.086-2a01:4f8:212:78e:31::1-72-4988931-
last-modified: Wed, 17 Nov 2021 20:23:31 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screen-Shot-2021-11-17-at-2.34.02-PM-400x267.png
eadn-wc02-4988931.nxedge.io/cdn/wp-content/uploads/2021/11/ 149 KB
149 KB 9ms
7ms Image
image/png 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/uploads/2021/11/Screen-Shot-2021-11-17-at-2.34.02-PM-400x267.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

b43aece974b5b52fb4b370284b32ade8bc7eddc32f87a2459484bcbc922d823a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 152315
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205945.086-2a01:4f8:212:78e:31::1-72-4988931-
last-modified: Wed, 17 Nov 2021 19:43:35 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shutterstock_1928466551-400x267.jpg
eadn-wc02-4988931.nxedge.io/cdn/wp-content/uploads/2021/11/ 24 KB
24 KB 9ms
7ms Image
image/jpeg 2607:f7c0:8804::a
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/uploads/2021/11/shutterstock_1928466551-400x267.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f7c0:8804::a , United States, ASN36444 (NEXCESS-NET, US),

Reverse DNS

Software

Nexcess.net Edge CDN /

Resource Hash

a17494a4184c83a6116aec82792ef397bd58b9f1279fa599bc9bf515d634cc58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
x-content-type-options: nosniff
x-edge-region: de-central-x
x-cache-nxaccel: STALE
x-sucuri-cache: MISS
content-length: 24504
x-xss-protection: 1; mode=block
x-request-id: req-23016-1637205945.086-2a01:4f8:212:78e:31::1-63-4988931-
last-modified: Wed, 17 Nov 2021 16:03:45 GMT
server: Nexcess.net Edge CDN
x-frame-options: SAMEORIGIN
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-edge: HIT
cache-control: max-age=315360000
x-sucuri-id: 15017
content-security-policy: upgrade-insecure-requests;
x-edge-server: eadn-wc01-fra
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screen-Shot-2021-03-09-at-4.58.46-PM-800x271.png
b1ff5939f6.nxcli.net/wp-content/uploads/2021/03/ 174 KB
174 KB 391ms
123ms Image
image/png 192.190.220.34
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1ff5939f6.nxcli.net/wp-content/uploads/2021/03/Screen-Shot-2021-03-09-at-4.58.46-PM-800x271.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.190.220.34 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-3569556.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 8367c4abeff7b034526bfb8dce3cf60627530e1f4d4710620497f311c42f2cf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
last-modified: Fri, 15 Oct 2021 17:14:15 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-cache-nxaccel: STALE
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 178111
expires: Thu, 17 Mar 2022 09:48:44 GMT

GET
H2 200 Screen-Shot-2021-07-12-at-9.47.08-AM.png
b1ff5939f6.nxcli.net/wp-content/uploads/2021/07/ 22 KB
22 KB 391ms
123ms Image
image/png 192.190.220.34
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1ff5939f6.nxcli.net/wp-content/uploads/2021/07/Screen-Shot-2021-07-12-at-9.47.08-AM.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.190.220.34 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-3569556.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: c363232e79723f837d26f090f1f59a279253c212936e6d1b2a2acfad36690dd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
last-modified: Fri, 15 Oct 2021 16:12:31 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-cache-nxaccel: HIT
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 22193
expires: Mon, 14 Mar 2022 06:36:48 GMT

GET
H2 200 Whatfinger250x2505.jpg
b1ff5939f6.nxcli.net/wp-content/uploads/2019/05/ 41 KB
41 KB 391ms
123ms Image
image/jpeg 192.190.220.34
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1ff5939f6.nxcli.net/wp-content/uploads/2019/05/Whatfinger250x2505.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.190.220.34 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-3569556.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: af61c5029600f16857e28ffa85a7388a9e0c442e765328412606afbf173b7eb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
last-modified: Fri, 15 Oct 2021 16:34:44 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-cache-nxaccel: STALE
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 41782
expires: Thu, 17 Mar 2022 11:45:43 GMT

GET
H2 200 cwtat-1-225x300.jpg
b1ff5939f6.nxcli.net/wp-content/uploads/2020/09/ 35 KB
35 KB 391ms
123ms Image
image/jpeg 192.190.220.34
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1ff5939f6.nxcli.net/wp-content/uploads/2020/09/cwtat-1-225x300.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.190.220.34 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: cloudhost-3569556.us-midwest-2.nxcli.net
Software: nginx /
Resource Hash: 22aa90a9bd187cc596486ee14929e41fe3af0f7bfc369313744da60173d48488

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
last-modified: Fri, 15 Oct 2021 16:32:02 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-cache-nxaccel: STALE
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 35845
expires: Thu, 17 Mar 2022 13:39:51 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
232 B 7ms
6ms Image
image/gif 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gellerreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 03:25:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 3b332fe3ea371
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10058-SJC, cache-fra19130-FRA
x-timer: S1637205945.085334,VS0,VE0
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 14613, 2

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://gellerreport.com/ Message: The resource https://eadn-wc02-4988931.nxedge.io/cdn/wp-content/plugins/monarch/core/admin/fonts/modules.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b1ff5939f6.nxcli.net
eadn-wc02-4988931.nxedge.io
fonts.googleapis.com
fonts.gstatic.com
gellerreport.com
pamelageller.com
www.paypalobjects.com
151.101.130.133
192.124.249.162
192.124.249.17
192.190.220.34
2607:f7c0:8804::a
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
04933ef9298788901ccc7b429cb4e6d7e3d28b0bd2caf7d8665ee34371342d98
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0d3e7f50c2509ed8729646d48bf2736d360d03cae1b6337ebc71d9649dd2d517
16fc43a830d5724df3ed1ff79d31c0414fcec3c15c09a924c6bf5abbfa8764e2
1cf7b20d5a27035f974e4f00cfe403d5b367b24a5b27d9690862fc60da41e671
22aa90a9bd187cc596486ee14929e41fe3af0f7bfc369313744da60173d48488
22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329
26eb60e494bb9605fbb3146e2a686a0ff926882408b71af79031e0c949c52355
3136238ea70111f6926dad0884316cfa4aa10d047df719a4767676397187f37c
36c35d66de1e4dbccb12dd6f2e7c25a9021cd2981157730e63925f3f4a4b6033
4d5877ddef204e757d3beea93f1d47d68ee83194cfab34644662441d352a9bdb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6d27bbe6736526fd307037122489ba95db85255398396d3dab31a874cdc51a46
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f58ffbffa7185342e37ba059fa297be034cfbd0f16b71441c0207a8c38fa900
74e53cd4daf805f5b294b961dc0e6209c9106e43dab37a40f5a4b0d84caf354b
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
8367c4abeff7b034526bfb8dce3cf60627530e1f4d4710620497f311c42f2cf5
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
99ba40163172d29638b581cac6630b59d262f6514fb6f4a1571cd2ee4b4439dd
a17494a4184c83a6116aec82792ef397bd58b9f1279fa599bc9bf515d634cc58
a669d157e322e700ac4ce3528b0a5b605b92e2435221cafa1f4958cd4d0d69e9
af5a5d04c5bf8f19a539cbcc4d4e24fbd07785c0b1d02a22a53817aa8172f640
af61c5029600f16857e28ffa85a7388a9e0c442e765328412606afbf173b7eb4
b0bf99866059dc1548be99cceded1ef29ae90bef670e00fcdafdea7992c350ce
b43aece974b5b52fb4b370284b32ade8bc7eddc32f87a2459484bcbc922d823a
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
ba2d927af1f1d4d3427b46f4b15e78d384b75f3f5025ce006bf48832f1f32168
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
c363232e79723f837d26f090f1f59a279253c212936e6d1b2a2acfad36690dd0
c3b5fa9a441aaeac354e154c5f29b9edc09cfd207fa787166829c127ed1664b5
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d8df77f34164e29466f34288eb6f0de05c3d8fb78372ecbee5747c001ad3c9d0
d8ef52bdb0478f99437a8d45ba7efc70d3be1f837aa63c497af2fee531e61690
ec47f63914c933e53b54d2a51635ffd8215c7ef53b11b821dcd1489ae5f13b84
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

gellerreport.com Open in urlscan Pro 192.124.249.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

26 Requests

100 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

932 kBTransfer

1372 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gellerreport.com Open in urlscan Pro
192.124.249.17 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

932 kB
Transfer

1372 kB
Size

0
Cookies

26 HTTP transactions
14 data transactions