www.nexium.us.org Open in urlscan Pro
2606:4700:3035::ac43:d29c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nexium.us.org/
Effective URL:
https://www.nexium.us.org/
Submission: On March 25 via automatic, source certstream-suspicious (March 25th 2023, 5:30:08 am UTC) — Scanned from US

Summary HTTP 77 Redirects Links 80 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 42 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3035::ac43:d29c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nexium.us.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2023. Valid for: a year.

This is the only time www.nexium.us.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	2606:4700:303... 2606:4700:3035::ac43:d29c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	172.67.75.146 172.67.75.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.165.217.151 46.165.217.151	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:4ed4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42::272 2a04:4e42::272	54113 (FASTLY) (FASTLY)
7	2606:4700:20:... 2606:4700:20::681a:816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.34.228.53 199.34.228.53	27647 (WEEBLY) (WEEBLY)
1	2606:4700:303... 2606:4700:3030::ac43:c272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.34.228.54 199.34.228.54	27647 (WEEBLY) (WEEBLY)
1	2606:4700:303... 2606:4700:3034::ac43:d6ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.48.179.186 216.48.179.186	132420 (E2E-NETWO...) (E2E-NETWORKS-IN 282)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2016	15169 (GOOGLE) (GOOGLE)
1	109.203.109.195 109.203.109.195	31727 (NODE4-AS) (NODE4-AS)
1	2606:4700:303... 2606:4700:3036::ac43:a69b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:b87d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:13:... 2600:141b:13:793::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.4.177 104.18.4.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:141b:13:... 2600:141b:13::172f:91d2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	173.223.56.128 173.223.56.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3036::ac43:90f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:28e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.116.119 18.164.116.119	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:310... 2606:4700:3108::ac42:28ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:220... 2600:9000:2209:f400:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::626	54113 (FASTLY) (FASTLY)
1 2	13.225.214.45 13.225.214.45	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3035::6815:594a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.76.88 18.67.76.88	16509 (AMAZON-02) (AMAZON-02)
1	159.89.42.207 159.89.42.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:303... 2606:4700:3031::6815:327	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	85.13.222.214 85.13.222.214	31708 (COREIX-UK...) (COREIX-UK-AS London)
1 1	2606:4700:303... 2606:4700:3034::6815:4692	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::ac43:aeea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:8ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
77	37

23 2606:4700:3035::ac43:d29c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nexium.us.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nexium.us.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.146 (United States)

ASN13335 (CLOUDFLARENET, US)

slotu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.165.217.151 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: opal15.opalstack.com

www.theexeterdaily.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:4ed4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.splitmusic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::272 (United States)

ASN54113 (FASTLY, US)

images-eu.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:816 (United States)

ASN13335 (CLOUDFLARENET, US)

image.winudf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.34.228.53 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-1.weebly.com

newpos109.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:c272 (United States)

ASN13335 (CLOUDFLARENET, US)

scholarlyoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.34.228.54 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-2.weebly.com

speedgood.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:d6ae (United States)

ASN13335 (CLOUDFLARENET, US)

franskahemsidan.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.48.179.186 (India)

ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN)
PTR: e2e-96-186.ssdcloudindia.net

dekhnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2016 (Nutley, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.109.195 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: wordpress6.whukhost.com

www.slots43.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a69b (United States)

ASN13335 (CLOUDFLARENET, US)

goldenislestrackclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:b87d (United States)

ASN13335 (CLOUDFLARENET, US)

aammav.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13:793::2a1 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.4.177 (None, )

ASN13335 (CLOUDFLARENET, US)

www.lokicasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::172f:91d2 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.56.128 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-128.deploy.static.akamaitechnologies.com

resources3.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:90f0 (United States)

ASN13335 (CLOUDFLARENET, US)

slotsspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28e5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.slotsup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-119.jfk50.r.cloudfront.net

mir-s3-cdn-cf.behance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28ca (United States)

ASN13335 (CLOUDFLARENET, US)

onlinecasinohex.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:f400:1:a3fa:7cc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.214.45 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-45.ewr50.r.cloudfront.net

www.pragmaticplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:594a (United States)

ASN13335 (CLOUDFLARENET, US)

dbestcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.76.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-88.iad89.r.cloudfront.net

assets.onlinepianist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.42.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.onlinecasinobluebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:327 (United States)

ASN13335 (CLOUDFLARENET, US)

www.onlinecasinosbelgie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.222.214 (Loughton, United Kingdom)

ASN31708 (COREIX-UK-AS London, Great Britain, GB)
PTR: server2902.click-profits.com

www.gamingslots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4692 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.918kisslogin.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:aeea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mega888login.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:8ab (United States)

ASN13335 (CLOUDFLARENET, US)

mega888id.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	us.org 1 redirects nexium.us.org www.nexium.us.org	376 KB
7	winudf.com image.winudf.com — Cisco Umbrella Rank: 56398	3 MB
4	gstatic.com fonts.gstatic.com	88 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	396 KB
3	ssl-images-amazon.com images-eu.ssl-images-amazon.com — Cisco Umbrella Rank: 5292 images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 789	7 MB
3	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10625	688 KB
2	pragmaticplay.com 1 redirects www.pragmaticplay.com — Cisco Umbrella Rank: 838795	1 KB
2	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1700	126 KB
2	weebly.com newpos109.weebly.com speedgood.weebly.com	877 KB
1	w.org s.w.org — Cisco Umbrella Rank: 1579	608 B
1	mega888id.app mega888id.app
1	mega888login.app 1 redirects mega888login.app	483 B
1	918kisslogin.app 1 redirects www.918kisslogin.app	520 B
1	gamingslots.com www.gamingslots.com	1 MB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	61 KB
1	onlinecasinosbelgie.com www.onlinecasinosbelgie.com	124 KB
1	onlinecasinobluebook.com www.onlinecasinobluebook.com	807 KB
1	onlinepianist.com assets.onlinepianist.com — Cisco Umbrella Rank: 283562	45 KB
1	dbestcasino.com dbestcasino.com
1	jwpsrv.com assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3576	116 KB
1	jwplatform.com 1 redirects content.jwplatform.com — Cisco Umbrella Rank: 3784	444 B
1	onlinecasinohex.ca onlinecasinohex.ca
1	behance.net mir-s3-cdn-cf.behance.net — Cisco Umbrella Rank: 21609	714 KB
1	slotsup.com www.slotsup.com	114 KB
1	slotsspot.com slotsspot.com	357 KB
1	news.com.au resources3.news.com.au	50 KB
1	lokicasino.com www.lokicasino.com	50 KB
1	mzstatic.com is2-ssl.mzstatic.com — Cisco Umbrella Rank: 1618	423 KB
1	aammav.org aammav.org	26 KB
1	goldenislestrackclub.com goldenislestrackclub.com	77 KB
1	slots43.com www.slots43.com	131 KB
1	dekhnews.com dekhnews.com — Cisco Umbrella Rank: 732587	443 KB
1	franskahemsidan.net franskahemsidan.net	65 KB
1	scholarlyoa.com scholarlyoa.com	83 KB
1	splitmusic.net www.splitmusic.net	108 KB
1	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 140	96 KB
1	theexeterdaily.co.uk www.theexeterdaily.co.uk	184 KB
1	slotu.com slotu.com	136 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
0	sopkambing2.com Failed www.sopkambing2.com Failed
0	highroadheritage.org Failed highroadheritage.org Failed
0	thegraphicstory.com Failed thegraphicstory.com Failed
77	42

	Domain	Requested by
22	www.nexium.us.org	www.nexium.us.org
7	image.winudf.com	www.nexium.us.org
4	fonts.gstatic.com	fonts.googleapis.com
3	i.ytimg.com	www.nexium.us.org
3	1.bp.blogspot.com	www.nexium.us.org
2	www.pragmaticplay.com	1 redirects www.nexium.us.org
2	i.pinimg.com	www.nexium.us.org
2	images-eu.ssl-images-amazon.com	www.nexium.us.org
1	s.w.org	www.nexium.us.org
1	mega888id.app	www.nexium.us.org
1	mega888login.app	1 redirects
1	www.918kisslogin.app	1 redirects
1	www.gamingslots.com	www.nexium.us.org
1	yt3.ggpht.com	www.nexium.us.org
1	www.onlinecasinosbelgie.com	www.nexium.us.org
1	www.onlinecasinobluebook.com	www.nexium.us.org
1	assets.onlinepianist.com	www.nexium.us.org
1	dbestcasino.com	www.nexium.us.org
1	assets-jpcust.jwpsrv.com	www.nexium.us.org
1	content.jwplatform.com	1 redirects
1	onlinecasinohex.ca	www.nexium.us.org
1	mir-s3-cdn-cf.behance.net	www.nexium.us.org
1	images-na.ssl-images-amazon.com	www.nexium.us.org
1	www.slotsup.com	www.nexium.us.org
1	slotsspot.com	www.nexium.us.org
1	resources3.news.com.au	www.nexium.us.org
1	www.lokicasino.com	www.nexium.us.org
1	is2-ssl.mzstatic.com	www.nexium.us.org
1	aammav.org	www.nexium.us.org
1	goldenislestrackclub.com	www.nexium.us.org
1	www.slots43.com	www.nexium.us.org
1	dekhnews.com	www.nexium.us.org
1	franskahemsidan.net	www.nexium.us.org
1	speedgood.weebly.com	www.nexium.us.org
1	scholarlyoa.com	www.nexium.us.org
1	newpos109.weebly.com	www.nexium.us.org
1	www.splitmusic.net	www.nexium.us.org
1	lh5.googleusercontent.com	www.nexium.us.org
1	www.theexeterdaily.co.uk	www.nexium.us.org
1	slotu.com	www.nexium.us.org
1	fonts.googleapis.com	www.nexium.us.org
1	nexium.us.org	1 redirects
0	www.sopkambing2.com Failed	www.nexium.us.org
0	highroadheritage.org Failed	www.nexium.us.org
0	thegraphicstory.com Failed	www.nexium.us.org
77	45

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
www.sprgtoronto.org
mega888.com.my
918kissthailand.app
www.abandonedireland.com
4thehorses.com
www.veterinarioincitta.it
8slot8.com
rtplivedemoslot.com
judi-bola.com
slot367.biz
therepealpledge.com
slot88gacor.com
students.washington.edu
www.starkexpo2010.com
www.danaslot.com
www.88dewi.site
www.megaa888.com
my.theopenscholar.com
demopragmatic.id
xn--slotgcor-dza.com
139.162.21.151
xn--sakutot-g1a.com
otw77.info
www.918kissmalaysia.app
ibcongress.com
jalaslot428.me
iblbet.xn--6frz82g
hoyosforcongress.com
67.225.128.252
www.xn--88dw-dpaz.com
okessayy.com
bibijon.org
138.68.166.47
cafepocacosatucson.com
biojudi.com
nortoncom-setupz.com
midbartech.com
157.230.36.101
agenslotpulsa.live
haba88.me
irisabbey.com
157.245.55.85
www.bigslot288.net
fifthfloorrestaurant.com
scuf.dev.spec.honeywell.com
139.162.45.211
rogtoto.club
165.22.55.234
agenjudislotonline.asia
redigi.com
172.104.170.226
greatnorthernlcc.org
woodlandempire.com
www.bttf.net
bandotmacau.com
ellascosmeticos.pro
918kiss.care
usgbcnj.org
www.88mega.info
www.josephcornellbox.com
www.pussy888thai.net
www.wordpot.com
my.boscuci.com
mega888update.com
www.megawin188aa.com
waclimatealliance.org
www.megaslot288aa.com
www.viiicumbreperu.org
www.mega288aa.net
www.kruinter.com
sports369.one
gacor.net
judibola.win
totohk.com
hokigacor.win
totosgp.com
naga168.win
www.nextenergy.tech
themesdna.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-25` - `2024-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.theexeterdaily.co.uk R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-19` - `2023-10-18`	a year	crt.sh
*.weebly.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-11-10`	a year	crt.sh
dekhnews.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-31` - `2023-08-31`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
slots43.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.goldenislestrackclub.com GTS CA 1P5	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.aammav.org GTS CA 1P5	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-25` - `2023-05-25`	a year	crt.sh
i2.pinimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-05-14`	10 months	crt.sh
news.com.au DigiCert TLS RSA SHA256 2020 CA1	`2023-01-15` - `2024-01-14`	a year	crt.sh
slotsup.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.behance.net Amazon RSA 2048 M01	`2023-03-01` - `2023-06-21`	4 months	crt.sh
onlinecasinohex.ca Cloudflare Inc ECC CA-3	`2022-05-20` - `2023-05-20`	a year	crt.sh
assets.onlinepianist.com Amazon RSA 2048 M02	`2023-02-24` - `2023-06-14`	4 months	crt.sh
onlinecasinobluebook.com R3	`2023-03-22` - `2023-06-20`	3 months	crt.sh
www.gamingslots.com R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.nexium.us.org/
Frame ID: 83BA91CAB3605A48489B83A070AA16F2
Requests: 77 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nexium.us.org

Page URL History Show full URLs

https://nexium.us.org/ HTTP 301
https://www.nexium.us.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

77
Requests

92 %
HTTPS

64 %
IPv6

42
Domains

45
Subdomains

37
IPs

5
Countries

18040 kB
Transfer

18643 kB
Size

0
Cookies

80 Outgoing links

These are links going to different origins than the main page.

URL: https://rebrand.ly/linkpbn
Title: LinkPBN.com

Search URL Search Domain Scan URL

URL: https://www.sprgtoronto.org/
Title: Slot online

Search URL Search Domain Scan URL

URL: https://mega888.com.my/
Title: mega888

Search URL Search Domain Scan URL

URL: https://918kissthailand.app/pussy888/
Title: สล็อตออนไลน์

Search URL Search Domain Scan URL

URL: https://www.abandonedireland.com/
Title: Slot Online

Search URL Search Domain Scan URL

URL: https://4thehorses.com/
Title: togel singapore

Search URL Search Domain Scan URL

URL: https://www.veterinarioincitta.it/
Title: agen96

Search URL Search Domain Scan URL

URL: https://8slot8.com/
Title: login slot88

Search URL Search Domain Scan URL

URL: https://rtplivedemoslot.com/
Title: rtp live

Search URL Search Domain Scan URL

URL: https://judi-bola.com/
Title: website bola terpercaya

Search URL Search Domain Scan URL

URL: https://slot367.biz/
Title: slot gacor terpercaya

Search URL Search Domain Scan URL

URL: https://therepealpledge.com/
Title: Slot88 Online

Search URL Search Domain Scan URL

URL: https://slot88gacor.com/
Title: gacor slot88

Search URL Search Domain Scan URL

URL: https://students.washington.edu/leorho/slot-online/
Title: https://students.washington.edu/leorho/slot-online/

Search URL Search Domain Scan URL

URL: https://www.starkexpo2010.com/
Title: slot online deposit pulsa tanpa potongan

Search URL Search Domain Scan URL

URL: https://www.danaslot.com/
Title: Dana slot

Search URL Search Domain Scan URL

URL: https://www.88dewi.site/
Title: dewi88

Search URL Search Domain Scan URL

URL: https://www.megaa888.com/
Title: mega888

Search URL Search Domain Scan URL

URL: https://my.theopenscholar.com/slot-deposit-pulsa/
Title: https://my.theopenscholar.com/slot-deposit-pulsa/

Search URL Search Domain Scan URL

URL: https://demopragmatic.id/
Title: RTP Live Pragmatic

Search URL Search Domain Scan URL

URL: https://xn--slotgcor-dza.com/
Title: slot gacor

Search URL Search Domain Scan URL

URL: https://139.162.21.151/slots/pragmatic
Title: https://139.162.21.151/slots/pragmatic

Search URL Search Domain Scan URL

URL: https://xn--sakutot-g1a.com/
Title: SakuToto Deposit Pulsa

Search URL Search Domain Scan URL

URL: https://otw77.info/
Title: otwslot

Search URL Search Domain Scan URL

URL: https://www.918kissmalaysia.app/mega888/
Title: mega888 register

Search URL Search Domain Scan URL

URL: https://ibcongress.com/
Title: Deposit pulsa tanpa potongan

Search URL Search Domain Scan URL

URL: https://jalaslot428.me/
Title: https://jalaslot428.me/

Search URL Search Domain Scan URL

URL: https://iblbet.xn--6frz82g/
Title: https://iblbet.xn--6frz82g/

Search URL Search Domain Scan URL

URL: https://hoyosforcongress.com/
Title: situs slot gacor 2022

Search URL Search Domain Scan URL

URL: http://67.225.128.252/
Title: join 88

Search URL Search Domain Scan URL

URL: https://www.xn--88dw-dpaz.com/
Title: https://www.xn--88dw-dpaz.com

Search URL Search Domain Scan URL

URL: https://okessayy.com/
Title: slot gacor

Search URL Search Domain Scan URL

URL: https://bibijon.org/
Title: Situs Slot Online

Search URL Search Domain Scan URL

URL: https://138.68.166.47/
Title: agen slot terpercaya

Search URL Search Domain Scan URL

URL: https://cafepocacosatucson.com/
Title: Judi slot online

Search URL Search Domain Scan URL

URL: https://biojudi.com/situs-judi/v88toto/
Title: v88toto

Search URL Search Domain Scan URL

URL: https://nortoncom-setupz.com/
Title: Slot online

Search URL Search Domain Scan URL

URL: https://midbartech.com/
Title: situs slot terpercaya

Search URL Search Domain Scan URL

URL: http://157.230.36.101/
Title: POLOTOTO

Search URL Search Domain Scan URL

URL: https://agenslotpulsa.live/
Title: agen slot

Search URL Search Domain Scan URL

URL: https://haba88.me/
Title: slot gacor

Search URL Search Domain Scan URL

URL: https://irisabbey.com/
Title: situs slot gacor

Search URL Search Domain Scan URL

URL: http://157.245.55.85/
Title: result toto macau

Search URL Search Domain Scan URL

URL: https://www.bigslot288.net/
Title: slot deposit pulsa

Search URL Search Domain Scan URL

URL: https://fifthfloorrestaurant.com/
Title: v88toto

Search URL Search Domain Scan URL

URL: https://scuf.dev.spec.honeywell.com/situs-judi-bola-terpercaya/
Title: situs bola resmi

Search URL Search Domain Scan URL

URL: https://139.162.45.211/
Title: slot cuan

Search URL Search Domain Scan URL

URL: https://rogtoto.club/
Title: bandar togel

Search URL Search Domain Scan URL

URL: https://165.22.55.234/
Title: Rajabandot

Search URL Search Domain Scan URL

URL: https://agenjudislotonline.asia/
Title: https://agenjudislotonline.asia/

Search URL Search Domain Scan URL

URL: https://redigi.com/
Title: slot gacor

Search URL Search Domain Scan URL

URL: https://172.104.170.226/
Title: game slot online

Search URL Search Domain Scan URL

URL: https://greatnorthernlcc.org/
Title: slot

Search URL Search Domain Scan URL

URL: https://woodlandempire.com/
Title: slot online

Search URL Search Domain Scan URL

URL: https://www.bttf.net/
Title: https://www.bttf.net/

Search URL Search Domain Scan URL

URL: https://bandotmacau.com/
Title: RajaBandot

Search URL Search Domain Scan URL

URL: https://ellascosmeticos.pro/
Title: slot

Search URL Search Domain Scan URL

URL: https://918kiss.care/mega888/
Title: mega888 apk

Search URL Search Domain Scan URL

URL: https://usgbcnj.org/
Title: rtp slot

Search URL Search Domain Scan URL

URL: https://www.88mega.info/
Title: 88Mega

Search URL Search Domain Scan URL

URL: https://www.josephcornellbox.com/
Title: judi slot online

Search URL Search Domain Scan URL

URL: https://www.pussy888thai.net/
Title: PUSSY888

Search URL Search Domain Scan URL

URL: https://www.wordpot.com/
Title: slot pulsa 5000

Search URL Search Domain Scan URL

URL: https://my.boscuci.com/mega888/
Title: Daftar mega888

Search URL Search Domain Scan URL

URL: https://mega888update.com/
Title: slot

Search URL Search Domain Scan URL

URL: https://www.megawin188aa.com/
Title: Slot Pulsa Tanpa Potongan

Search URL Search Domain Scan URL

URL: https://waclimatealliance.org/
Title: slot online

Search URL Search Domain Scan URL

URL: https://www.megaslot288aa.com/
Title: Daftar Slot

Search URL Search Domain Scan URL

URL: https://www.viiicumbreperu.org/
Title: online slot

Search URL Search Domain Scan URL

URL: https://www.mega288aa.net/
Title: Mega288

Search URL Search Domain Scan URL

URL: https://www.kruinter.com/
Title: situs slot online

Search URL Search Domain Scan URL

URL: https://sports369.one/
Title: Judi Slot

Search URL Search Domain Scan URL

URL: https://gacor.net/
Title: Slot Gacor

Search URL Search Domain Scan URL

URL: https://judibola.win/
Title: Judi Bola

Search URL Search Domain Scan URL

URL: https://totohk.com/
Title: Toto HK

Search URL Search Domain Scan URL

URL: https://hokigacor.win/
Title: Slot Online

Search URL Search Domain Scan URL

URL: https://totosgp.com/
Title: SGP Togel

Search URL Search Domain Scan URL

URL: https://naga168.win/
Title: Slot Online

Search URL Search Domain Scan URL

URL: https://www.nextenergy.tech/
Title: https://www.nextenergy.tech/

Search URL Search Domain Scan URL

URL: https://themesdna.com/
Title: Design by ThemesDNA.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nexium.us.org/ HTTP 301
https://www.nexium.us.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://content.jwplatform.com/thumbs/BR3ZuiiN-1280.jpg HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/1caat1ya-1280.jpg

Request Chain 47

https://www.pragmaticplay.com/wp-content/uploads/2020/11/Bonanza-Gold%E2%84%A2_EN_339x180.png HTTP 307
https://www.pragmaticplay.com/hotlink.jpg

Request Chain 58

https://www.918kisslogin.app/wp-content/uploads/2019/10/How-to-Win-Slot-Game-800x533.jpg HTTP 301
https://mega888login.app/918kiss/ HTTP 301
https://mega888id.app/918kiss/

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nexium.us.org/
Redirect Chain

https://nexium.us.org/
https://www.nexium.us.org/

505 KB
157 KB

968ms
924ms

Document
text/html

2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba1db9c9a9952de506e32957b353e5bd01640f3da7c1784b2caa89dcba7fec15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ad4c25448df2b3f-ORD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 25 Mar 2023 05:29:58 GMT
link: <https://www.nexium.us.org/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj8TejOh6dtppX58M09pjpAr%2BT09Zpn8PnRNRtYCfMv89Hm%2FQS1BazsGdtcos9P6dJfyiiJC%2BFXvPRG4avEa0%2BFSyKhyKKWNFAvVP3YoNLt71JHgBeQHohNEPA2AOwLrTX2wsGtj1xR9ksukflY9Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ad4c24d8c622b3f-ORD
content-type: text/html; charset=UTF-8
date: Sat, 25 Mar 2023 05:29:57 GMT
location: https://www.nexium.us.org/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVmDaBGgQbHXfy3utuEn38gmQY5h6bWIgQHGjdfb5c2VSmkOZerlrLdUIIOx2HmxvYaxHVdegIjMEEf8ygoW%2BplW3zjk5qTLDDtHr0XQIz%2F1vnhsKqYhTzOGHi9hJSstIZaafon4j7EZMATP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress

GET
H2 200 style.min.css
www.nexium.us.org/wp-includes/css/dist/block-library/ 93 KB
13 KB 962ms
961ms Stylesheet
text/css 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 23:18:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJK3AYJcUv9xWi5J9BU8tZYyOJDsZ9tr5af5YzpMQ9MECX7HPJEE3D9m3CMXn%2B4MBpnBwr4xEIqwtX49i4RfLX95BEcdELOEXcr1vghZj4PWu9jdhWY5RC5mfH19zIqPOSf8gBAJ4eaA%2BY9zSy2Wxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ad4c25a1e402b3f-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
www.nexium.us.org/wp-includes/css/ 217 B
503 B 470ms
469ms Stylesheet
text/css 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 14:20:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hr7n8mfWgL%2FtrQXHn%2FBTEcIiTQs3irPz5j8eZXMNsnv8geMacIn7enNBrip4U%2BYdsTV0WLJgmFaArZMjPrmPeOYYDA6UOaOxckxnEPGIJ6u09ifZYYMkxwAmY%2FfdwG3EFHPiRz880RtwD0J6%2F9ZLbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ad4c25a1e422b3f-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
www.nexium.us.org/wp-includes/js/ 18 KB
5 KB 747ms
736ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 24 May 2022 23:39:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu4YB3cr8f5SyBMmWJoYylhV6SwUjOVXjiGhzXoqIfn7rdcXAdgsrAJrAV9TwCYMafTQyvBASPiLhichezmV6CcYPoUaBxskmIMt21yc07Jow2kV1sXnHZPSxMtKj8YB9SOPXHXS1Sncgjzwve5Xiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c261af50e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 styles.css
www.nexium.us.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 477ms
476ms Stylesheet
text/css 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 11:16:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vd5Q3JfPPEN01LkmjmGq0Jb0F1ba4n5yeU7RvNMxWErKgYhboFGpfLj3RW5a6k6Z2SZGUOp4bDMMyk8azQaeuMyyakdbICdexXvWuyqAcL762MG%2BZ6MDHEGIBxpEf8MlmzitQ9wvbutnlZr3CFPdXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ad4c25b8fb9e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.css
www.nexium.us.org/wp-content/themes/neatmag/ 59 KB
11 KB 937ms
935ms Stylesheet
text/css 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/style.css
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc67d54b7b71c6880aaf6cb4f08369da60be6422971cee63310862a10cca7bca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Sep 2022 02:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDjCzzEaiK9H6mgBS%2B6ou2g0n4I8lmQZNbz28LJm7OFvLKEQUEPXMKCAjWb7qRBGFLZJLsISA7RG1kdrMU%2FlIeYqcC%2F7Idg70KEq3VzkGwPTHSqKTpfdZcbYMeyKOE11rg8dyKzl42BNDXb4hlEa%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ad4c25b8fbbe148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 font-awesome.min.css
www.nexium.us.org/wp-content/themes/neatmag/assets/css/ 30 KB
7 KB 700ms
698ms Stylesheet
text/css 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/css/font-awesome.min.css
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 21:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmAK1O3UA7PKRaO4b8dQDTLGO6Vxw979BNLEgJnjr%2FOmWcesZewxt8KuCTTL6uF107rVRQR%2BPjI%2B2%2BDwl%2F8YKdSynGh1osUSQzyzHRZz0nUgELYiNLLA5gYYyvHE3PyDvao%2Bz%2FMf7f1k8SKTZCg7sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ad4c25b8fbde148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 146ms
56ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba852a9e4eaeb19f02c25dde82c45a5bdb6aafece5b4aec3cae9366518f26228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Mar 2023 05:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Mar 2023 05:29:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Mar 2023 05:29:58 GMT

GET
H3 200 style-frontend.css
www.nexium.us.org/wp-content/plugins/easy-custom-auto-excerpt/assets/ 911 B
791 B 477ms
476ms Stylesheet
text/css 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/plugins/easy-custom-auto-excerpt/assets/style-frontend.css?ver=2.4.12
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Feb 2021 06:02:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdaKYv6yt5r%2BTURThh9Y4RH0S8gJN6h4RpMMjWTqDSFiCuUPN2CJeFcZ5ng8V%2BP9p4ltMX5riL1s8NuUt78%2BRtc91TdsxHARSQkwAF0KV48og3ll4ZGK592Ujfum%2FQfv6Yj6N9PG5NrqOS7yiaZCWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ad4c25b8fbfe148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ecae-buttonskin-none.css
www.nexium.us.org/wp-content/plugins/easy-custom-auto-excerpt/buttons/ 304 B
597 B 476ms
474ms Stylesheet
text/css 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/plugins/easy-custom-auto-excerpt/buttons/ecae-buttonskin-none.css?ver=2.4.12
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Feb 2021 06:02:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhfMW6Vhe%2FhjBuhjgwDmtYh5DgBGFIR9wszJdMt5mOgVSD7hxZBjGX3nASDednwY2EmVQrm4N7L3tUklpWeiHCVcuC1IL4P66tQ8BdKRHwLrgQ6vI2RFNebRPSb8curMFE9xaiTgKOjIv9IdTkVVEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ad4c25b8fc0e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
www.nexium.us.org/wp-includes/js/jquery/ 88 KB
32 KB 912ms
911ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 14:20:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3gMcgGtQ%2FteUyMkrMpPpKsynvSOnKoJWS%2FjANGwMiBra30VG4KC4LvouixQR%2FsTOLIN45%2FaQJPHRJBcOCJM6wrTiKwdp7pLpEVcEOoXg%2BYU8g5v6lQA8VdXEvm%2F5qpZziMvVaRh0mKxYCRW9YalPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c25b8fc2e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
www.nexium.us.org/wp-includes/js/jquery/ 11 KB
5 KB 505ms
504ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Nov 2020 06:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTU67P3zNn7p4R%2BUhB0IowIUFPKsTb7iZ3a9Z0JOUb9w6DMD%2By7YeJUWhmFbK28dvB2NxxYqZvoeXKGDXwVCv9CHTGiQZV7429elIMzWkMgpCALn6mojp3aNiUsh24QnCMFzHGQBSo9u%2Belt%2BXbquw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c25b8fc4e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bonus-lotto-868x651.jpg
slotu.com/wp-content/uploads/thumbs/custom/B/ 135 KB
136 KB 155ms
31ms Image
image/webp 172.67.75.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slotu.com/wp-content/uploads/thumbs/custom/B/bonus-lotto-868x651.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbed82ace16795b5d5a8f5215192dc2c980119919c46adcde782a57d553321c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69633
cf-polished: qual=85, origFmt=jpeg, origSize=170131
content-disposition: inline; filename="bonus-lotto-868x651.webp"
content-length: 138704
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Mar 2019 12:20:21 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxVyltBNYl5FjC%2B3pU4D%2BOaBFVzIre1cAVXI0YiaBfrCiLE1ePXslfcNhXoX028VfM0YQx6UB47FEzOBBUwjxdtZorMXZoER7lB%2BC0Vr4wWJ2I0WcrSirF1bFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7ad4c2626f022330-ORD
expires: Sat, 22 Jul 2023 10:09:26 GMT

GET
H2 200 CCDB22F9-2552-44F0-91EE-2287376AAD0D.jpeg
www.theexeterdaily.co.uk/sites/default/files/field/image/ 183 KB
184 KB 659ms
268ms Image
image/jpeg 46.165.217.151
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theexeterdaily.co.uk/sites/default/files/field/image/CCDB22F9-2552-44F0-91EE-2287376AAD0D.jpeg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.165.217.151 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

opal15.opalstack.com

Software

nginx /

Resource Hash

fc6f17fbc05806a04273ed402d857a167ec36b9bc279cd319f9c0b3348eb7fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Jan 2019 22:37:20 GMT
server: nginx
etag: "2dc9a-580139ed3cb1d"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 187546
expires: Sat, 08 Apr 2023 05:29:59 GMT

GET
H2 200 free%2Bbet%2Bprediction.jpg
1.bp.blogspot.com/-LzIblT-xkUE/XgOpWDJdB4I/AAAAAAAACYg/pzp43TyIA4k5j_BhZZDP5jkRhDM4Zg3MQCNcBGAsYHQ/s1600/ 462 KB
462 KB 363ms
264ms Image
image/jpeg 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LzIblT-xkUE/XgOpWDJdB4I/AAAAAAAACYg/pzp43TyIA4k5j_BhZZDP5jkRhDM4Zg3MQCNcBGAsYHQ/s1600/free%2Bbet%2Bprediction.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64aa00ca26c4b0082f20f29a2f5bf3d8ccb26627094d732b999a71ea86b48ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v989"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="free bet prediction.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472706
x-xss-protection: 0
expires: Sun, 26 Mar 2023 05:29:59 GMT

GET
H2 200 eOuSBqvA-a7QPzkTy1CuUJ1GkeVQg0t7S6xs-_tBDKdCMadV9BbIpONKA3NOKQjMt34AdtyLJNL66djmXAD92ZARuWSsVPR7wDx4zrRKEZWrl6Tu3nOQ45Dj5bM1iIaW1sqvoFCU-a2fUEor3Q
lh5.googleusercontent.com/ 96 KB
96 KB 287ms
188ms Image
image/jpeg 2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/eOuSBqvA-a7QPzkTy1CuUJ1GkeVQg0t7S6xs-_tBDKdCMadV9BbIpONKA3NOKQjMt34AdtyLJNL66djmXAD92ZARuWSsVPR7wDx4zrRKEZWrl6Tu3nOQ45Dj5bM1iIaW1sqvoFCU-a2fUEor3Q

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6b5091daf7492f26f83047eb09c4488df7daf7dd2d78749c4a4101b548418a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image2.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97969
x-xss-protection: 0
expires: Sun, 26 Mar 2023 05:29:59 GMT

GET
H2 200 image.png
www.splitmusic.net/wp-content/uploads/2019/09/ 108 KB
108 KB 138ms
61ms Image
image/png 2606:4700:3036::6815:4ed4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.splitmusic.net/wp-content/uploads/2019/09/image.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4ed4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57e87fb432e83ca5030c8d0ef2dd64e7cebbfad524a80e871941cab0289d3a8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Sep 2019 08:26:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1ae72-592f7d3d3be00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO4Q78NKyzodCwYeS%2BtztDV%2BzGM0IDUcXBNbymfRGd6tsS8dFPnPESvmCdW3LcXUlcwM8VDi6vEv%2BwwTcg8RJ7SWmZhDH82g83c21GT9Qqeup1E5aJjYwbALPOlzo8iqwJvAtL%2Bgby1PQiT8aA3F6SI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ad4c2621a5821a9-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110194

GET
H2 200 B1rysa8C9uS.png
images-eu.ssl-images-amazon.com/images/I/ 3 MB
3 MB 283ms
91ms Image
image/png 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-eu.ssl-images-amazon.com/images/I/B1rysa8C9uS.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 77f0e4022fb07ba2ad73bd1b15cc5c2c8629f0fa0a1bb63751a3d694455aa5a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Wed, 18 Mar 2043 10:26:02 GMT
date: Sat, 25 Mar 2023 05:29:59 GMT
last-modified: Wed, 29 May 2019 10:37:27 GMT
age: 155037
x-cache: HIT from fastly, HIT from fastly
content-type: image/png
access-control-allow-origin: *
x-nginx-cache-status: MISS
cache-control: max-age=630720000,public
x-amz-ir-id: fc0152bc-68ec-4164-b972-fab1441066f1
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2667119
x-served-by: cache-iad-kcgs7200173-IAD, cache-chi-klot8100080-CHI

GET
H2 200 screen-7.jpg
image.winudf.com/v2/image1/Y29tLmh1dXVnZS5iZXN0c2xvdHNfc2NyZWVuXzdfMTU0MTI1NDUzM18wNDc/ 401 KB
402 KB 156ms
87ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image1/Y29tLmh1dXVnZS5iZXN0c2xvdHNfc2NyZWVuXzdfMTU0MTI1NDUzM18wNDc/screen-7.jpg?fakeurl=1&type=.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfce1658736769b22b0578657e2f0edd7d4efa6461a2dd5c9e38db3a2d94242f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=420379, status=webp_bigger
x-cache: MISS
content-length: 410590
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: c2346c49
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxHdAlbZ5%2BWvLHvIc9GWyDBu2f%2B73Mp7HZxzGJDKxb3hhF8sbFNd8UgFfbzqTI6e9BOcLwn7lgWyXElh8hB4rx8kWaqp9ddplfU2dKZeik8aWb%2Bp%2B74JH47E3q%2BP14aZd3bz%2BvOHZnAUjcXD8kM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ad4c2620f2f0160-ORD

GET
H/1.1 200
OK 766133159.jpg
newpos109.weebly.com/uploads/1/2/5/2/125213188/ 251 KB
251 KB 309ms
104ms Image
image/jpeg 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newpos109.weebly.com/uploads/1/2/5/2/125213188/766133159.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 7287ad529be0cb031be42040bbc403a3fcd2715f00d4b42c5febe67b273a1b18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sat, 25 Mar 2023 05:29:59 GMT
X-Storage-Object: 7287ad529be0cb031be42040bbc403a3fcd2715f00d4b42c5febe67b273a1b18
Last-Modified: Wed, 22 Jan 2020 08:00:27 GMT
Server: nginx
x-amz-request-id: tx0000000000000606c6962-0063c63650-c699baa-sfo1
ETag: "e0109c376995d0a0db1ed248cdf164f9"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: z7287
X-Host: blu76.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 256716

GET
H2 200 Sportsbook.jpg
scholarlyoa.com/wp-content/uploads/2021/03/ 82 KB
83 KB 742ms
586ms Image
image/jpeg 2606:4700:3030::ac43:c272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scholarlyoa.com/wp-content/uploads/2021/03/Sportsbook.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cb659e45be5c11cca35870a82e6c4625b46a0ec88b60dae199a11f2add01634b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83861
last-modified: Sun, 03 Oct 2021 03:34:45 GMT
server: cloudflare
etag: "615924d5-14795"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJckTusAqI624QZJ0nnwSLAs4bT%2BPGVzhGvF%2BHppGFEgQ7NhNo%2BwwnU%2FqB5KK4%2BF%2FK4oIP2CQQqQ6lkpWWLU0Mu%2F8EUA%2BZ27KbJCOKyf%2B5biEufv8B%2F27iCTNopPGUvEK6xIF6nWoXnSX9Gu9As%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7ad4c2629c3a61aa-ORD
expires: Sun, 23 Jul 2023 05:29:59 GMT

GET
H/1.1 200
OK 298558001.png
speedgood.weebly.com/uploads/1/2/5/2/125206909/ 625 KB
625 KB 282ms
109ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://speedgood.weebly.com/uploads/1/2/5/2/125206909/298558001.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 0bc2ec99911b20c86ebcc2aee1f564bceb65b8255aabcbb25f2b8060145effbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sat, 25 Mar 2023 05:29:59 GMT
X-Storage-Object: 0bc2ec99911b20c86ebcc2aee1f564bceb65b8255aabcbb25f2b8060145effbc
Last-Modified: Mon, 13 Jan 2020 13:46:08 GMT
Server: nginx
x-amz-request-id: tx0000000000000005fb0e6-006321b049-c695612-sfo1
ETag: "5f3d5c928a9d7e1703df32812a982c30"
Content-Type: image/png
x-rgw-object-type: Normal
X-Storage-Bucket: z0bc2
X-Host: grn56.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 639972

GET
H2 200 screen-12.jpg
image.winudf.com/v2/image1/Y2x1YmlsbGlvbi5zb2NpYWwuc2xvdHMuY2FzaW5vLmZyaWVuZHMuZnJlZS5hbmRyb2lkX3NjcmVlbl8xMl8xNjA1NTQwNzczXzAyOQ/ 512 KB
513 KB 35ms
34ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image1/Y2x1YmlsbGlvbi5zb2NpYWwuc2xvdHMuY2FzaW5vLmZyaWVuZHMuZnJlZS5hbmRyb2lkX3NjcmVlbl8xMl8xNjA1NTQwNzczXzAyOQ/screen-12.jpg?fakeurl=1&type=.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa83daa4ac12f75e647294fba99dc7b58bf709e30c6dd0c71a6b61510bbe027

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36185
cf-polished: origSize=542189, status=webp_bigger
x-cache: MISS
content-length: 524455
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: c4708901
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAI6JrdO%2F4TNnWl%2B4XkaUxR%2BR9aXMY8u%2FtvHtgjuBnQHTbN0B38YLpXV7UnmIk%2BUC%2ByxbohGhrfiP%2FFlAMAjSKibrZh7fhgZySF9IQdMp8pmAwjDNpPegINVm9UrS1ahv0piKBlXddf38HE%2B8DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ad4c262dfeb0160-ORD

GET
H2 200 screen-0.jpg
image.winudf.com/v2/image1/Y29tLmNpdHJ1c2pveS50cm9qYW5fc2NyZWVuXzBfMTU5MDU1MTA4Ml8wODg/ 329 KB
330 KB 40ms
39ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image1/Y29tLmNpdHJ1c2pveS50cm9qYW5fc2NyZWVuXzBfMTU5MDU1MTA4Ml8wODg/screen-0.jpg?fakeurl=1

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2679be2e46c73f46ec0b922ee6515b269f98b024aea094c949db30d0b64f556

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189685
cf-polished: origSize=362962, status=webp_bigger
x-cache: MISS
content-length: 336826
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: 5e381104
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xBP0klkH4USaegEo4%2B6hwIm5QqOHxC4kUbtPGFB87O8O%2FGyvX3joWPGdEguTLoFPi9z4p%2BVkWECYj7DXynRdNwj1Q6O4qqYRKMlfbxcB7BSiM8hvGRb2IjUv%2Ff%2BA9fY9zdFSaSWiM5aMEPw33s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ad4c262dfec0160-ORD

GET
H2 200 slot-machine-progressive-jackpot.jpg
franskahemsidan.net/wp-content/uploads/2020/02/ 64 KB
65 KB 155ms
28ms Image
image/jpeg 2606:4700:3034::ac43:d6ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://franskahemsidan.net/wp-content/uploads/2020/02/slot-machine-progressive-jackpot.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d6ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 244439d520ad8dc487369e6461bf7bc9797de4fc9e629a1c558e4ca6099efe96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27440
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65476
last-modified: Thu, 09 Mar 2023 14:23:19 GMT
server: cloudflare
etag: "ffc4-6409ebd7-116926a;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1SqTjf4fr5p%2Bye36GkVpfkMcf1RATp0TjjPldEXjOQHcPtg2x4kyZT7xxQmZGJbJGI%2B199i5iF8Mo%2FihPAOOX0RpBHyy%2BrG%2FhS2XAAQeBWdOMtJ%2BjmnZeOGBnPol8x5V0fhMbvRUYjxX0%2BKK262R5%2FG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7ad4c263981f2bb1-ORD
expires: Fri, 31 Mar 2023 21:52:39 GMT

GET
H2 200 B1ogWzZqb8S.png
images-eu.ssl-images-amazon.com/images/I/ 3 MB
3 MB 33ms
30ms Image
image/png 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-eu.ssl-images-amazon.com/images/I/B1ogWzZqb8S.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b7eb701f56345896606ec0a980cc88e20c48fa5bbeb2ad72a5d8bac79ff0947

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Wed, 04 Mar 2043 08:42:04 GMT
date: Sat, 25 Mar 2023 05:29:59 GMT
last-modified: Mon, 08 Apr 2019 18:18:30 GMT
age: 1193621
x-cache: HIT from fastly, HIT from fastly
content-type: image/png
access-control-allow-origin: *
x-nginx-cache-status: HIT
cache-control: max-age=630720000,public
x-amz-ir-id: e2ae80b3-ad34-42a2-a37d-c15f5c2ca5e4
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 2681847
x-served-by: cache-iad-kjyo7100106-IAD, cache-chi-klot8100080-CHI

GET
H2 200 slot-machines.png
dekhnews.com/wp-content/uploads/2016/09/ 442 KB
443 KB 967ms
271ms Image
image/png 216.48.179.186
E2E-NETWORKS-IN 282

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dekhnews.com/wp-content/uploads/2016/09/slot-machines.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.48.179.186 , India, ASN132420 (E2E-NETWORKS-IN 282, Sector 19, IN),
Reverse DNS: e2e-96-186.ssdcloudindia.net
Software: LiteSpeed /
Resource Hash: 3e401c821b40e60ef7e91167f327fb79ac2bf2d7175006fedf769b149df84952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
last-modified: Tue, 13 Sep 2016 10:06:00 GMT
server: LiteSpeed
etag: "6e934-57d7cf88-6a1872;;;"
content-type: image/png
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 452916
expires: Sat, 25 Mar 2023 17:30:00 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/F0l6aZGX04Q/ 146 KB
146 KB 251ms
163ms Image
image/jpeg 2607:f8b0:4006:81f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/F0l6aZGX04Q/maxresdefault.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e25892f4e7fdeb87a23eced92abda18a9574ad5a8ad449036d05bc99dabcc7d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149117
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Mar 2023 07:29:59 GMT

GET
H/1.1 200
OK __p__.jpeg
www.slots43.com/wp-content/plugins/phastpress/phast.php/https-3A-2F-2Fwww.slots43.com-2Fwp-2Dcontent-2Fuploads-2F2019-2F04-2FPlay-2Dfree-2Dcasino-2Dslots-2D1024x576.jpeg/service=images/cacheMarker=... 131 KB
131 KB 1726ms
571ms Image
image/webp 109.203.109.195
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.slots43.com/wp-content/plugins/phastpress/phast.php/https-3A-2F-2Fwww.slots43.com-2Fwp-2Dcontent-2Fuploads-2F2019-2F04-2FPlay-2Dfree-2Dcasino-2Dslots-2D1024x576.jpeg/service=images/cacheMarker=1600533116-2D167126/token=c0423a95081f5f7e/__p__.jpeg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.203.109.195 , United Kingdom, ASN31727 (NODE4-AS, GB),

Reverse DNS

wordpress6.whukhost.com

Software

Apache / PHP/7.3.33, PleskLin

Resource Hash

83fa63b6f8cfb46edfc05ecbc8cc8d6af42ed2ac5cfec349ebe63904a09d9b5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sat, 25 Mar 2023 05:30:00 GMT
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.33, PleskLin
Connection: Keep-Alive
Content-Length: 133866
X-Accel-Expires: 31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 25 Mar 2023 05:30:01 GMT
Server: Apache
ETag: "553b95419db9dc50f5b46799f26337f9"
Vary: Accept
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Link: <https://www.slots43.com/wp-content/uploads/2019/04/Play-free-casino-slots-1024x576.jpeg>; rel="canonical"
Keep-Alive: timeout=5, max=100
Expires: Sun, 24 Mar 2024 05:30:01 GMT

GET
H2 200 Free-online-slots-Canada1.jpg
goldenislestrackclub.com/wp-content/uploads/2020/04/ 76 KB
77 KB 443ms
320ms Image
image/jpeg 2606:4700:3036::ac43:a69b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldenislestrackclub.com/wp-content/uploads/2020/04/Free-online-slots-Canada1.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a69b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9e79e783f480c4503e7d687cbb6357b5dc67071df24aeb0ed2706790eab090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 May 2020 10:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "130f7-5eba7eec-44271;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgxComHZpJsXc358%2BRfw1CwT6hEUejhmRECRul8yNTCToaR1OItAPnzt6RlxTI8%2F%2F%2BrzMeY1GOq4pnSw6SD4GgKtJWg%2BuFyeVXGPRzERg22xJL6J4RGuZl8GCcyBXaKjGqISn3ILq0LcWe24bM9AAGuNpiT4%2BGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7ad4c265dac913f2-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78071
expires: Fri, 10 Mar 2023 17:52:23 GMT

GET
H2 200 screen-1.jpg
image.winudf.com/v2/image1/Y29tLmNpdHJ1c2pveS50cm9qYW5fc2NyZWVuXzFfMTU3Njg5MzQ0OV8wMzg/ 462 KB
463 KB 34ms
34ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image1/Y29tLmNpdHJ1c2pveS50cm9qYW5fc2NyZWVuXzFfMTU3Njg5MzQ0OV8wMzg/screen-1.jpg?fakeurl=1&type=.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60b979aec16d2c962d6e2abbc4cefc7ea27861f89c22a050729dc57484bf31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 183403
cf-polished: origSize=488266, status=webp_bigger
x-cache: MISS
content-length: 473117
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: 1e381831
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYsBBgNZVxk9knDxEsb3uIUaHzAnytOTJe93DYgDP7isN2uQlCXjuajg0XxWk9o2aGvOHZPSakkhUnSSHJlpNa8OGySyr8MkgNOGNxarnFL05rdoALlvLNwAMomi6%2Bup3W8OkQtNQ84d19Toujg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ad4c26509e60160-ORD

GET
H2 200 screen-0.jpg
image.winudf.com/v2/image1/Y29tLmNpdHJ1c2pveS50cm9qYW5fc2NyZWVuXzBfMTU5NDI4MzczMF8wMTQ/ 157 KB
158 KB 44ms
44ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image1/Y29tLmNpdHJ1c2pveS50cm9qYW5fc2NyZWVuXzBfMTU5NDI4MzczMF8wMTQ/screen-0.jpg?h=710&fakeurl=1&type=.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29af43dd03c542208589a473a6864f59ba5d22561bc12a0a8e60ad95b8795c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269332
cf-polished: origSize=165036, status=webp_bigger
x-cache: MISS
content-length: 160896
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: 3959493d
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSIeMl2kJrhQPu1IZmptWUrSBL%2BML%2FogLw8KmjRjyLpYE6ZL4Gfw7RtVD1vdHJgTRezCCD3MsDaNBmxPBdtWBv9CMxg9RqWBRjKOQjlKNCavzV9r7WBEPPI1LUnOZ9saWxwork%2FyG8TE9pdNJ%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ad4c26519e70160-ORD

GET
H2 200 How-To-Win-Online-Slots-300x200.jpg
aammav.org/wp-content/uploads/2021/04/ 25 KB
26 KB 118ms
30ms Image
image/jpeg 2606:4700:3034::ac43:b87d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aammav.org/wp-content/uploads/2021/04/How-To-Win-Online-Slots-300x200.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b87d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4bbd02d8006d7292cac763a4169e18b284a93373fe2abc8f358bf0161239a4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 292177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25578
last-modified: Thu, 01 Apr 2021 05:03:53 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCcHHevBiSyIG0m7e9KRGl%2B8usBrI%2BJIJRgRMgRr25sCCV3cSK3D0TjjmSyQjeTzrKXehB26ui2CxFvhg2Z0t8JjYCTWM73sWEVhrndSnQKP5f2fzETO746tWXuqxTwdyGdyqbzXh0KP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7ad4c2661e7e2c4c-ORD
expires: Sat, 25 Mar 2023 02:01:51 GMT

GET
H2 200 screen-19.jpg
image.winudf.com/v2/image/Y29tLkZvcnR5T25lR2FtZXMuU2xvdHM3NzdDYXNpbm9fc2NyZWVuc2hvdHNfMjBfYzMwZWM5NGY/ 311 KB
312 KB 189ms
182ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image/Y29tLkZvcnR5T25lR2FtZXMuU2xvdHM3NzdDYXNpbm9fc2NyZWVuc2hvdHNfMjBfYzMwZWM5NGY/screen-19.jpg?fakeurl=1&type=.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e798e257335236f4eead035b1c57c7298e5ed7c73c92564d6a63af07ae2283e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=326643, status=webp_bigger
x-cache: MISS
content-length: 318614
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: 3e3ff68
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiokosAJx7KVgX3ToU%2BeJUwTkTheKFC53wVe72rYesJPtPG5e1C7qqiIFq%2Bg%2BdBXW12Q4ofXEU2%2BbkNyGCkJmH%2FZiKQM69ddF9IkBm0pPlKFcXaHfHhHw1rmRNUqfMfM1SjLLLYg4hszzqe2DA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ad4c2659a660160-ORD

GET
H2 200 392x696bb.png
is2-ssl.mzstatic.com/image/thumb/Purple113/v4/21/15/ff/2115ff23-3807-471b-a865-6ba174a20a38/pr_source.png/ 421 KB
423 KB 291ms
84ms Image
image/png 2600:141b:13:793::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple113/v4/21/15/ff/2115ff23-3807-471b-a865-6ba174a20a38/pr_source.png/392x696bb.png

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13:793::2a1 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

6afa33644afcb24a9711ccdf27819fee386a5e6d3b46de1b67c98019f1505697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-apple-jingle-correlation-key: ER7CDXOL7TV5GCFEO475USBYMY
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 25 Mar 2023 05:30:00 GMT
x-b3-traceid: 247e21ddcbfcebd308a4773fda483866
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22RELEASE218:daiquiri-amp-processing-shared-int-001-st
cdnuuid: 197a7a65-bee9-4317-9fec-abda9c096e3d-718571138
x-cache: TCP_MISS from a23-47-145-183.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
b3: 247e21ddcbfcebd308a4773fda483866-66e443758d3a7bfb
content-length: 431056
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Thu, 09 Feb 2023 18:03:47 GMT
x-cache-remote: TCP_MISS from a23-219-82-4.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
etag: "MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3NTk2NTgyNzUyMixpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDMxNixub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 247e21dd-cbfc-ebd3-08a4-773fda483866
x-b3-spanid: 66e443758d3a7bfb
cache-control: no-transform, max-age=15557105
timing-allow-origin: *

GET
H2 200 winning-in-online-slots.jpg
www.lokicasino.com/en/blog/img/ 49 KB
50 KB 635ms
541ms Image
image/jpeg 104.18.4.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lokicasino.com/en/blog/img/winning-in-online-slots.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b86e2bb281c9ade6f1e4164ee9c0051b88254747a3dc178db2fc7bc857eefa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
x-amz-version-id: null
cf-cache-status: MISS
x-amz-request-id: DF4R6Y67RAAY110B
content-length: 50502
x-amz-id-2: VVaEM8ijaO5NKoiDEGaaTTvu2k7xGPMuoMMs9S8kJaTFxJ8WDS+f4g6XW0SfQNiKOt0uYJdvQL4=
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Jan 2021 12:27:18 GMT
server: cloudflare
etag: "ac3b928a18643df0f60fe49499b78457"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7ad4c2665d937f68-ORD
expires: Sat, 01 Apr 2023 05:30:00 GMT

GET
H2 200 screen-8.jpg
image.winudf.com/v2/image1/Y29tLnZlZ2FzLm1hZ2ljLnNsb3RzX3NjcmVlbl84XzE1OTQxNTg2OTFfMDcz/ 592 KB
593 KB 100ms
100ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image1/Y29tLnZlZ2FzLm1hZ2ljLnNsb3RzX3NjcmVlbl84XzE1OTQxNTg2OTFfMDcz/screen-8.jpg?fakeurl=1&type=.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5ad20d181760e45808afe23b6be0790fa9f359ec6efda10fa020027ff925bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=618232, status=webp_bigger
x-cache: MISS
content-length: 606650
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: 33867e7e
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Hmot%2FaZAstCIW2JPoFPubuOC2xwiacTqzGcBRvMrWCobbJOGZP3mBqLnmTUEw2wyEAdtLR8vAhJLaPWsi%2FgX71UXjjH98cNM6XJ9HP7imLUM23P2DvkiZveujkKMaNVkjoM0JKYe0xLOdFQwxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ad4c265ba850160-ORD

GET
H2 200 7f52b70a6ed58980202fecb69bc9660a.jpg
i.pinimg.com/736x/7f/52/b7/ 41 KB
41 KB 321ms
110ms Image
image/jpeg 2600:141b:13::172f:91d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/7f/52/b7/7f52b70a6ed58980202fecb69bc9660a.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::172f:91d2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3fd860c392057c6e77bc2c14fa89e43419fe45061e74c97d27dd6d0a4ded6366

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.ce912f17.1679722200.6742779
etag: "4e05378c0588b9b1b4b120c1b0e9bc02"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 41736

GET screen-82.jpg
thegraphicstory.com/wp-content/uploads/2020/12/ 0
0

GET
H2 200 863095-online-sport-betting.jpg
resources3.news.com.au/images/2012/09/05/1226465/ 50 KB
50 KB 370ms
88ms Image
image/jpeg 173.223.56.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources3.news.com.au/images/2012/09/05/1226465/863095-online-sport-betting.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.223.56.128 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-128.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 68e7a7d7392440f920681608fa74a2e058305923ca3d7851af8f21ffad6c139d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 25 Mar 2023 05:30:00 GMT
last-modified: Mon, 08 Jul 2019 02:32:47 GMT
server: AmazonS3
x-amz-request-id: VBYBA59XP7FC1BTJ
etag: "a3c5ed70bd39bc0ff902bd8e9fcc8dad"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31489444
accept-ranges: bytes
content-length: 51002
x-amz-id-2: xpJMEzGEkgkfmt955kXbS20P0bsThTpCgcuqGnwKVjgi1oBXphHRe/heeUVhaEt0LPRoEtJHNEg=
expires: Sat, 23 Mar 2024 16:34:04 GMT

GET vsQxTxYf7ViymDahq0Q9cE_li5WKPuqiTo-EAS0rc1R2VYvwrhKyaoIx5QPYEE1OMV-Bh9001.jpg
highroadheritage.org/wp-content/uploads/2021/03/ 0
0

GET
H2 200 playn-go-big-win-777-info3.png
slotsspot.com/wp-content/uploads/slotsimages/17/ 356 KB
357 KB 161ms
41ms Image
image/png 2606:4700:3036::ac43:90f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://slotsspot.com/wp-content/uploads/slotsimages/17/playn-go-big-win-777-info3.png

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:90f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

336830c3b4137eee9ddfd54f4d386d9e4ccbed4998150e866c3d682a3ca6752a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 25 Mar 2023 05:30:00 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280218
content-length: 364682
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 09:39:42 GMT
server: cloudflare
etag: "6120c9de-5908a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCXwQHXf81bOmS5XA4bba3MgfAT5vgVOXFrOib3r5aBH2%2FwbiqXOSTDv%2FttTEagj%2BCyqd10Iq6eaXv1nRyB%2Fx%2BauX6CZdi8GtA17EnSirPn6%2BkZHhNEfOOHM%2FFVDdvs0%2FPiJw6XW0%2FOv0uw9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7ad4c26869eb1419-ORD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 the-money-game-novomatic-casino-slots.png
www.slotsup.com/wp-content/uploads/default/ 114 KB
114 KB 108ms
49ms Image
image/webp 2606:4700:3108::ac42:28e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.slotsup.com/wp-content/uploads/default/the-money-game-novomatic-casino-slots.png

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38714324346a7ff3851586c9fe9ce0ff92f9430d6410b6cd26a87e4916ed4df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 119905
cf-polished: origFmt=png, origSize=121283
content-disposition: inline; filename="the-money-game-novomatic-casino-slots.webp"
content-length: 116312
last-modified: Mon, 21 Aug 2017 07:12:23 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "599a87d7-1d9c3"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7ad4c2680c72e24b-ORD
expires: Wed, 21 Jun 2023 12:23:00 GMT

GET
H2 200 A1-T9yEp1kL.png
images-na.ssl-images-amazon.com/images/I/ 2 MB
2 MB 30ms
27ms Image
image/png 2a04:4e42::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/I/A1-T9yEp1kL.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5424f1516b65c8aa31e4170eb1e30cb24d560084b0c048ab8767178df8edc924

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Fri, 06 Mar 2043 22:36:51 GMT
date: Sat, 25 Mar 2023 05:30:00 GMT
last-modified: Fri, 22 Jan 2016 21:46:41 GMT
age: 693823
x-cache: HIT from fastly, HIT from fastly
content-type: image/png
access-control-allow-origin: *
x-nginx-cache-status: MISS
cache-control: max-age=630720000,public
x-amz-ir-id: a55052ee-46f3-47f2-ae43-4731eb147e35
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 1830834
x-served-by: cache-iad-kjyo7100062-IAD, cache-chi-klot8100080-CHI

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/s98t1MD4bAw/ 9 KB
9 KB 70ms
70ms Image
image/jpeg 2607:f8b0:4006:81f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/s98t1MD4bAw/hqdefault.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b331ac9340fc0754eb9550991df6eb52d11b2c140da9321a73041ccc22e8f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9281
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Mar 2023 07:30:00 GMT

GET
H2 200 172fdd28934711.55da3eb528c59.jpg
mir-s3-cdn-cf.behance.net/project_modules/1400/ 713 KB
714 KB 184ms
58ms Image
image/jpg 18.164.116.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir-s3-cdn-cf.behance.net/project_modules/1400/172fdd28934711.55da3eb528c59.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-119.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fea8430b9cb9291680435484f04b1197e53311e7392fa03ac13949f02a7274e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 16:32:43 GMT
x-amz-version-id: ZM3.QmQ9.fKVHWojYxivP3m47sciSCIi
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 46637
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD_IA
cross-origin-resource-policy: cross-origin
content-length: 730008
last-modified: Mon, 19 Dec 2016 10:56:32 GMT
server: AmazonS3
etag: "a762ec0f036f5d0132e29cfeb2407076"
content-type: image/jpg
cache-control: max-age=2628000
accept-ranges: bytes
x-amz-cf-id: 7jxDNc3hmB4oXm-Uybzo5G8DaBzRs--hbq_Mu6KpEt_6fGO5o3Nexg==

GET
H2 403 fire-horse-igt-free-slot.png
onlinecasinohex.ca/wp-content/uploads/ 0
0 114ms
37ms Image
text/html 2606:4700:3108::ac42:28ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinecasinohex.ca/wp-content/uploads/fire-horse-igt-free-slot.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2

200

1caat1ya-1280.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://content.jwplatform.com/thumbs/BR3ZuiiN-1280.jpg
https://assets-jpcust.jwpsrv.com/thumbnails/1caat1ya-1280.jpg

119 KB
116 KB

193ms
121ms

Image
image/jpeg

2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/1caat1ya-1280.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d82c48e3c50432300abe64a2be4c4d41722f27c0232b9dc421c2dd96f0a6ac8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 118194
x-served-by: cache-iad-kcgs7200101-IAD, cache-chi-klot8100025-CHI
last-modified: Sat, 28 Oct 2017 14:27:50 GMT
server: nginx
x-timer: S1679722201.758579,VS0,VE95
etag: "d8d933fc878e4255102de2875c3a1752"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 0, 0

Redirect headers

date: Sat, 25 Mar 2023 05:30:00 GMT
via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: EWR53-P1
access-control-allow-methods: GET
content-type: image/jpeg
location: https://assets-jpcust.jwpsrv.com/thumbnails/1caat1ya-1280.jpg
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: rjjMHd56vmVW84esDerq6uPcRFdBPRAkm6oywNkpvS1FY0HSNc1vHA==

GET
H2

200

hotlink.jpg
www.pragmaticplay.com/
Redirect Chain

https://www.pragmaticplay.com/wp-content/uploads/2020/11/Bonanza-Gold%E2%84%A2_EN_339x180.png
https://www.pragmaticplay.com/hotlink.jpg

631 B
952 B

349ms
347ms

Image
image/jpeg

13.225.214.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pragmaticplay.com/hotlink.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Server: 13.225.214.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-45.ewr50.r.cloudfront.net
Software: nginx / PleskLin
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:01 GMT
via: 1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jan 2023 15:21:38 GMT
server: nginx
x-amz-cf-pop: EWR50-C1
etag: "63bed402-277"
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 631
x-amz-cf-id: 15lIqkfn9aPODXObQvZzEbm8vxlf7fANCdRBAULb2bDDUiy4I5Ifyg==

Redirect headers

date: Sat, 25 Mar 2023 05:30:00 GMT
via: 1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: EWR50-C1
x-powered-by: PleskLin
x-cache: Miss from cloudfront
content-type: text/html
location: https://www.pragmaticplay.com/hotlink.jpg
content-length: 164
x-amz-cf-id: fhmogK9j9Patd60RYHR3_QOEA32db7X5ozaVQ9rzfINXTyRK44nAbg==

GET ornament-22.png
www.sopkambing2.com/templates/www/default/images/ 0
0

GET
H/1.1 403
Forbidden lucky7-slot.jpg
dbestcasino.com/sites/default/files/slot-gallery/ 0
0 143ms
33ms Image
text/html 2606:4700:3035::6815:594a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbestcasino.com/sites/default/files/slot-gallery/lucky7-slot.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:594a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H/1.1 200
OK 2509_2.jpg
assets.onlinepianist.com/sheets/previews/2509/ 44 KB
45 KB 367ms
223ms Image
image/jpeg 18.67.76.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.onlinepianist.com/sheets/previews/2509/2509_2.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-88.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ad263ba0201a5ef92285849a4491d200bd08169d66f5476d71263313ac6a258

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sat, 25 Mar 2023 05:30:01 GMT
Via: 1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront)
Last-Modified: Mon, 26 Sep 2016 10:59:05 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
ETag: "70eb7938e493c9d8f3e4d34c20d2a639"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=94608000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45169
X-Amz-Cf-Id: heiEvqnPLjaQ8CPX1fcMuUgLRJUEuT15FdtITVAF8qVYci4wU04UKw==
Expires: Thu, 26 Sep 2019 10:59:04 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/43X2GLM6R2U/ 240 KB
240 KB 61ms
60ms Image
image/jpeg 2607:f8b0:4006:81f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/43X2GLM6R2U/maxresdefault.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9639c3576673a82ebab2c82133070fb824a96d2874a95ff22dc21d0e544974e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246016
x-xss-protection: 0
server: sffe
etag: "1484601573"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Mar 2023 07:30:00 GMT

GET
H2 200 Singapore-Pools-Sg-Lottery-Result.jpg
1.bp.blogspot.com/-G7W9VXH4EIY/Xzi4Sgt3-YI/AAAAAAAAA6U/HbsUWz3yo1UefJblhT9TCd4ddE9L4P8AwCLcBGAsYHQ/s562/ 192 KB
192 KB 446ms
445ms Image
image/jpeg 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-G7W9VXH4EIY/Xzi4Sgt3-YI/AAAAAAAAA6U/HbsUWz3yo1UefJblhT9TCd4ddE9L4P8AwCLcBGAsYHQ/s562/Singapore-Pools-Sg-Lottery-Result.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b5de1798ac542940b751cf53e9f50d1e9cc745767d703c499f9be7c0030d7f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v3a6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Singapore-Pools-Sg-Lottery-Result.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196252
x-xss-protection: 0
expires: Sun, 26 Mar 2023 05:30:00 GMT

GET
H2 200 sports-betting-sites.png
www.onlinecasinobluebook.com/wp-content/uploads/2012/10/ 806 KB
807 KB 159ms
42ms Image
image/png 159.89.42.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasinobluebook.com/wp-content/uploads/2012/10/sports-betting-sites.png

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.89.42.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

024a8a61ce00faf8cabefab74dc7fd449a12a079c39bfebb3b099e4ecf187167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sat, 09 Nov 2019 03:22:38 GMT
server: nginx
etag: "5dc630fe-c96c3"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 825027
expires: Sun, 24 Mar 2024 05:30:00 GMT

GET
H2 200 Win-at-Slots.jpg
www.onlinecasinosbelgie.com/wp-content/uploads/2020/03/ 124 KB
124 KB 109ms
31ms Image
image/jpeg 2606:4700:3031::6815:327
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlinecasinosbelgie.com/wp-content/uploads/2020/03/Win-at-Slots.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:327 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc818ebf3909cad7a540d5be03fb238274d8e455574359506dbf37f8b2e44204

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 126511
last-modified: Tue, 14 Jul 2020 14:37:51 GMT
server: cloudflare
etag: "1ee2f-5f0dc33f-28151c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDetvBmmh3mjh9AMjYM3NqszKxDq4bTqeRWWsn6IvTCcTiDrrN2CpUGvwFM2ex5IuOMFB1oas8hOusbEDzj0AtOCZpDHapTUJ5OQFw5iPAkXDWFm3OU8S6YDzZS7zjkKvtnaxTzTuq4ecdl5CrNXKiSNoqu0SxFF%2FOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7ad4c26a5cbb86f2-ORD
expires: Fri, 31 Mar 2023 14:02:06 GMT

GET
H3 200 Toto-Adventure-game%2B%25282%2529.jpg
1.bp.blogspot.com/-RUYu2_ZCP4w/X0P_U6Rn6VI/AAAAAAAAACQ/PpTyi5GWAfwPau-GieX-kgvM4p5KPeoRwCLcBGAsYHQ/s800/ 34 KB
34 KB 306ms
306ms Image
image/jpeg 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-RUYu2_ZCP4w/X0P_U6Rn6VI/AAAAAAAAACQ/PpTyi5GWAfwPau-GieX-kgvM4p5KPeoRwCLcBGAsYHQ/s800/Toto-Adventure-game%2B%25282%2529.jpg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9dca99592fa5e098ce0c92901af0e840a52a7b035ad6a8e39ca96439c411d995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v25"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Toto-Adventure-game (2).jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34695
x-xss-protection: 0
expires: Sun, 26 Mar 2023 05:30:00 GMT

GET
H2 200 AAuE7mA5nDwjCaN041U_AcHHf9JdKtyysSwxk5nvjA=s900-mo-c-c0xffffffff-rj-k-no
yt3.ggpht.com/a-/ 61 KB
61 KB 364ms
275ms Image
image/jpeg 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/a-/AAuE7mA5nDwjCaN041U_AcHHf9JdKtyysSwxk5nvjA=s900-mo-c-c0xffffffff-rj-k-no

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b49e475989fa3f0d6b256b343b4c4bb2ca68e198d02ae37909999cabb7d908ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v46"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62454
x-xss-protection: 0
expires: Sun, 26 Mar 2023 05:30:00 GMT

GET
H2 200 the-big-easy-slot-game.jpg
www.gamingslots.com/wp-content/uploads/2018/06/ 1 MB
1 MB 962ms
212ms Image
image/jpeg 85.13.222.214
COREIX-UK-AS London

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gamingslots.com/wp-content/uploads/2018/06/the-big-easy-slot-game.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.13.222.214 Loughton, United Kingdom, ASN31708 (COREIX-UK-AS London, Great Britain, GB),
Reverse DNS: server2902.click-profits.com
Software: Apache /
Resource Hash: 04090c235151eb29b43f05a482992d8e350ca6e0fb4e5d6e17853066791d963d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:01 GMT
last-modified: Tue, 26 Jun 2018 14:04:42 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 1526890
expires: Sun, 24 Mar 2024 05:30:01 GMT

GET
H2

200

/
mega888id.app/918kiss/
Redirect Chain

https://www.918kisslogin.app/wp-content/uploads/2019/10/How-to-Win-Slot-Game-800x533.jpg
https://mega888login.app/918kiss/
https://mega888id.app/918kiss/

0
0

728ms
598ms

Image
text/html

2606:4700:3030::6815:8ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mega888id.app/918kiss/
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Server: 2606:4700:3030::6815:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Redirect headers

date: Sat, 25 Mar 2023 05:30:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OydAdhMsAdkW%2F7kQKHvBVbP6Zecu2s89AgGK3HkFIqDXYA0rrGToeiYnRaHK6UqtRs2dybJgVWazjCgyXfhJT5ToLZbVDo06Ow6HQ0GDlSPfJd4XXaFHrOrGWodPvVPRYfQyx%2BULUU4iHUB9Zhn8"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://mega888id.app/918kiss/
cf-ray: 7ad4c2717d4986de-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bf6f27bb3d73888e5a90dd90ccb904af.jpg
i.pinimg.com/736x/bf/6f/27/ 84 KB
85 KB 59ms
58ms Image
image/jpeg 2600:141b:13::172f:91d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/bf/6f/27/bf6f27bb3d73888e5a90dd90ccb904af.jpg
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::172f:91d2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9a9bd88e1ef6eac2a4566c1523697a972965a1e6c1196f5369edbb327e2a7f75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.ce912f17.1679722200.6742e00
etag: "f5a25b8d28af67a9f865cf68d95becdf"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 86197

GET
H3 200 index.js Show response
www.nexium.us.org/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 474ms
474ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 11:16:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZHRPGDtt4rXrSQE%2BZpdngdDkfLVyLQff8VWzH%2FnTh5mdsouzGslfEYMCsxeB%2Fw2ejeUq6lzcVoFsHreWFEgyxjRA4cx2scFaRHTRXXVdb4iydeYFSAbCTdzgXjCn8O2ZnpuEBbaRZ8MvP03KbRxyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c2616edce148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
www.nexium.us.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 501ms
501ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 11:16:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZobqOVWGJ%2FJPIOcwQDL%2FOkUmxBJe0gmk7lNcJiE%2FNoiVnqt6iuwkXoxb9vx%2B5uLKEN0eyJB7rc1RJCWV%2BqYHTwgO6DVfwdGqJloNYg7DJU6NYKbtAwLpedc0NsCchvB2L7o4uPYzdbZGyOJY2RU6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c2618f08e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fitvids.js Show response
www.nexium.us.org/wp-content/themes/neatmag/assets/js/ 3 KB
2 KB 477ms
476ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/js/jquery.fitvids.js
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 21:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTwv5jtrfpL8NNLLEFklniz0YIATcVF%2Fbe1uBrnetJAX2DuD2ejUfzosxn4XpWKl7wSWvYZOwk9OVeClhNdeD2EKH9B6I4ADJYfsS2vM81JOCKvCyKhW3R7HO4YY9xNxX3E39mKPWxyemAH1ciYPNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c2619f23e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ResizeSensor.js Show response
www.nexium.us.org/wp-content/themes/neatmag/assets/js/ 6 KB
2 KB 495ms
484ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/js/ResizeSensor.js
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89ccea8a80283691bf449ca41a634ad18008381f9bab028d3f6c0f8a0e204fd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Sep 2022 02:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ao%2B%2FwSdY2TrlISnpL%2BM5T9rNL4uHwmsmcPbhuUPM8mca9aqRiAB3Y8ilQjKB2UARSwESnjQrlZ4Ga2xTHnMGEa3wc63Ta2MVM%2FGqw222%2BArv9o%2FQ4vhe6hca3RNNXHc%2Brz6vTqjDNFboGjFiFL%2BPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c261af41e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 theia-sticky-sidebar.js Show response
www.nexium.us.org/wp-content/themes/neatmag/assets/js/ 16 KB
4 KB 713ms
702ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/js/theia-sticky-sidebar.js
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1628edc59e249569b50a6c72cb8a3c87f76b7503e1594c34277e16940f1b108

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Sep 2022 02:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOyDo7hh1uph8UP7svZCNZ859l5EMe5nLjAgtBcOs%2Fd4QCvixzPN%2F8wXvmdXmjTCVdSqfry6qXwzMB0XvooJfs2HjVpvEbGwK01%2BkLlB4ABLWvT1qLEb9c6adwQNzo%2Bd7KOI%2FU4qYThylJrazPSGfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c261af44e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 navigation.js Show response
www.nexium.us.org/wp-content/themes/neatmag/assets/js/ 4 KB
2 KB 487ms
476ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/js/navigation.js
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88aa330219b5ffa5558da233d4c677a3a25d72d57f079c582664873bec9bd59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 21:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9z6hgdeHRwNdRHQtXgwT0bwWOnScnofcNBbPkgpi7YL9dB%2BucAwgRl0rP%2B8N4rPdJvazbRgfD4I6nnGHd%2FknbugofTkxb6PmcfPOTk3PbmNOy0%2FY0uYy2JejyTlOLQn8ykYG7aP1fe4Vmrlm65Efw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c261af46e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js Show response
www.nexium.us.org/wp-content/themes/neatmag/assets/js/ 834 B
849 B 486ms
475ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/js/skip-link-focus-fix.js
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 21:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoIexG8zIt131HeAKpPeKpAkz9i16GqWT3fpu39El47Ei5IyhzVeWx5ml%2F%2BbBPidvm20G54qEO9KlAujNwkiNc77WA%2FZyNLXxsS%2B%2FymTLPt9Lo6XLHwl%2Bjssa2qD%2Fr7mIUlLyHlqxBhT%2F1JHSmVJnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c261af49e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 custom.js Show response
www.nexium.us.org/wp-content/themes/neatmag/assets/js/ 4 KB
1 KB 482ms
471ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/js/custom.js
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dba309cd31ae0b0d1cf3015a9c521bda8b31c0737b2e3a138683bd6d9ad56af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Sep 2022 02:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpL%2BlTkdmMulEps8RPGXWaW6V7cRNMMrN4vXy6Qiwd7EJydAtN52rVeYgIWnhhq1%2FlH7WOvFKjbzJPMxkCDaNh%2BhyoFwsUi%2BYFcQi7XAeTS2vaEfGC%2BCm2Cm3nPJx9NAYP9znbbGO4IVa%2BXwNe5IwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c261af4ce148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 html5shiv.js Show response
www.nexium.us.org/wp-content/themes/neatmag/assets/js/ 10 KB
4 KB 512ms
502ms Script
application/javascript 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/js/html5shiv.js
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a42570e67080a9014519f95af4a14acba8a4e76af5cdd4f92b6a80f8858474

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:29:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 21:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V9gHO%2FLRIK7TUXq4N4E1vUIhnxisXjxpi0p%2F7lFfB4zt07Zs3NTca00RAxthZUwczXxE4NVy1q7mjaan7iPb50jrxFPQOihElF8B8ZD0b2n83NX%2BiG%2BDlRtd9maL6fScghhgpX26raGHUI74DoZDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ad4c261af4ee148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 background.png
www.nexium.us.org/wp-content/themes/neatmag/assets/images/ 43 KB
44 KB 917ms
916ms Image
image/png 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/images/background.png
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fee9c6f41d975948ec2212d1f0123a6b6c3a3de1021690108a8d09b2f99de3a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 21:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhD3DXKVSD%2F10R941%2Fh93ozbzS%2BCHVInPGhsPpK%2Bg1UDUTGtHunip%2Flp7C9mWfLqov6XU1gABQ0XQfrfyv42%2Fn5HeIdsYb59Gquh%2BXlH0ETAqrpoI1CHRkoWw%2FqtWauwYimtuHVAx1ugkVHZIYqqPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ad4c261af53e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44191

GET
H2 200 L0x8DFMnlVwD4h3hu_qn.woff2
fonts.gstatic.com/s/domine/v19/ 27 KB
27 KB 204ms
103ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fbcf6cd136ae3bfc98aecbbc0f0b1f348c05d96390d63a89cdc323a6dda70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nexium.us.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:03:31 GMT
x-content-type-options: nosniff
age: 156388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27624
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:03:31 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 143ms
42ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nexium.us.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:55:28 GMT
x-content-type-options: nosniff
age: 156871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:55:28 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 189ms
89ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nexium.us.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:55:24 GMT
x-content-type-options: nosniff
age: 156875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:55:24 GMT

GET
H3 200 fontawesome-webfont.woff2
www.nexium.us.org/wp-content/themes/neatmag/assets/fonts/ 75 KB
76 KB 916ms
916ms Font
font/woff2 2606:4700:3035::ac43:d29c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.nexium.us.org
URL: https://www.nexium.us.org/wp-content/themes/neatmag/assets/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d29c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.nexium.us.org/wp-content/themes/neatmag/assets/css/font-awesome.min.css
Origin: https://www.nexium.us.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 05:30:00 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 21:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rmwe8wdKt%2FbWctRBhWu9gcU2vvAXbA38BsaYQ3XH7gsAyUyVLPAAipoEpwWAIRw02pJZtYA4djYnDcEZGpDTOxywWA21szeUoT36IQ%2B7PC6wUcqUv2Q%2FWEF1tRlPoudIYivdjedEBc0%2FJf1QMVHAsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ad4c261cf69e148-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 228ms
128ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nexium.us.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:55:11 GMT
x-content-type-options: nosniff
age: 156888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 09:55:11 GMT

GET
H2 200 39-20e3.svg
s.w.org/images/core/emoji/14.0.0/svg/ 677 B
608 B 77ms
23ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/39-20e3.svg

Requested by

Host: www.nexium.us.org
URL: https://www.nexium.us.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

94e514c9f7aeaa59a865a291f661b99d4303551edcbaa84c875855d3062dfbfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nexium.us.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-nc: HIT mdw 1
date: Sat, 25 Mar 2023 05:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: thegraphicstory.com
URL: https://thegraphicstory.com/wp-content/uploads/2020/12/screen-82.jpg

Domain: highroadheritage.org
URL: https://highroadheritage.org/wp-content/uploads/2021/03/vsQxTxYf7ViymDahq0Q9cE_li5WKPuqiTo-EAS0rc1R2VYvwrhKyaoIx5QPYEE1OMV-Bh9001.jpg

Domain: www.sopkambing2.com
URL: https://www.sopkambing2.com/templates/www/default/images/ornament-22.png

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.nexium.us.org/ Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://dekhnews.com/wp-content/uploads/2016/09/slot-machines.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/ Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://thegraphicstory.com/wp-content/uploads/2020/12/screen-82.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/ Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://resources3.news.com.au/images/2012/09/05/1226465/863095-online-sport-betting.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/ Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://highroadheritage.org/wp-content/uploads/2021/03/vsQxTxYf7ViymDahq0Q9cE_li5WKPuqiTo-EAS0rc1R2VYvwrhKyaoIx5QPYEE1OMV-Bh9001.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/ Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://www.slotsup.com/wp-content/uploads/default/the-money-game-novomatic-casino-slots.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/ Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://www.sopkambing2.com/templates/www/default/images/ornament-22.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/(Line 763) Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://dekhnews.com/wp-content/uploads/2016/09/slot-machines.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/(Line 1488) Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://thegraphicstory.com/wp-content/uploads/2020/12/screen-82.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/(Line 1488) Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://resources3.news.com.au/images/2012/09/05/1226465/863095-online-sport-betting.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/(Line 1488) Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://highroadheritage.org/wp-content/uploads/2021/03/vsQxTxYf7ViymDahq0Q9cE_li5WKPuqiTo-EAS0rc1R2VYvwrhKyaoIx5QPYEE1OMV-Bh9001.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/(Line 1488) Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://www.slotsup.com/wp-content/uploads/default/the-money-game-novomatic-casino-slots.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.nexium.us.org/(Line 1488) Message: Mixed Content: The page at 'https://www.nexium.us.org/' was loaded over HTTPS, but requested an insecure element 'http://www.sopkambing2.com/templates/www/default/images/ornament-22.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://thegraphicstory.com/wp-content/uploads/2020/12/screen-82.jpg Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.sopkambing2.com/templates/www/default/images/ornament-22.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://onlinecasinohex.ca/wp-content/uploads/fire-horse-igt-free-slot.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dbestcasino.com/sites/default/files/slot-gallery/lucky7-slot.jpg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
aammav.org
assets-jpcust.jwpsrv.com
assets.onlinepianist.com
content.jwplatform.com
dbestcasino.com
dekhnews.com
fonts.googleapis.com
fonts.gstatic.com
franskahemsidan.net
goldenislestrackclub.com
highroadheritage.org
i.pinimg.com
i.ytimg.com
image.winudf.com
images-eu.ssl-images-amazon.com
images-na.ssl-images-amazon.com
is2-ssl.mzstatic.com
lh5.googleusercontent.com
mega888id.app
mega888login.app
mir-s3-cdn-cf.behance.net
newpos109.weebly.com
nexium.us.org
onlinecasinohex.ca
resources3.news.com.au
s.w.org
scholarlyoa.com
slotsspot.com
slotu.com
speedgood.weebly.com
thegraphicstory.com
www.918kisslogin.app
www.gamingslots.com
www.lokicasino.com
www.nexium.us.org
www.onlinecasinobluebook.com
www.onlinecasinosbelgie.com
www.pragmaticplay.com
www.slots43.com
www.slotsup.com
www.sopkambing2.com
www.splitmusic.net
www.theexeterdaily.co.uk
yt3.ggpht.com
highroadheritage.org
thegraphicstory.com
www.sopkambing2.com
104.18.4.177
109.203.109.195
13.225.214.45
159.89.42.207
172.67.75.146
173.223.56.128
18.164.116.119
18.67.76.88
192.0.77.48
199.34.228.53
199.34.228.54
216.48.179.186
2600:141b:13:793::2a1
2600:141b:13::172f:91d2
2600:9000:2209:f400:1:a3fa:7cc0:93a1
2606:4700:20::681a:816
2606:4700:3030::6815:8ab
2606:4700:3030::ac43:c272
2606:4700:3031::6815:327
2606:4700:3033::ac43:aeea
2606:4700:3034::6815:4692
2606:4700:3034::ac43:b87d
2606:4700:3034::ac43:d6ae
2606:4700:3035::6815:594a
2606:4700:3035::ac43:d29c
2606:4700:3036::6815:4ed4
2606:4700:3036::ac43:90f0
2606:4700:3036::ac43:a69b
2606:4700:3108::ac42:28ca
2606:4700:3108::ac42:28e5
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2016
2607:f8b0:4006:821::2001
2607:f8b0:4006:824::2003
2a04:4e42:400::626
2a04:4e42::272
46.165.217.151
85.13.222.214
024a8a61ce00faf8cabefab74dc7fd449a12a079c39bfebb3b099e4ecf187167
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02fbcf6cd136ae3bfc98aecbbc0f0b1f348c05d96390d63a89cdc323a6dda70c
04090c235151eb29b43f05a482992d8e350ca6e0fb4e5d6e17853066791d963d
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0bc2ec99911b20c86ebcc2aee1f564bceb65b8255aabcbb25f2b8060145effbc
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
244439d520ad8dc487369e6461bf7bc9797de4fc9e629a1c558e4ca6099efe96
2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fea8430b9cb9291680435484f04b1197e53311e7392fa03ac13949f02a7274e
336830c3b4137eee9ddfd54f4d386d9e4ccbed4998150e866c3d682a3ca6752a
38714324346a7ff3851586c9fe9ce0ff92f9430d6410b6cd26a87e4916ed4df6
3d82c48e3c50432300abe64a2be4c4d41722f27c0232b9dc421c2dd96f0a6ac8
3dba309cd31ae0b0d1cf3015a9c521bda8b31c0737b2e3a138683bd6d9ad56af
3e401c821b40e60ef7e91167f327fb79ac2bf2d7175006fedf769b149df84952
3fd860c392057c6e77bc2c14fa89e43419fe45061e74c97d27dd6d0a4ded6366
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
5424f1516b65c8aa31e4170eb1e30cb24d560084b0c048ab8767178df8edc924
57e87fb432e83ca5030c8d0ef2dd64e7cebbfad524a80e871941cab0289d3a8f
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
64aa00ca26c4b0082f20f29a2f5bf3d8ccb26627094d732b999a71ea86b48ad3
68e7a7d7392440f920681608fa74a2e058305923ca3d7851af8f21ffad6c139d
6aa83daa4ac12f75e647294fba99dc7b58bf709e30c6dd0c71a6b61510bbe027
6afa33644afcb24a9711ccdf27819fee386a5e6d3b46de1b67c98019f1505697
6b5091daf7492f26f83047eb09c4488df7daf7dd2d78749c4a4101b548418a65
6b7eb701f56345896606ec0a980cc88e20c48fa5bbeb2ad72a5d8bac79ff0947
6d9e79e783f480c4503e7d687cbb6357b5dc67071df24aeb0ed2706790eab090
7287ad529be0cb031be42040bbc403a3fcd2715f00d4b42c5febe67b273a1b18
77f0e4022fb07ba2ad73bd1b15cc5c2c8629f0fa0a1bb63751a3d694455aa5a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ad263ba0201a5ef92285849a4491d200bd08169d66f5476d71263313ac6a258
83fa63b6f8cfb46edfc05ecbc8cc8d6af42ed2ac5cfec349ebe63904a09d9b5b
89ccea8a80283691bf449ca41a634ad18008381f9bab028d3f6c0f8a0e204fd0
8b5de1798ac542940b751cf53e9f50d1e9cc745767d703c499f9be7c0030d7f8
8e798e257335236f4eead035b1c57c7298e5ed7c73c92564d6a63af07ae2283e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94e514c9f7aeaa59a865a291f661b99d4303551edcbaa84c875855d3062dfbfa
9639c3576673a82ebab2c82133070fb824a96d2874a95ff22dc21d0e544974e8
9a9bd88e1ef6eac2a4566c1523697a972965a1e6c1196f5369edbb327e2a7f75
9dca99592fa5e098ce0c92901af0e840a52a7b035ad6a8e39ca96439c411d995
a3b331ac9340fc0754eb9550991df6eb52d11b2c140da9321a73041ccc22e8f8
a88aa330219b5ffa5558da233d4c677a3a25d72d57f079c582664873bec9bd59
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b2679be2e46c73f46ec0b922ee6515b269f98b024aea094c949db30d0b64f556
b2a42570e67080a9014519f95af4a14acba8a4e76af5cdd4f92b6a80f8858474
b49e475989fa3f0d6b256b343b4c4bb2ca68e198d02ae37909999cabb7d908ee
b4bbd02d8006d7292cac763a4169e18b284a93373fe2abc8f358bf0161239a4c
ba1db9c9a9952de506e32957b353e5bd01640f3da7c1784b2caa89dcba7fec15
ba852a9e4eaeb19f02c25dde82c45a5bdb6aafece5b4aec3cae9366518f26228
bc67d54b7b71c6880aaf6cb4f08369da60be6422971cee63310862a10cca7bca
c1628edc59e249569b50a6c72cb8a3c87f76b7503e1594c34277e16940f1b108
c29af43dd03c542208589a473a6864f59ba5d22561bc12a0a8e60ad95b8795c0
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cb659e45be5c11cca35870a82e6c4625b46a0ec88b60dae199a11f2add01634b
cbed82ace16795b5d5a8f5215192dc2c980119919c46adcde782a57d553321c9
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc818ebf3909cad7a540d5be03fb238274d8e455574359506dbf37f8b2e44204
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
dfce1658736769b22b0578657e2f0edd7d4efa6461a2dd5c9e38db3a2d94242f
e25892f4e7fdeb87a23eced92abda18a9574ad5a8ad449036d05bc99dabcc7d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b86e2bb281c9ade6f1e4164ee9c0051b88254747a3dc178db2fc7bc857eefa
f5ad20d181760e45808afe23b6be0790fa9f359ec6efda10fa020027ff925bec
f60b979aec16d2c962d6e2abbc4cefc7ea27861f89c22a050729dc57484bf31b
fc6f17fbc05806a04273ed402d857a167ec36b9bc279cd319f9c0b3348eb7fec
fee9c6f41d975948ec2212d1f0123a6b6c3a3de1021690108a8d09b2f99de3a4

www.nexium.us.org Open in urlscan Pro 2606:4700:3035::ac43:d29c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

92 %HTTPS

64 %IPv6

42 Domains

45 Subdomains

37 IPs

5 Countries

18040 kBTransfer

18643 kBSize

0 Cookies

80 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nexium.us.org Open in urlscan Pro
2606:4700:3035::ac43:d29c Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

92 %
HTTPS

64 %
IPv6

42
Domains

45
Subdomains

37
IPs

5
Countries

18040 kB
Transfer

18643 kB
Size

0
Cookies

77 HTTP transactions
0 data transactions