URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administ...
Submission: On April 16 via manual from CA

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 65 HTTP transactions. The main IP is 63.250.38.7, located in United States and belongs to NAMECHEAP-NET, US. The main domain is coffeerelax.co.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 20th 2021. Valid for: 8 months.
This is the only time coffeerelax.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 63.250.38.7 22612 (NAMECHEAP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 192.243.59.12 39572 (ADVANCEDH...)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 192.243.59.13 39572 (ADVANCEDH...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.43.182.241 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 44.239.14.60 16509 (AMAZON-02)
3 99.84.155.189 16509 (AMAZON-02)
9 2600:9000:20e... 16509 (AMAZON-02)
65 14
Domain Requested by
24 coffeerelax.co coffeerelax.co
9 d1qbpjz0y3k3qp.cloudfront.net
5 fonts.gstatic.com fonts.googleapis.com
3 d32oduq093hvot.cloudfront.net api.content-ad.net
coffeerelax.co
3 api.content-ad.net api.content.ad
3 www.gatetodisplaycontent.com coffeerelax.co
3 pl16062275.highrevenuecpm.com coffeerelax.co
3 pl16061235.highrevenuecpm.com coffeerelax.co
2 www.google-analytics.com www.googletagmanager.com
api.content-ad.net
2 secure.gravatar.com coffeerelax.co
2 pl16061228.highrevenuecpm.com coffeerelax.co
1 pixel.wp.com coffeerelax.co
1 stats.wp.com coffeerelax.co
1 api.content.ad coffeerelax.co
1 www.thegatewaypundit.com coffeerelax.co
1 www.googletagmanager.com coffeerelax.co
1 fonts.googleapis.com coffeerelax.co
65 17
Subject Issuer Validity Valid
www.coffeerelax.co
Sectigo RSA Domain Validation Secure Server CA
2021-01-20 -
2021-09-05
8 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
highrevenuecpm.com
R3
2021-03-13 -
2021-06-11
3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-17 -
2021-07-17
a year crt.sh
*.content.ad
Amazon
2020-07-16 -
2021-08-16
a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
gatetodisplaycontent.com
R3
2021-02-17 -
2021-05-18
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Frame ID: 3F5CDBA09E0E0F9C055C8DF168672ECC
Requests: 65 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

65
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

17
Subdomains

14
IPs

3
Countries

735 kB
Transfer

1278 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
39 KB
10 KB
Document
General
Full URL
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
8db80ccb3ded29cc2484ee3c01d5e0060084d016a25e9b3517d70c6e98c46093

Request headers

:method
GET
:authority
coffeerelax.co
:scheme
https
:path
/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
server
Apache
cache-control
no-cache
content-encoding
gzip
wpo-cache-status
cached
last-modified
Fri, 16 Apr 2021 05:22:29 GMT
content-type
text/html; charset=UTF-8
style.min.css
coffeerelax.co/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://coffeerelax.co/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:04:40 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8685
theme.min.css
coffeerelax.co/wp-includes/css/dist/block-library/
3 KB
891 B
Stylesheet
General
Full URL
https://coffeerelax.co/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Request headers

:path
/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 23:22:32 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
748
wpautoterms.css
coffeerelax.co/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/
547 B
338 B
Stylesheet
General
Full URL
https://coffeerelax.co/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

:path
/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Sun, 20 Dec 2020 20:23:42 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
195
font-awesome.min.css
coffeerelax.co/wp-content/themes/bam/assets/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://coffeerelax.co/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path
/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 23:22:17 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7053
style.css
coffeerelax.co/wp-content/themes/bam/
52 KB
11 KB
Stylesheet
General
Full URL
https://coffeerelax.co/wp-content/themes/bam/style.css?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
0edfa778e7f56e14a7740b56245f9b57d2c9cebbcbc61be2187d23b68f062372

Request headers

:path
/wp-content/themes/bam/style.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 23:22:17 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
10638
css
fonts.googleapis.com/
39 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac0b0aac509f80123428ddecca386d4e69c8e6c9be60e3843fadf5633a81603c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 10:46:07 GMT
server
ESF
date
Fri, 16 Apr 2021 11:00:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Apr 2021 11:00:38 GMT
jetpack.css
coffeerelax.co/wp-content/plugins/jetpack/css/
75 KB
14 KB
Stylesheet
General
Full URL
https://coffeerelax.co/wp-content/plugins/jetpack/css/jetpack.css?ver=9.3.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b

Request headers

:path
/wp-content/plugins/jetpack/css/jetpack.css?ver=9.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Mon, 18 Jan 2021 22:37:45 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
13701
jquery.min.js
coffeerelax.co/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://coffeerelax.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 02:03:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30916
jquery-migrate.min.js
coffeerelax.co/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://coffeerelax.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 20:01:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4169
wp-polyfill.min.js
coffeerelax.co/wp-includes/js/dist/vendor/
97 KB
34 KB
Script
General
Full URL
https://coffeerelax.co/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path
/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 21:20:30 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
34241
dom-ready.min.js
coffeerelax.co/wp-includes/js/dist/
1 KB
753 B
Script
General
Full URL
https://coffeerelax.co/wp-includes/js/dist/dom-ready.min.js?ver=eb19f7980f0268577acb5c2da5457de3
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
e73356d7f272c8b109ef3b61568f5502c6f6b7fb698d4446364c9a02965f985b

Request headers

:path
/wp-includes/js/dist/dom-ready.min.js?ver=eb19f7980f0268577acb5c2da5457de3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 23:22:32 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
596
base.js
coffeerelax.co/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/
481 B
382 B
Script
General
Full URL
https://coffeerelax.co/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.4
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
76aba5d4e5db7eb218d6a1378af48dcc252d19e159d7340681b8b723b32d403a

Request headers

:path
/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:38 GMT
content-encoding
gzip
last-modified
Sun, 20 Dec 2020 20:23:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
225
js
www.googletagmanager.com/gtag/
124 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y54JG9FF0Y
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87a06d3b851530777e1b7b61c4a9bbcb91de4895fa5c0f03bdf797979675dbf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48581
x-xss-protection
0
expires
Fri, 16 Apr 2021 11:00:39 GMT
76e8d42d9848f4f7be49d7f84dd57320.js
pl16061228.highrevenuecpm.com/76/e8/d4/
0
0
Script
General
Full URL
https://pl16061228.highrevenuecpm.com/76/e8/d4/76e8d42d9848f4f7be49d7f84dd57320.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:39 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
2ffa191bfdd19a56094ccb5791655682
secure.gravatar.com/avatar/
1 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/2ffa191bfdd19a56094ccb5791655682?s=96&d=mm&r=g
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Fri, 16 Apr 2021 11:00:39 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="2ffa191bfdd19a56094ccb5791655682.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/2ffa191bfdd19a56094ccb5791655682?s=96&d=mm&r=g>; rel="canonical"
content-length
1528
expires
Fri, 16 Apr 2021 11:05:39 GMT
f04eb1e07eb559a496d5056c21fd77fb.js
pl16061235.highrevenuecpm.com/f0/4e/b1/
0
0
Script
General
Full URL
https://pl16061235.highrevenuecpm.com/f0/4e/b1/f04eb1e07eb559a496d5056c21fd77fb.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:39 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
zom-call-dc-employees-trump.jpg
www.thegatewaypundit.com/wp-content/uploads/
42 KB
43 KB
Image
General
Full URL
https://www.thegatewaypundit.com/wp-content/uploads/zom-call-dc-employees-trump.jpg
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:455 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7ead041f60e84a627874609ac65b07ab3cdb11c6c9cbe37efd16293d1dfad6

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:40 GMT
cf-cache-status
MISS
last-modified
Sun, 17 Jan 2021 04:17:47 GMT
server
cloudflare
etag
"6003ba6b-a7e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
640ce941f83c4e5c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42978
cf-request-id
097bf01d3900004e5c4737a000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
invoke.js
pl16062275.highrevenuecpm.com/96a5037cf92b7b45ace51a292b98c264/
0
0
Script
General
Full URL
https://pl16062275.highrevenuecpm.com/96a5037cf92b7b45ace51a292b98c264/invoke.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:39 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
scripts.js
coffeerelax.co/wp-content/themes/bam/assets/js/
245 B
334 B
Script
General
Full URL
https://coffeerelax.co/wp-content/themes/bam/assets/js/scripts.js?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
0ddfb593173627086091fedb2e8832c25077a02d0d5e21f1bb975a62a7b6c31e

Request headers

:path
/wp-content/themes/bam/assets/js/scripts.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 23:22:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
177
main-navigation.js
coffeerelax.co/wp-content/themes/bam/assets/js/
4 KB
1 KB
Script
General
Full URL
https://coffeerelax.co/wp-content/themes/bam/assets/js/main-navigation.js?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
680ecd0e1f82aee8354f369c5be89d36ab56ff11a825117e5a6874d6bd415524

Request headers

:path
/wp-content/themes/bam/assets/js/main-navigation.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 23:22:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1176
skip-link-focus-fix.js
coffeerelax.co/wp-content/themes/bam/assets/js/
685 B
574 B
Script
General
Full URL
https://coffeerelax.co/wp-content/themes/bam/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

:path
/wp-content/themes/bam/assets/js/skip-link-focus-fix.js?ver=20151215
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 23:22:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
417
jquery.fitvids.js
coffeerelax.co/wp-content/themes/bam/assets/js/
3 KB
1 KB
Script
General
Full URL
https://coffeerelax.co/wp-content/themes/bam/assets/js/jquery.fitvids.js?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

:path
/wp-content/themes/bam/assets/js/jquery.fitvids.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 23:22:17 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1342
comment-reply.min.js
coffeerelax.co/wp-includes/js/
3 KB
1 KB
Script
General
Full URL
https://coffeerelax.co/wp-includes/js/comment-reply.min.js?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:04:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1346
widget2.aspx
api.content.ad/Scripts/
16 KB
4 KB
Script
General
Full URL
https://api.content.ad/Scripts/widget2.aspx?id=edc390c3-ccac-4c38-b26c-909cdc21372a&d=Y29mZmVlcmVsYXguY28%3D&wid=685311&ct=wordpress&cb=1618550549362&ver=1.3.7
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.182.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-182-241.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef09b0e531aba2a50710dd097f9d024baed8304d4d9ab76e4c0ea8eadc95ea73

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
content-type
text/javascript;charset=ISO-8859-1
vary
accept-encoding
content-language
en-US
wp-embed.min.js
coffeerelax.co/wp-includes/js/
1 KB
922 B
Script
General
Full URL
https://coffeerelax.co/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 23:20:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
765
e-202115.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202115.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 03 Apr 2022 23:33:44 GMT
wp-emoji-release.min.js
coffeerelax.co/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://coffeerelax.co/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 23:20:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4662
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coffeerelax.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
age
435421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coffeerelax.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
age
435421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coffeerelax.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
age
435421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
fontawesome-webfont.woff2
coffeerelax.co/wp-content/themes/bam/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://coffeerelax.co/wp-content/themes/bam/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes/bam/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://coffeerelax.co
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
coffeerelax.co
referer
https://coffeerelax.co/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://coffeerelax.co
Referer
https://coffeerelax.co/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
last-modified
Fri, 18 Dec 2020 23:22:17 GMT
server
Apache
accept-ranges
bytes
content-length
77160
content-type
font/woff2
76e8d42d9848f4f7be49d7f84dd57320.js
pl16061228.highrevenuecpm.com/76/e8/d4/
0
0
Script
General
Full URL
https://pl16061228.highrevenuecpm.com/76/e8/d4/76e8d42d9848f4f7be49d7f84dd57320.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:39 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
collect
www.google-analytics.com/g/
0
170 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y54JG9FF0Y&gtm=2oe472&_p=799702553&sr=1600x1200&ul=en-us&cid=471444413.1618570839&_s=1&dl=https%3A%2F%2Fcoffeerelax.co%2F2021%2F01%2F19%2Fleaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video%2F&dt=Leaked%20Zoom%20Call%20Shows%20US%20Federal%20Employees%20Conspiring%20to%20Sabotage%20the%20Trump%20Administration%20(VIDEO)%20-&sid=1618570839&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y54JG9FF0Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 11:00:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://coffeerelax.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
invoke.js
www.gatetodisplaycontent.com/3cce1466f71d29d84f8609acc3a152f7/
0
0
Script
General
Full URL
https://www.gatetodisplaycontent.com/3cce1466f71d29d84f8609acc3a152f7/invoke.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:39 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coffeerelax.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
age
435421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
zom-call-dc-employees-trump.jpg
coffeerelax.co/wp-content/uploads/2021/01/
38 KB
38 KB
Image
General
Full URL
https://coffeerelax.co/wp-content/uploads/2021/01/zom-call-dc-employees-trump.jpg
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
7c7731161122fdade6585da7b67bdb727b4036a3db6fdbdc1028109e732a1a84

Request headers

:path
/wp-content/uploads/2021/01/zom-call-dc-employees-trump.jpg
pragma
no-cache
cookie
_ga_Y54JG9FF0Y=GS1.1.1618570839.1.0.1618570839.0; _ga=GA1.1.471444413.1618570839
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:39 GMT
last-modified
Tue, 19 Jan 2021 00:29:11 GMT
server
Apache
accept-ranges
bytes
content-length
38630
content-type
image/jpeg
f04eb1e07eb559a496d5056c21fd77fb.js
pl16061235.highrevenuecpm.com/f0/4e/b1/
0
0
Script
General
Full URL
https://pl16061235.highrevenuecpm.com/f0/4e/b1/f04eb1e07eb559a496d5056c21fd77fb.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:39 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coffeerelax.co
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
age
435421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
invoke.js
www.gatetodisplaycontent.com/7245e53232022b2b1f03617c4b9daa53/
0
0
Script
General
Full URL
https://www.gatetodisplaycontent.com/7245e53232022b2b1f03617c4b9daa53/invoke.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:40 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
pl16062275.highrevenuecpm.com/96a5037cf92b7b45ace51a292b98c264/
0
0
Script
General
Full URL
https://pl16062275.highrevenuecpm.com/96a5037cf92b7b45ace51a292b98c264/invoke.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:40 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.gatetodisplaycontent.com/d2440c2a52df1a1aaaaf72b3509dfac3/
0
0
Script
General
Full URL
https://www.gatetodisplaycontent.com/d2440c2a52df1a1aaaaf72b3509dfac3/invoke.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:40 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
2ffa191bfdd19a56094ccb5791655682
secure.gravatar.com/avatar/
2 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/2ffa191bfdd19a56094ccb5791655682?s=100&d=mm&r=g
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6d0221e278f4cf2b0bb2dd2beb1542f7461c58e495f8bbfde9bfd72d6a3314b5

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Fri, 16 Apr 2021 11:00:40 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="2ffa191bfdd19a56094ccb5791655682.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/2ffa191bfdd19a56094ccb5791655682?s=100&d=mm&r=g>; rel="canonical"
content-length
1665
expires
Fri, 16 Apr 2021 11:05:40 GMT
download-445x265.jpg
coffeerelax.co/wp-content/uploads/2021/01/
27 KB
27 KB
Image
General
Full URL
https://coffeerelax.co/wp-content/uploads/2021/01/download-445x265.jpg
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
d2c17c534c6dd97868f28b47bd249fc88ef8d5c3b55c2b99aaccda02271c77a6

Request headers

:path
/wp-content/uploads/2021/01/download-445x265.jpg
pragma
no-cache
cookie
_ga_Y54JG9FF0Y=GS1.1.1618570839.1.0.1618570839.0; _ga=GA1.1.471444413.1618570839
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:40 GMT
last-modified
Tue, 26 Jan 2021 17:20:24 GMT
server
Apache
accept-ranges
bytes
content-length
27593
content-type
image/jpeg
11-768x431.jpg
coffeerelax.co/wp-content/uploads/2021/01/
31 KB
31 KB
Image
General
Full URL
https://coffeerelax.co/wp-content/uploads/2021/01/11-768x431.jpg
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
6b71c86ec338bd040d1bb376b1d58ba7ccbff83197131afe429df019dc14b2d4

Request headers

:path
/wp-content/uploads/2021/01/11-768x431.jpg
pragma
no-cache
cookie
_ga_Y54JG9FF0Y=GS1.1.1618570839.1.0.1618570839.0; _ga=GA1.1.471444413.1618570839
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:40 GMT
last-modified
Thu, 21 Jan 2021 16:20:24 GMT
server
Apache
accept-ranges
bytes
content-length
31971
content-type
image/jpeg
White-House-1-768x576.jpg
coffeerelax.co/wp-content/uploads/2021/01/
70 KB
70 KB
Image
General
Full URL
https://coffeerelax.co/wp-content/uploads/2021/01/White-House-1-768x576.jpg
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.7 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium90-2.web-hosting.com
Software
Apache /
Resource Hash
cc9688732f965e2ef823eae3770d7d5987c07b7f3584f8c8715ece1e018a9668

Request headers

:path
/wp-content/uploads/2021/01/White-House-1-768x576.jpg
pragma
no-cache
cookie
_ga_Y54JG9FF0Y=GS1.1.1618570839.1.0.1618570839.0; _ga=GA1.1.471444413.1618570839
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
coffeerelax.co
referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:40 GMT
last-modified
Tue, 19 Jan 2021 01:43:10 GMT
server
Apache
accept-ranges
bytes
content-length
71242
content-type
image/jpeg
f04eb1e07eb559a496d5056c21fd77fb.js
pl16061235.highrevenuecpm.com/f0/4e/b1/
0
0
Script
General
Full URL
https://pl16061235.highrevenuecpm.com/f0/4e/b1/f04eb1e07eb559a496d5056c21fd77fb.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:40 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
pl16062275.highrevenuecpm.com/96a5037cf92b7b45ace51a292b98c264/
0
0
Script
General
Full URL
https://pl16062275.highrevenuecpm.com/96a5037cf92b7b45ace51a292b98c264/invoke.js
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 11:00:40 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GetWidget.aspx
api.content-ad.net/
31 KB
7 KB
Script
General
Full URL
https://api.content-ad.net/GetWidget.aspx?id=edc390c3-ccac-4c38-b26c-909cdc21372a&d=Y29mZmVlcmVsYXguY28=&wid=685311&ct=wordpress&cb=1618550549362&ver=1.3.7&lazyLoad=false&server=api.content-ad.net&title=Leaked%2520Zoom%2520Call%2520Shows%2520US%2520Federal%2520Employees%2520Conspiring%2520to%2520Sabotage%2520the%2520Trump%2520Administration%2520%2528VIDEO%2529%2520-&url=https%3A%2F%2Fcoffeerelax.co%2F2021%2F01%2F19%2Fleaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video%2F&ik=2021041604_6690c187b48059d6e04e84f921e6c966&ikb=6690c187b48059d6e04e84f921e6c966&ls=ip-172-18-1-246.ec2.internal
Requested by
Host: api.content.ad
URL: https://api.content.ad/Scripts/widget2.aspx?id=edc390c3-ccac-4c38-b26c-909cdc21372a&d=Y29mZmVlcmVsYXguY28%3D&wid=685311&ct=wordpress&cb=1618550549362&ver=1.3.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.14.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-14-60.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
192f7438bf74c7954aa66518e5c75692c0abd4b628856a14e2903599fcf3e30b

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 11:00:40 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
97 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.3.1&blog=169992252&post=55&tz=0&srv=coffeerelax.co&host=coffeerelax.co&ref=&fcp=1492&rand=0.7754608065196527
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:40 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: api.content-ad.net
URL: https://api.content-ad.net/GetWidget.aspx?id=edc390c3-ccac-4c38-b26c-909cdc21372a&d=Y29mZmVlcmVsYXguY28=&wid=685311&ct=wordpress&cb=1618550549362&ver=1.3.7&lazyLoad=false&server=api.content-ad.net&title=Leaked%2520Zoom%2520Call%2520Shows%2520US%2520Federal%2520Employees%2520Conspiring%2520to%2520Sabotage%2520the%2520Trump%2520Administration%2520%2528VIDEO%2529%2520-&url=https%3A%2F%2Fcoffeerelax.co%2F2021%2F01%2F19%2Fleaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video%2F&ik=2021041604_6690c187b48059d6e04e84f921e6c966&ikb=6690c187b48059d6e04e84f921e6c966&ls=ip-172-18-1-246.ec2.internal
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
447
date
Fri, 16 Apr 2021 10:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Fri, 16 Apr 2021 12:53:14 GMT
lib.min.js
d32oduq093hvot.cloudfront.net/templates/library/
27 KB
7 KB
Script
General
Full URL
https://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1618570841058
Requested by
Host: api.content-ad.net
URL: https://api.content-ad.net/GetWidget.aspx?id=edc390c3-ccac-4c38-b26c-909cdc21372a&d=Y29mZmVlcmVsYXguY28=&wid=685311&ct=wordpress&cb=1618550549362&ver=1.3.7&lazyLoad=false&server=api.content-ad.net&title=Leaked%2520Zoom%2520Call%2520Shows%2520US%2520Federal%2520Employees%2520Conspiring%2520to%2520Sabotage%2520the%2520Trump%2520Administration%2520%2528VIDEO%2529%2520-&url=https%3A%2F%2Fcoffeerelax.co%2F2021%2F01%2F19%2Fleaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video%2F&ik=2021041604_6690c187b48059d6e04e84f921e6c966&ikb=6690c187b48059d6e04e84f921e6c966&ls=ip-172-18-1-246.ec2.internal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-189.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1cf56268a763e90b06b69655ae7bf4d5939da22c8c267c90379498477443dc4

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
x1OZhN4QbHveG_FdN47zFV6jyc_iI4tz
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 23 Sep 2020 21:11:38 GMT
Server
AmazonS3
Age
77656
ETag
W/"a0f63efc2ab026ddcd8b5c94a5dd96d8"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Thu, 15 Apr 2021 13:26:26 GMT
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
xQD7_7HAIwPtku-tcvMyef0W8EGGftLdz_FPONZOUg-2iB8H_oJelw==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwL2ZmOThlMjUzLTg0ZDItNGMyNy05MjEwLTYxNGQ1YTVjYjg1Ny5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
21 KB
22 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwL2ZmOThlMjUzLTg0ZDItNGMyNy05MjEwLTYxNGQ1YTVjYjg1Ny5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b685a04331ab7d1c292be919cd2f11a78c601402139dfa7bc1383d602c3aa76e

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:01 GMT
Via
1.1 3b9e149724e93026c0277288bbe3906a.cloudfront.net (CloudFront)
Age
3280
x-amzn-RequestId
5f46fc15-1141-4203-af0d-2d34401479ae
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wtfGKavHcFZcg=
Content-Length
21497
X-Amzn-Trace-Id
Root=1-60796189-6fa42d09716620ff5056cfec;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
34ANl7-iLbpCM_BUnUIUJhpLxPTRYb8yvZzpZgBbx_o6JkU0PIclSQ==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwL2I0NTBkOWY4LTNhNDQtNGM3OC05Y2EzLWJkYmMzMDRhMTMzZC5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
13 KB
13 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwL2I0NTBkOWY4LTNhNDQtNGM3OC05Y2EzLWJkYmMzMDRhMTMzZC5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6ee8776bc0452f56da3a961204ae72519fe173585a4ad31c85731cd9be852d87

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:14 GMT
Via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
Age
3267
x-amzn-RequestId
98e83f4d-3c7a-4959-bd45-b45b5c053d51
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wvkH3jPHcFeUg=
Content-Length
13084
X-Amzn-Trace-Id
Root=1-60796196-1394e660580bb5514313db16;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
ed6hC1fxajWBVP8VJqZ3trRg1MxbhmsHeeOGq50rp1NCLHaadgTE3w==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzc3Nzc1MWU1LTg5MzAtNGQwMi04ZGMyLTE5ZDlkMzU3MTJiYS5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
15 KB
15 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzc3Nzc1MWU1LTg5MzAtNGQwMi04ZGMyLTE5ZDlkMzU3MTJiYS5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2c011dcc0301a3a502d366d41176ccfb3850d12b4a272eec48f3bcdb66bd7247

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:03 GMT
Via
1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
Age
3277
x-amzn-RequestId
2dfedb1b-a8b5-4e1d-b4ea-a9b8cad0fc58
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wt4G-dPHcFvQA=
Content-Length
14996
X-Amzn-Trace-Id
Root=1-6079618b-7c70c78e6eb93ddc692e44b8;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
eyCu7YP7OOkUcKC6r4aiYBK3vsricUNVNOM3DtSVB6mZkjGzNUxDuA==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzc2ODI2NGFmLWZmMGItNDBlYS04ZGIxLTIwMjI4OTA5NTZiZS5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
15 KB
16 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzc2ODI2NGFmLWZmMGItNDBlYS04ZGIxLTIwMjI4OTA5NTZiZS5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bdb63d8453a3c7882439a554a207edecc60e0ef9f9c8a3416cf551aedc3146d9

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:03 GMT
Via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
Age
3278
x-amzn-RequestId
08ff8232-4c52-4f3e-8b9a-270a4b52880f
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wtvFUAPHcF2Lw=
Content-Length
15533
X-Amzn-Trace-Id
Root=1-6079618b-684ac57f131b3fde47071e63;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
bvkfQB7A9Vgoj_1E8sKhz2XCGPWA3JpmDEWa72vo4DFSonJnFZZbaA==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzlhZDRhNjNiLWE3ZTItNGUyMy04Y2Y5LTkzZjdhMWQ5ODMyZC5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
12 KB
13 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzlhZDRhNjNiLWE3ZTItNGUyMy04Y2Y5LTkzZjdhMWQ5ODMyZC5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0b4d3a3f5718ee17642034aaac5b8e9bac420edf3e4516560147d31213b8fe1e

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:09 GMT
Via
1.1 aec69d2871c7aeb74988020f07480fa4.cloudfront.net (CloudFront)
Age
3272
x-amzn-RequestId
cd0bbd86-b277-46e9-9d07-0510a502fa34
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wusGpqPHcFe9A=
Content-Length
12447
X-Amzn-Trace-Id
Root=1-60796191-26ab4d5a6d09b7732b2a81a6;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
YJDEz-dVE2jUMdmAIIKTisl4YwkMJrwv1FkGehibEXSPFe6Z6YuP3Q==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzBjM2M1YWZjLTVjMDAtNGU2Yy05Mzc2LTI4MjVhMTIwMzhjMy5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
15 KB
15 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzBjM2M1YWZjLTVjMDAtNGU2Yy05Mzc2LTI4MjVhMTIwMzhjMy5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9bc6096fa05ae47c6d91d32a2e19289c0e4c8a23ae801fcd15098f4fd470fc7f

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:04 GMT
Via
1.1 aec69d2871c7aeb74988020f07480fa4.cloudfront.net (CloudFront)
Age
3277
x-amzn-RequestId
4c9e4df3-2cda-4740-93b7-0d42ad7d5e9c
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wuBFc0PHcF_3g=
Content-Length
14950
X-Amzn-Trace-Id
Root=1-6079618c-0e934d0a6f215a8c353f5768;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
GL-k-chWOSc6Hhfxu7-cd7wONe6JZ1QnHf0kmtAeUHg90gS8UoFARA==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzRhYTg0NWJhLTI5MWUtNDMxOS04NGFhLWQ1MjE1M2QwYTMzOS5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
23 KB
24 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzRhYTg0NWJhLTI5MWUtNDMxOS04NGFhLWQ1MjE1M2QwYTMzOS5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
90b5e16ca4cb994009e0912e3e5207fe76024d2415166b5c5f5367474a4736fe

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:01 GMT
Via
1.1 a3dc4a768d48247641f8ad7f08326d38.cloudfront.net (CloudFront)
Age
3280
x-amzn-RequestId
63836797-0304-47f9-9093-df5aef267708
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wtdEe2PHcF6Qg=
Content-Length
23837
X-Amzn-Trace-Id
Root=1-60796189-44cb7520729cf136646727f8;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
4T7S2hAUUtfA9du8KWJimAiEpGrtPAKYwqmlJ8JHNtCVsiAX35l1pg==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwL2JkMGIyZDFjLTQyOTEtNDU5Ny05MzJmLWNjNDU0MDg2ZTQyZi5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
9 KB
10 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwL2JkMGIyZDFjLTQyOTEtNDU5Ny05MzJmLWNjNDU0MDg2ZTQyZi5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8dc0bb40c7ac9bf1304a5ca0062a5979bca9d34a2f0f264187a2bdea036d4678

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:00 GMT
Via
1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
Age
3281
x-amzn-RequestId
f62d3ece-2912-4fca-aad8-813b3686eda4
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wtQGujPHcFxXA=
Content-Length
9327
X-Amzn-Trace-Id
Root=1-60796187-7e0264854a6cce366f6d366a;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
XDxZ8cjjPSltpFnFuhXhB2wpQ4S6LEgMnXu1YhBF4MVFcXv7nprzJg==
eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzE4ZDBiZDJkLTM5NmQtNGViZC1hN2M2LWFjMjlmZTgzYzg5OS5qcGVnIn0=
d1qbpjz0y3k3qp.cloudfront.net/
16 KB
16 KB
Image
General
Full URL
https://d1qbpjz0y3k3qp.cloudfront.net/eyJidWNrZXQiOiJjb250ZW50YWQtMyIsImtleSI6IjEzNDE1NC8zMDB4MjUwLzE4ZDBiZDJkLTM5NmQtNGViZC1hN2M2LWFjMjlmZTgzYzg5OS5qcGVnIn0=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ae00:11:33ae:bc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d592219288e2acbb330d196870ad95bb1746c376d02811d012b57c5b91afa2b6

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 10:06:05 GMT
Via
1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
Age
3276
x-amzn-RequestId
97524b80-8315-45f4-ae43-da259f430cf3
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-apigw-id
d3wuEHPEPHcFYIA=
Content-Length
16002
X-Amzn-Trace-Id
Root=1-6079618d-2783e479587e45c3481b3d60;Sampled=0
Access-Control-Allow-Methods
GET
Content-Type
image
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
TXL52-C1
Access-Control-Allow-Headers
Content-Type, Authorization
X-Amz-Cf-Id
swdLLxA68lVBCexN1SJ_oJ5t8uBnT9Dv-b4Kblew64iwBPCZM6baqg==
px.gif
api.content-ad.net/
42 B
240 B
Image
General
Full URL
https://api.content-ad.net/px.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.14.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-14-60.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:41 GMT
content-encoding
gzip
vary
accept-encoding
content-type
image/gif
c_ad_logo.png
d32oduq093hvot.cloudfront.net/icons/
3 KB
4 KB
Image
General
Full URL
https://d32oduq093hvot.cloudfront.net/icons/c_ad_logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-189.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba31b1be413eed01b715f4638d22bfa6321d5d32d1b3b484ef5ad37e6aba69e5

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
Via
1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
Last-Modified
Fri, 08 Jul 2016 21:51:57 GMT
Server
AmazonS3
Age
81959
ETag
"f12843a46b53859feb8df76010acd492"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Thu, 15 Apr 2021 12:14:43 GMT
X-Amz-Cf-Pop
TXL52-C1
Accept-Ranges
bytes
Content-Length
3387
X-Amz-Cf-Id
Hd12xblLON2mLYjUg5dFFCsXE8uBgHdM4eH_P6A7kOHz2177u0x8Lg==
vw.gif
api.content-ad.net/px/
31 B
31 B
Image
General
Full URL
https://api.content-ad.net/px/vw.gif?s=ip-172-18-3-242.ec2.internal&ip=196.240.57.228&wid=685311&cb=1618570840936&c=DE&d=&ik=2021041604_6690c187b48059d6e04e84f921e6c966&haid=35171&hdid=332742&user=936e3bdf5727c0d779de91af7266bf3ee6975818381a7e926faa6a6009d8d4ce
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.14.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-14-60.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:00:41 GMT
server
awselb/2.0
content-length
31
content-type
text/plain; charset=utf-8
sponsoredlinks_play_sm.png
d32oduq093hvot.cloudfront.net/icons/
635 B
1 KB
Image
General
Full URL
https://d32oduq093hvot.cloudfront.net/icons/sponsoredlinks_play_sm.png
Requested by
Host: coffeerelax.co
URL: https://coffeerelax.co/2021/01/19/leaked-zoom-call-shows-us-federal-employees-conspiring-to-sabotage-the-trump-administration-video/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-189.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6942aede0ce38fc1e417f499a30e3e7e33601a0b0729dfe400ef7255d42dee0b

Request headers

Referer
https://coffeerelax.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
Via
1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
Last-Modified
Tue, 24 Sep 2019 22:04:13 GMT
Server
AmazonS3
Age
86180
ETag
"9cea76753f0fd3cdd83eeb77c84a0e94"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Thu, 15 Apr 2021 11:04:22 GMT
X-Amz-Cf-Pop
TXL52-C1
Accept-Ranges
bytes
Content-Length
635
X-Amz-Cf-Id
2Rl5b03BwfVX6ORYyhbhh1qVQGQ8JwnB8Z5uN3LmychOXZGhNSdCyQ==

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp function| wpAutoTermsDomReady function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| twemoji object| atOptions object| addComment object| widget685311 string| key undefined| touchEnabled undefined| isMobile undefined| userAgent undefined| iPhoneIndex undefined| iPadIndex undefined| isIPhone undefined| isAndroid undefined| isOtherMobile undefined| d undefined| isInternetExplorer undefined| oldOnMouseMove object| _stq function| st_go function| linktracker_init object| wpcom function| onYouTubeIframeAPIReady function| contentAd685311 function| initJQuery685311 function| familyFriendlyHandler string| GoogleAnalyticsObject function| ga_ca object| gaplugins object| gaData object| sponsoredLinks function| libInit object| libParams object| Modal_685311

3 Cookies

Domain/Path Name / Value
.coffeerelax.co/ Name: _gid
Value: GA1.2.277255562.1618570841
.coffeerelax.co/ Name: _ga
Value: GA1.2.471444413.1618570839
.coffeerelax.co/ Name: _ga_Y54JG9FF0Y
Value: GS1.1.1618570839.1.0.1618570839.0

3 Console Messages

Source Level URL
Text
console-api log URL: https://coffeerelax.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api info URL: https://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1618570841058(Line 1)
Message:
WID 685311: Add Widget 685311 to library
console-api info URL: https://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1618570841058(Line 1)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.content-ad.net
api.content.ad
coffeerelax.co
d1qbpjz0y3k3qp.cloudfront.net
d32oduq093hvot.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
pixel.wp.com
pl16061228.highrevenuecpm.com
pl16061235.highrevenuecpm.com
pl16062275.highrevenuecpm.com
secure.gravatar.com
stats.wp.com
www.gatetodisplaycontent.com
www.google-analytics.com
www.googletagmanager.com
www.thegatewaypundit.com
192.0.76.3
192.243.59.12
192.243.59.13
2600:9000:20e8:ae00:11:33ae:bc40:21
2606:4700:10::6816:455
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a04:fa87:fffe::c000:4902
44.239.14.60
52.43.182.241
63.250.38.7
99.84.155.189
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
0b4d3a3f5718ee17642034aaac5b8e9bac420edf3e4516560147d31213b8fe1e
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ddfb593173627086091fedb2e8832c25077a02d0d5e21f1bb975a62a7b6c31e
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0edfa778e7f56e14a7740b56245f9b57d2c9cebbcbc61be2187d23b68f062372
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
192f7438bf74c7954aa66518e5c75692c0abd4b628856a14e2903599fcf3e30b
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c011dcc0301a3a502d366d41176ccfb3850d12b4a272eec48f3bcdb66bd7247
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
680ecd0e1f82aee8354f369c5be89d36ab56ff11a825117e5a6874d6bd415524
6942aede0ce38fc1e417f499a30e3e7e33601a0b0729dfe400ef7255d42dee0b
6b71c86ec338bd040d1bb376b1d58ba7ccbff83197131afe429df019dc14b2d4
6d0221e278f4cf2b0bb2dd2beb1542f7461c58e495f8bbfde9bfd72d6a3314b5
6ee8776bc0452f56da3a961204ae72519fe173585a4ad31c85731cd9be852d87
76aba5d4e5db7eb218d6a1378af48dcc252d19e159d7340681b8b723b32d403a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7731161122fdade6585da7b67bdb727b4036a3db6fdbdc1028109e732a1a84
87a06d3b851530777e1b7b61c4a9bbcb91de4895fa5c0f03bdf797979675dbf9
8db80ccb3ded29cc2484ee3c01d5e0060084d016a25e9b3517d70c6e98c46093
8dc0bb40c7ac9bf1304a5ca0062a5979bca9d34a2f0f264187a2bdea036d4678
90b5e16ca4cb994009e0912e3e5207fe76024d2415166b5c5f5367474a4736fe
9bc6096fa05ae47c6d91d32a2e19289c0e4c8a23ae801fcd15098f4fd470fc7f
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ac0b0aac509f80123428ddecca386d4e69c8e6c9be60e3843fadf5633a81603c
ad7ead041f60e84a627874609ac65b07ab3cdb11c6c9cbe37efd16293d1dfad6
b685a04331ab7d1c292be919cd2f11a78c601402139dfa7bc1383d602c3aa76e
ba31b1be413eed01b715f4638d22bfa6321d5d32d1b3b484ef5ad37e6aba69e5
bdb63d8453a3c7882439a554a207edecc60e0ef9f9c8a3416cf551aedc3146d9
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc9688732f965e2ef823eae3770d7d5987c07b7f3584f8c8715ece1e018a9668
d2c17c534c6dd97868f28b47bd249fc88ef8d5c3b55c2b99aaccda02271c77a6
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d592219288e2acbb330d196870ad95bb1746c376d02811d012b57c5b91afa2b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73356d7f272c8b109ef3b61568f5502c6f6b7fb698d4446364c9a02965f985b
ef09b0e531aba2a50710dd097f9d024baed8304d4d9ab76e4c0ea8eadc95ea73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f1cf56268a763e90b06b69655ae7bf4d5939da22c8c267c90379498477443dc4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4