urlscan.io logo urlscan.io
SecurityTrails logo

www.buyivermectin.io Open in urlscan Pro
51.75.190.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ivermectin.pet/
Effective URL: https://www.buyivermectin.io/
Submission: On October 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 18 domains to perform 57 HTTP transactions. The main IP is 51.75.190.153, located in France and belongs to OVH, FR. The main domain is www.buyivermectin.io.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.
This is the only time www.buyivermectin.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.96.23.237 16509 (AMAZON-02)
1 51.75.190.153 16276 (OVH)
1 35.201.118.58 15169 (GOOGLE)
3 104.22.52.65 13335 (CLOUDFLAR...)
5 104.26.7.134 13335 (CLOUDFLAR...)
4 104.26.6.134 13335 (CLOUDFLAR...)
1 104.16.18.94 13335 (CLOUDFLAR...)
5 104.23.133.11 13335 (CLOUDFLAR...)
5 5 104.23.134.11 13335 (CLOUDFLAR...)
5 35.190.41.132 15169 (GOOGLE)
11 172.67.71.74 13335 (CLOUDFLAR...)
5 169.59.64.184 36351 (SOFTLAYER)
1 172.217.18.106 15169 (GOOGLE)
1 2.16.186.19 20940 (AKAMAI-ASN1)
1 185.60.216.15 32934 (FACEBOOK)
1 151.101.128.84 54113 (FASTLY)
1 13.107.42.14 8068 (MICROSOFT...)
2 151.139.128.11 20446 (HIGHWINDS3)
3 142.250.185.174 15169 (GOOGLE)
2 142.250.186.42 15169 (GOOGLE)
1 142.250.184.230 15169 (GOOGLE)
1 66.102.1.156 15169 (GOOGLE)
1 216.58.212.132 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
57 22
1    3.96.23.237 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-96-23-237.ca-central-1.compute.amazonaws.com
ivermectin.pet
1    51.75.190.153 (France)

ASN16276 (OVH, FR)
PTR: ip153.ip-51-75-190.eu
www.buyivermectin.io
1    35.201.118.58 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com
form.jotform.com
3    104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
5    104.26.7.134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn01.jotfor.ms
cdn03.jotfor.ms
4    104.26.6.134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn02.jotfor.ms
1    104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    104.23.133.11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.jotform.com
events.jotform.com
5    104.23.134.11 (United States)

ASN13335 (CLOUDFLARENET, US)
www.jotform.com
5    35.190.41.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com
files.jotform.com
11    172.67.71.74 (United States)

ASN13335 (CLOUDFLARENET, US)
widgets-cache.jotform.io
widgets.jotform.io
5    169.59.64.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.40.3ba9.ip4.static.sl-reverse.com
rumble.com
1    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
ajax.googleapis.com
1    2.16.186.19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
platform.linkedin.com
1    185.60.216.15 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-frx5.facebook.com
graph.facebook.com
1    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
api.pinterest.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
sp.rmbl.ws
3    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
2    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
imasdk.googleapis.com
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
s0.2mdn.net
1    66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net
stats.g.doubleclick.net
1    216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net
www.google.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.de
Domain Requested by
10 widgets.jotform.io www.buyivermectin.io
widgets.jotform.io
5 rumble.com widgets-cache.jotform.io
rumble.com
5 files.jotform.com www.buyivermectin.io
5 www.jotform.com 5 redirects
4 js.jotform.com form.jotform.com
widgets-cache.jotform.io
widgets.jotform.io
4 cdn02.jotfor.ms form.jotform.com
cdn02.jotfor.ms
3 www.google-analytics.com rumble.com
www.google-analytics.com
3 cdn01.jotfor.ms form.jotform.com
2 imasdk.googleapis.com rumble.com
imasdk.googleapis.com
2 sp.rmbl.ws rumble.com
2 cdn03.jotfor.ms form.jotform.com
2 www.statcounter.com www.buyivermectin.io
www.statcounter.com
1 www.google.de rumble.com
1 www.google.com rumble.com
1 events.jotform.com www.buyivermectin.io
1 stats.g.doubleclick.net www.google-analytics.com
1 s0.2mdn.net imasdk.googleapis.com
1 www.linkedin.com ajax.googleapis.com
1 api.pinterest.com ajax.googleapis.com
1 graph.facebook.com ajax.googleapis.com
1 platform.linkedin.com widgets.jotform.io
1 ajax.googleapis.com widgets.jotform.io
1 widgets-cache.jotform.io www.buyivermectin.io
1 c.statcounter.com www.statcounter.com
1 cdnjs.cloudflare.com form.jotform.com
1 form.jotform.com www.buyivermectin.io
1 www.buyivermectin.io
1 ivermectin.pet 1 redirects
57 28

This site contains no links.

Subject Issuer Validity Valid
buyivermectin.io
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
*.jotform.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-28 -
2022-06-28		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
*.rumble.com
DigiCert SHA2 Secure Server CA		 2020-10-29 -
2021-11-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-07-03 -
2022-07-08		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-07-18 -
2022-01-18		 6 months crt.sh
sp.rmbl.ws
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.buyivermectin.io/
Frame ID: 7D41566D59F559BED08033718C6A64B9
Requests: 5 HTTP requests in this frame

Frame: https://cdn01.jotfor.ms/static/formCss.css?3.3.28627
Frame ID: 4C87070158384E87A2DE7F367271D2F0
Requests: 18 HTTP requests in this frame

Frame: https://widgets-cache.jotform.io/212635437266256/232
Frame ID: CB2969BD7597CC63888D67DC71D4D9E7
Requests: 2 HTTP requests in this frame

Frame: https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
Frame ID: 145EF566B4260515FD4D665EE1509594
Requests: 16 HTTP requests in this frame

Frame: https://rumble.com/embed/vkmp2k/?pub=4
Frame ID: 008CA2BC4FD98BCB454A939EF8870E50
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 2BA13637541C36B379CFD26054E5A82F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buy Ivermectin Online - BuyIvermectin.io

Page URL History Show full URLs

  1. http://ivermectin.pet/ HTTP 301
    https://www.buyivermectin.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

100 %
HTTPS

0 %
IPv6

18
Domains

28
Subdomains

22
IPs

4
Countries

1432 kB
Transfer

3734 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ivermectin.pet/ HTTP 301
    https://www.buyivermectin.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.jotform.com/uploads/Reum/form_files/bi.614ce23d993ab9.15815828.png HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/bi.614ce23d993ab9.15815828.png
Request Chain 13
  • https://www.jotform.com/uploads/Reum/form_files/download%20(6).616f66c3a15d56.75507041.jfif HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/download%20(6).616f66c3a15d56.75507041.jfif
Request Chain 14
  • https://www.jotform.com/uploads/Reum/form_files/co.615fcfdd0c6cc7.83435833.png HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/co.615fcfdd0c6cc7.83435833.png
Request Chain 15
  • https://www.jotform.com/uploads/Reum/form_files/newlabel.6170516621b289.61668523.png HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/newlabel.6170516621b289.61668523.png
Request Chain 16
  • https://www.jotform.com/uploads/Reum/form_files/download%20(3).6171914f023bc0.28821319.png HTTP 302
  • https://files.jotform.com/jufs/Reum/form_files/download%20(3).6171914f023bc0.28821319.png

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.buyivermectin.io/
Redirect Chain
  • http://ivermectin.pet/
  • https://www.buyivermectin.io/
934 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.75.190.153 , France, ASN16276 (OVH, FR),
Reverse DNS
ip153.ip-51-75-190.eu
Software
nginx / PleskLin
Resource Hash
d3cb77739776b54e145c35b5595ed8eb8ff9793b496e3be88edeef42b0527d5a

Request headers

:method
GET
:authority
www.buyivermectin.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 21 Oct 2021 18:21:50 GMT
content-type
text/html
x-accel-version
0.01
last-modified
Fri, 24 Sep 2021 20:16:18 GMT
etag
W/"3a6-5ccc36b8bd15a"
x-powered-by
PleskLin
content-encoding
br

Redirect headers

Server
nginx
Date
Thu, 21 Oct 2021 18:21:50 GMT
Content-Type
text/html; charset=utf-8
Content-Length
89
Connection
keep-alive
X-date
2021-10-15T16:39:30+00:00
Expires
Fri, 22 Oct 2021 16:39:30 +0000
Cache-Control
public, max-age=604800
Location
https://www.buyivermectin.io
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-Cached
HIT
212635437266256
form.jotform.com/jsform/ 		78 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.jotform.com/jsform/212635437266256
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
CacheX v2.1 /
Resource Hash
a18cd04e000c4cc9ed14457b188e2fdca725f0febacd52a5a5113375654b1301

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:53 GMT
content-encoding
gzip
cache-hit
0
server
CacheX v2.1
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:01 GMT
counter.js
www.statcounter.com/counter/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Oct 2021 11:08:17 GMT
server
cloudflare
age
25422
etag
W/"61656ca1-9cdd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6a1c8206d9fafb5c-DUS
expires
Thu, 21 Oct 2021 23:18:08 GMT
formCss.css
cdn01.jotfor.ms/static/ Frame 4C87 		66 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/static/formCss.css?3.3.28627
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984931326ae3d3bc9c29791ce5b9d53f9dfb75a227903b8f4c406642471a66f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a1c821c2e6b06cd-LHR
date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Thu, 21 Oct 2021 16:46:07 GMT
server
cloudflare
etag
W/"6171994f-10767"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDFASgQ3PSlrl6PB6D%2BNw84LCEFoQU2aZ5kx8xMEg%2F3HlxeK3%2BDBtK7Ha0yt20rJknTue08CBjVPJOg31xtevuitHC%2Bw0vY5PMAF5Kk%2FUKKqynWEd%2FkfhcfkFC5NXiRi3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-cache, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 01 Jan 1970 00:00:01 GMT
nova.css
cdn02.jotfor.ms/css/styles/ Frame 4C87 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.28627
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c3f597b3248a21fcfc4e20c520b20e2ae03c827bf5d15392abefa44cfb982f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a1c821c3d5ff3ff-LHR
date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Wed, 07 Jul 2021 07:55:32 GMT
server
cloudflare
etag
W/"60e55df4-7dca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5smekXRxH28ycRyAJfAkDIUM%2BPfE6q%2BPh%2BaWF8mCfjnpUq6jCaAIun0mxNIdPi6Pk%2BjhJi6%2F26PI59HTM1gYCe8v2S2H4uY8IfXbORrVLZm98eyjRhSS0QvUpWJCbSIsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 31 Dec 2037 23:55:55 GMT
566a91c2977cdfcd478b4567.css
cdn03.jotfor.ms/themes/CSS/ Frame 4C87 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?themeRevisionID=5f6c4c83346ec05354558fe8
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding
br
pragma
no-cache
last-modified
Thu, 24 Sep 2020 07:36:35 GMT
server
cloudflare
etag
W/"cbc5f2f3554f28da655f17836110d89a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xUgp20DjFMma%2BfRe9WdoIURNv7pUtTThCAe6%2BTL8FwL35dHOc%2F9fMAZ%2BtWilxR460Z4VrCCItcwtbv0pflm%2F%2B7I1k50U7YKC2D1aS1BTgAWJWsL4wNlnKxnWoizCnXTYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6a1c821c2a1840a7-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
payment_feature.css
cdn01.jotfor.ms/css/styles/payment/ Frame 4C87 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/css/styles/payment/payment_feature.css?3.3.28627
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbfe016bc82f68a5d7c0646201c46ee424475bb679608f99a9b38c336b4520d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a1c821c2e6e06cd-LHR
date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Tue, 06 Jul 2021 12:40:16 GMT
server
cloudflare
etag
W/"60e44f30-91a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTNfgGIh%2B%2BBPW3EQa0fo4HhcRR9FSDrxWnwvwHXawYo0%2FK0XLJX7khDnVB6zAPa6iP%2BiQi4BIr%2BK3JFtO%2BqLwDOw2FDnjEeVTh%2Bj%2BsHC%2Ft3%2B4jfqgwtFI624F42P%2BJrfng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 31 Dec 2037 23:55:55 GMT
form-submit-button-simple_red.css
cdn02.jotfor.ms/css/styles/buttons/ Frame 4C87 		776 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/css/styles/buttons/form-submit-button-simple_red.css?3.3.28627
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c576e1c1009524f63f23fbd1e7ea25c66d7979584b1d14b3958a506d6430a4e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a1c821c3d62f3ff-LHR
date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Thu, 21 May 2020 11:10:34 GMT
server
cloudflare
etag
W/"5ec661aa-308"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ1kujkJ%2B9hv91k%2BPdjlwa31tmiZwzzWlKS6Fcfe569teCGoBLnBSjxp%2BwiHObyavhbVJcNuifyywAsrvrCx1AqVr4xU1Ub8jHZ2lvm5NAXM5YR%2FEnIl%2FpKa%2Fv70NuzdwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000, public
content-encoding
br
expires
Thu, 31 Dec 2037 23:55:55 GMT
prototype.forms.js
cdn03.jotfor.ms/static/ Frame 4C87 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn03.jotfor.ms/static/prototype.forms.js
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a767bbec1a4ac999a027520af58a654b74e2e54f6af0960b46384f00b550481

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a1c821c2a2140a7-LHR
date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Thu, 21 Oct 2021 16:46:08 GMT
server
cloudflare
etag
W/"61719950-1f947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71CRN0wzcspesry0uBu4nAJv4Ccz4lx17zhIE6yTjUfk65MfN%2FGF7ONK8iymx2op1xbWWBbuJK3NgEsxBnTFqtEdbBuNXTc%2FHYbPoyZMCKJ5ouwKx6EcILbOb6mVlNb4qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
no-cache, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 01 Jan 1970 00:00:01 GMT
jotform.forms.js
cdn01.jotfor.ms/static/ Frame 4C87 		521 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.jotfor.ms/static/jotform.forms.js?3.3.28627
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
face5e70d4053a18d938aa959d62f5805952f322a1d9bd763ee3167dff0b4f9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
6a1c821c2e7006cd-LHR
date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Thu, 21 Oct 2021 16:46:08 GMT
server
cloudflare
etag
W/"61719950-825ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjggLTuuKIsH8CxWh7Uz17acXnEvWSSn5UlXMq7vQuoEE%2Fm3eRTYK8YtuHmZQ%2FLX8sOYFKfE7p6EvgXrv7fSorJR8RzMdbiSSK3iP%2FZybEujp938IINmyT6wvfKQYzNoUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
no-cache, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
expires
Thu, 01 Jan 1970 00:00:01 GMT
punycode.js
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 4C87 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4177
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fac-394e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxHHrRs%2FGCSUjkoBK%2BG6yy%2FG4y40p9peEothm%2BLErYzj%2FRMVhJWtB1zodTSGNZEXQ4mWHiunSX2xCWDDfR%2FRgfqdLL9ablO92CGH%2FoO4lfZzS0%2FdYamXGuEmTibq0vBvJ2pPzc6V"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a1c821c0e067174-DUS
expires
Tue, 11 Oct 2022 18:21:53 GMT
postMessage.js
js.jotform.com/vendor/ Frame 4C87 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jotform.com/vendor/postMessage.js?3.3.28627
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.133.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-static
1
last-modified
Fri, 03 May 2019 10:43:50 GMT
server
cloudflare
etag
W/"5ccc1b66-16bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cf-ray
6a1c821c3c0f39f9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
WidgetsServer.js
js.jotform.com/ Frame 4C87 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jotform.com/WidgetsServer.js?v=1634840513747
Requested by
Host: form.jotform.com
URL: https://form.jotform.com/jsform/212635437266256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.133.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
281b2fd15cfbfc80b53dd48cb1cd4f54c1667a5e0da7f6bce08a8ea6b7fca2c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-static
1
last-modified
Fri, 15 Oct 2021 08:26:26 GMT
server
cloudflare
etag
W/"61693b32-794a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cf-ray
6a1c821c3c1439f9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
bi.614ce23d993ab9.15815828.png
files.jotform.com/jufs/Reum/form_files/ Frame 4C87
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/bi.614ce23d993ab9.15815828.png
  • https://files.jotform.com/jufs/Reum/form_files/bi.614ce23d993ab9.15815828.png
11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/bi.614ce23d993ab9.15815828.png
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7b1b8ca1914e49019f7b04314d9a3d321f3de8f2b5acc5724a95d35e9936e307

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
OPTIONS, GET
content-type
application/octet-stream
access-control-allow-origin
*
content-disposition
attachment; filename="bi.614ce23d993ab9.15815828.png"
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate

Redirect headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 21 Oct 2021 18:21:54 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/bi.614ce23d993ab9.15815828.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6a1c821c1869047a-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
download%20(6).616f66c3a15d56.75507041.jfif
files.jotform.com/jufs/Reum/form_files/ Frame 4C87
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/download%20(6).616f66c3a15d56.75507041.jfif
  • https://files.jotform.com/jufs/Reum/form_files/download%20(6).616f66c3a15d56.75507041.jfif
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/download%20(6).616f66c3a15d56.75507041.jfif
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f6d2ad915ba54360c03e0bb90f242513f688da595cd1ffd6493b801efc7fcc94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
OPTIONS, GET
content-type
application/octet-stream
access-control-allow-origin
*
content-disposition
attachment; filename="download (6).616f66c3a15d56.75507041.jfif"
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate

Redirect headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 21 Oct 2021 18:21:54 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/download%20(6).616f66c3a15d56.75507041.jfif
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6a1c821c186a047a-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
co.615fcfdd0c6cc7.83435833.png
files.jotform.com/jufs/Reum/form_files/ Frame 4C87
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/co.615fcfdd0c6cc7.83435833.png
  • https://files.jotform.com/jufs/Reum/form_files/co.615fcfdd0c6cc7.83435833.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/co.615fcfdd0c6cc7.83435833.png
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
cc984748ebb69ecf45962cec3b786c21687e9679cab081fd5931a9e924b9b566

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
OPTIONS, GET
content-type
application/octet-stream
access-control-allow-origin
*
content-disposition
attachment; filename="co.615fcfdd0c6cc7.83435833.png"
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate

Redirect headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 21 Oct 2021 18:21:54 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/co.615fcfdd0c6cc7.83435833.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6a1c821c186d047a-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
newlabel.6170516621b289.61668523.png
files.jotform.com/jufs/Reum/form_files/ Frame 4C87
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/newlabel.6170516621b289.61668523.png
  • https://files.jotform.com/jufs/Reum/form_files/newlabel.6170516621b289.61668523.png
404 KB
405 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/newlabel.6170516621b289.61668523.png
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
8f0ecf8bb9197433e04d58a55b132940e31370b3b893d2ae6fa5d4bc23fcb414

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
OPTIONS, GET
content-type
application/octet-stream
access-control-allow-origin
*
content-disposition
attachment; filename="newlabel.6170516621b289.61668523.png"
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate

Redirect headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 21 Oct 2021 18:21:54 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/newlabel.6170516621b289.61668523.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6a1c821c186c047a-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
download%20(3).6171914f023bc0.28821319.png
files.jotform.com/jufs/Reum/form_files/ Frame 4C87
Redirect Chain
  • https://www.jotform.com/uploads/Reum/form_files/download%20(3).6171914f023bc0.28821319.png
  • https://files.jotform.com/jufs/Reum/form_files/download%20(3).6171914f023bc0.28821319.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.jotform.com/jufs/Reum/form_files/download%20(3).6171914f023bc0.28821319.png
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.41.190.35.bc.googleusercontent.com
Software
/
Resource Hash
986b58ed174208c1c97246920f40e377e8cad6191466e07c7a29bcddf9aec009

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
OPTIONS, GET
content-type
application/octet-stream
access-control-allow-origin
*
content-disposition
attachment; filename="download (3).6171914f023bc0.28821319.png"
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate

Redirect headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 21 Oct 2021 18:21:54 GMT
server
cloudflare
location
https://files.jotform.com/jufs/Reum/form_files/download%20(3).6171914f023bc0.28821319.png
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=600000;
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
6a1c821c186b047a-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
t.php
c.statcounter.com/ 		192 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12631192&u1=1D5F2E65F5EF4FFD2EBA6D308CF77D17&java=1&security=3ea09c29&sc_snum=1&sess=30eed3&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.buyivermectin.io/&t=Buy%20Ivermectin%20Online%20-%20BuyIvermectin.io&invisible=1&sc_rum_e_s=3746&sc_rum_e_e=3750&sc_rum_f_s=0&sc_rum_f_e=396&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b77528c4ef55a916a6cc5e602616a79d1e7f7455030352edd6fa6360cf8338a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a1c821c0e6dfb5c-DUS
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://www.buyivermectin.io
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
recorder.js
www.statcounter.com/counter/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/recorder.js
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f63505190760786bd4835290ba43a8424001a64e8d65ba8b3d885b8eeb9e4bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 08:04:34 GMT
server
cloudflare
age
24576
etag
W/"616e7c12-d5a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6a1c821ce86efb5c-DUS
expires
Thu, 21 Oct 2021 23:32:18 GMT
control_appointment.css
cdn02.jotfor.ms/form-resources/dist/styles/ Frame 4C87 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/form-resources/dist/styles/control_appointment.css
Requested by
Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/css/styles/nova.css?3.3.28627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932d7c2c5ee1bf28465874a487f8a78fe3afb63c03368d90f1c3cd4c48adf674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.28627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
last-modified
Tue, 19 Oct 2021 10:32:59 GMT
server
cloudflare
etag
W/"616e9edb-44b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjISww0rljgPt75y7SJlJIN2QwuaujfvbnOqHZYJtR65%2FfSjB3lXyzBW466U0SRUO2ElNpQjF5vLZ5VihtsbrKH30NlhDjhnpfftiCxggGxGEoa0Imn4ZE4soVk8P5gYHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, public
cf-ray
6a1c821d0eaef3ff-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
control_inline.css
cdn02.jotfor.ms/form-resources/dist/styles/ Frame 4C87 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn02.jotfor.ms/form-resources/dist/styles/control_inline.css
Requested by
Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/css/styles/nova.css?3.3.28627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667d63caae20cc231c73a06a886880b4efc7c511baa29d95d855fcb851896026

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.28627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
last-modified
Tue, 19 Oct 2021 10:32:59 GMT
server
cloudflare
etag
W/"616e9edb-745b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvrsSXN6kbQ0gBb94guEqcc9MuLbfFWC9%2FeLjrGXHdFzCALRxVGzdFPX66Tw5GXY9ZscOxgCwKzwDDDZu0PvQm8hCXiO96fLEKUNvWEtr3WMZWfCWycaLXiOqTU%2FFWarxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, public
cf-ray
6a1c821d0eb1f3ff-LHR
expires
Thu, 01 Jan 1970 00:00:01 GMT
232
widgets-cache.jotform.io/212635437266256/ Frame CB29 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets-cache.jotform.io/212635437266256/232
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556840efe919c737c88fed6bb84aa5506ecff94b534fad1bec733fb83c8df062

Request headers

:method
GET
:authority
widgets-cache.jotform.io
:scheme
https
:path
/212635437266256/232
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.buyivermectin.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
content-type
text/html
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H%2F0TKlx2dewLhctYmBenrrLGgXmpqQcMAGf%2FgBXy0MX9cGGiCA5RlQ28hNNrGdwznE%2BB2zkL10Ajzt1L6dtJoJp68dSXzElaA%2BtXeWGpTfy8ltkEuv%2Byzzd047u6%2FhBkV8JYPFIzpNAGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a1c821e6f89ee7d-CDG
content-encoding
br
/
widgets.jotform.io/socialShare/ Frame 145E 		886 B
933 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef34c6c3820a814292e75626748fe9ee156dd14e485f4fb0e733c6f2553ea50

Request headers

:method
GET
:authority
widgets.jotform.io
:scheme
https
:path
/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.buyivermectin.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
content-type
text/html
last-modified
Thu, 02 May 2019 12:29:43 GMT
etag
W/"5ccae2b7-376"
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000 public
x-static
1
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdDIIKetOWb%2FwrYxMbo5u9PCWzEwu5iOmqMOA8Rk4SWhvSzrTHScLAiokQ99M0ImIeE%2F3TfADe5G%2F9b2Q9rztgapv9d0qh%2ByRLwb3CGbK0siB4bpXBr19EEXH%2B9JVCcu1LIOZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a1c821e8d96a897-CDG
content-encoding
br
JotFormCustomWidget.min.js
js.jotform.com/ Frame CB29 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jotform.com/JotFormCustomWidget.min.js
Requested by
Host: widgets-cache.jotform.io
URL: https://widgets-cache.jotform.io/212635437266256/232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.133.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f86c6eab5b31144c7a27df83be3826a38f5cb28d3923785a15815371aa9c587

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets-cache.jotform.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-static
1
last-modified
Fri, 15 Oct 2021 08:26:26 GMT
server
cloudflare
etag
W/"61693b32-d0ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cf-ray
6a1c821f6b5939f9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
rumble.com/embed/vkmp2k/ Frame 008C 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rumble.com/embed/vkmp2k/?pub=4
Requested by
Host: widgets-cache.jotform.io
URL: https://widgets-cache.jotform.io/212635437266256/232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
64a6e6e03edd8ce0e5f0d3701b0bc3824f765bd5139091746907ac981578b56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

:method
GET
:authority
rumble.com
:scheme
https
:path
/embed/vkmp2k/?pub=4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets-cache.jotform.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://widgets-cache.jotform.io/

Response headers

server
nginx
date
Thu, 21 Oct 2021 18:21:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://rumble.com/vn8v7a-india-govt.-declares-most-populated-state-officially-covid-free-after-wides.html>; rel="canonical"
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-encoding
br
styles.min.css
widgets.jotform.io/socialShare/min/ Frame 145E 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb415c0f3973ae4c8db4d4647d7139dfee6c28f3626977e691dc23af826a17d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
W/"5ccae2b7-1565"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zss9RQj0dns5uM2gG0c5g0oYl9jZX2BPRVrwYKclrEFISg4SWG0M51kYnQb3b2do2IJWVRj0dv9AHieZDUSaz9bVT%2Fs0262QoY4cAJTvMNfuelV6ZwwoNdyNp9baGGUNNZcuig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000, public
cf-ray
6a1c821f6dd0a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
JotFormCustomWidget.min.js
js.jotform.com/ Frame 145E 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.jotform.com/JotFormCustomWidget.min.js
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.133.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac19c3b8b8593614fbbfcc1c88aed5fa088d6cd8858743af3062aa667d76963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-static
1
last-modified
Fri, 15 Oct 2021 08:26:26 GMT
server
cloudflare
etag
W/"61693b32-d0ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cf-ray
6a1c821f6b6339f9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 145E 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 15:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 21 Oct 2022 15:40:42 GMT
scripts.min.js
widgets.jotform.io/socialShare/min/ Frame 145E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.jotform.io/socialShare/min/scripts.min.js?v=b6bc2e2b35c87ebea462bacf9e792df6
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f55137a9e36f79a99b610abb3fd7111ea2df7165acb0a764eec8b16e941c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
W/"5ccae2b7-2e63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C5QT7jryyaydbtNFWU0CoLzzUGXs32UMbajmQEHRxULgPguFdLcKhh2gGFLE7SJVT8PCqXreA6kdY8WA5rGuK5oZjpI5MPmk6N%2FVdxMtpzKGBmXIqyynA%2FP5oR5RDDiJl8S3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=315360000, public
cf-ray
6a1c821f6dd1a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
in.js
platform.linkedin.com/ Frame 145E 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/?qid=221&ref=https%3A%2F%2Fwww.buyivermectin.io&injectCSS=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.19 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-19.deploy.static.akamaitechnologies.com
Software
Play /
Resource Hash
2a1dca98fdd5907f7fcb88246575508d8af0fb184f63926d2c4b0f9549735d1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-LI-UUID
7rO55egcsBYQGKB/SSsAAA==
Date
Thu, 21 Oct 2021 18:21:54 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV4
Server
Play
X-Li-Pop
prod-eda6
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Connection
keep-alive
X-LI-Proto
http/1.1
Content-Length
62394
X-CDN
AKAM
X-Li-Fabric
prod-ltx1
Expires
Thu, 21 Oct 2021 18:47:31 GMT
/
graph.facebook.com/ Frame 145E 		202 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.buyivermectin.io
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.15 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-01-frx5.facebook.com
Software
/
Resource Hash
a55d4aecbb748898fb696f85c3d487423ee9d673ad8658b7a066095e1560921e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://widgets.jotform.io/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004594130
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
151
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
e77JKkKrZVYPDklBQDFsO/cow3ivD4XdhWhVswPanTrNwuC6Xzk1tDBlE2cEXZMf8kCI9YchaL93Z4XnGr3PTA==
x-fb-trace-id
BkPXw0YqsIc
date
Thu, 21 Oct 2021 18:21:54 GMT
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-fb-request-id
A5A6hrk5yOTbTdJu-YgGD_7
cache-control
no-store
facebook-api-version
v4.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
count.json
api.pinterest.com/v1/urls/ Frame 145E 		90 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.buyivermectin.io&callback=jQuery19102169368778263998_1634840514606&_=1634840514607
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9a28dc3f66218fdd21453785a26c0b4ac25fd78fe7ad9ad03e6dc6422a1407ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
x-content-type-options
nosniff
x-cdn
fastly
age
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
x-pinterest-rid
1626047781641541
content-length
90
expires
Thu, 21 Oct 2021 18:36:54 GMT
share
www.linkedin.com/countserv/count/ Frame 145E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fwww.buyivermectin.io&format=jsonp&callback=jQuery19102169368778263998_1634840514608&_=1634840514609
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
facebook.png
widgets.jotform.io/socialShare/img/ Frame 145E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jotform.io/socialShare/img/facebook.png
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81d131c1fcf907c6d75b24ec535a0b4d5405a23fe545d167f1e94988a630c726

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
21270
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
"5ccae2b7-5316"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH1opSkhVzevwEeSkwKRnymLK2PoamiQvkZTVbTmOlrpiuqlnpwYtGOiN%2B6YhwVnRrFnCLyGq22jJouI0x7lscdpSfGtd%2FA%2BQuFeXmWZGajudAF7lyi3m19bXOiJ7IKp306wgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6a1c82208e10a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter.png
widgets.jotform.io/socialShare/img/ Frame 145E 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jotform.io/socialShare/img/twitter.png
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac02151c2b5fed0343165bf417ad169bca8e35716029292296856f42e1cd45a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
23758
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
"5ccae2b7-5cce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOfG9Vn8ULezKpRFllmV2O6Xg8Kr7GML26SrNRHVFY%2B2%2Fg7K7G3SLwRvVoFR7NZbGge3lfUpsuP9djZTe2Q%2FiTNKJmllMERy%2FxsIwfNMm1iALUZ0OFOw7pMDwSqI3KZJTHC7Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6a1c82208e11a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
pinterest.png
widgets.jotform.io/socialShare/img/ Frame 145E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jotform.io/socialShare/img/pinterest.png
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aca6ee5818ee1345c061a02dfe9b6449299ce0b8b1b6367e51200cf52d738c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
25215
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
"5ccae2b7-627f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYRzslhWCNhWpK6mCC9p3eNG87WD1VUyM4n8%2FsrMst%2Bt3KkqK57nOt%2F3V4i0cZb7Nb20yxqzbMV951Nd%2BglwOJ7VfGqYf3oI%2BEBLLnhIhHDRqmmS8GSxnZKcLbnrdo7BmAQPdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6a1c82208e12a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
linkedin.png
widgets.jotform.io/socialShare/img/ Frame 145E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jotform.io/socialShare/img/linkedin.png
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b8973ef4fbdb37d6ffed3fd9691a9f7d4785a5002562f0ce57ee97a156319fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
22213
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
"5ccae2b7-56c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdqIUT2h3bDOxJ9qB%2FBh9COLHp5qbK2P6DEvWJqi%2F0qbLx%2Bozt2tJ9yvYX4TSN3spSvphcWzxypr6mT6b3Zme%2FewCXsJ%2FYG%2BUBOfXJPYWNx9BYyxdnK72HfrNHNC2bKSB4%2BW1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6a1c82208e13a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
reddit.png
widgets.jotform.io/socialShare/img/ Frame 145E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jotform.io/socialShare/img/reddit.png
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747f8c979727bd7bef98178c9508328a4474f89bb4d4997686efc4ba036f6bce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
25654
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
"5ccae2b7-6436"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRsAzqF0avDPVKd%2FJKcsF1w8%2BFLdmQbIbzw1VCzSikdQhZN6ngVZ01TdYN9TOSzSM9Z%2BmQj2AXCVIc2mzez%2Bx%2BmproWFTT8geC5DVA2ya6%2B7fyLZZH36ciZR35oBwOlX0%2B%2BYmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6a1c82208e14a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
stumbleupon.png
widgets.jotform.io/socialShare/img/ Frame 145E 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jotform.io/socialShare/img/stumbleupon.png
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c41a25510fed58afeeed790172950fac9161c0beaba558cf7da2aebd2815626

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
23449
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
"5ccae2b7-5b99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9yqbTzhhRLs9kuge%2BwKfI3cxru7LSYkpzHyB1xIWy1Q4CVTwuSx1CEAxkrB0qSY2YukxqzKl5FFf%2Bq2ZbgH%2BzcHwl7FaiHOTs6ipGYSLz%2F1kzLqPqpaeCsbIk5Bv5LTy%2BCwQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6a1c82208e16a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
digg.png
widgets.jotform.io/socialShare/img/ Frame 145E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jotform.io/socialShare/img/digg.png
Requested by
Host: widgets.jotform.io
URL: https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b964d22113c72edc7c33057a3b06ef2f569cc59abc89b40642915070a7363f91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.jotform.io/socialShare/min/styles.min.css?v=b6bc2e2b35c87ebea462bacf9e792df6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
22379
x-static
1
last-modified
Thu, 02 May 2019 12:29:43 GMT
server
cloudflare
etag
"5ccae2b7-576b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPzyHAnehu7Oem6MMb5by84zRRuSWzzLU3DY83nCUy5oLGolCZv5phlalTNBF2fbTusyqp%2FmzhGxedvjzkzGwp1OfIlVPq%2BTdgvyOpA8Rs%2BRadujqx4hSLZ0YyaVlHu2RG4fEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
6a1c82208e17a897-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
ui.r2.js
rumble.com/j/p/ Frame 008C 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumble.com/j/p/ui.r2.js?_v=290
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vkmp2k/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/embed/vkmp2k/?pub=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 21:40:26 GMT
server
nginx
etag
W/"61708cca-111af"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security
max-age=31536000;includeSubDomains;preload
2B8uc.OvCc.jpg
sp.rmbl.ws/s8/6/2/B/8/u/ Frame 008C 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.rmbl.ws/s8/6/2/B/8/u/2B8uc.OvCc.jpg
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vkmp2k/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0b9235c831a84b3d19304597e38db0e4762a588d3a846e610fa170505f123ec2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
last-modified
Sat, 02 Oct 2021 23:29:21 GMT
etag
"e02b4fc78af5d32e63b68fad82555fcb"
x-hw
1634840514.cds079.am5.hn,1634840514.cds210.am5.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=67698
accept-ranges
bytes
content-length
24432
2B8uc.caa.mp4
sp.rmbl.ws/s8/2/2/B/8/u/ Frame 008C 		511 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://sp.rmbl.ws/s8/2/2/B/8/u/2B8uc.caa.mp4?u=4&b=0
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vkmp2k/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rumble.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 21 Oct 2021 18:21:54 GMT
last-modified
Sat, 02 Oct 2021 23:29:09 GMT
access-control-allow-origin
*
etag
"89b032fb00aa9a1b356f9c8e5e315676"
x-hw
1634840514.cds079.am5.hn,1634840514.cds002.am5.c
content-type
video/mp4
Content-Range
bytes 0-33519374/33519375
cache-control
max-age=83797
accept-ranges
bytes
Content-Length
33519375
analytics.js
www.google-analytics.com/ Frame 008C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
5698
date
Thu, 21 Oct 2021 16:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Thu, 21 Oct 2021 18:46:57 GMT
view...kmp2k.16v99vm
rumble.com/l/ Frame 008C 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/view...kmp2k.16v99vm?p=2.3&r=89670257&ref=https%3A%2F%2Fwidgets-cache.jotform.io%2F&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Referer
https://rumble.com/embed/vkmp2k/?pub=4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Oct 2021 18:21:55 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 008C 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vkmp2k/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Thu, 21 Oct 2021 18:21:55 GMT
collect
www.google-analytics.com/j/ Frame 008C 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=174396226&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.vkmp2k%2F&dr=https%3A%2F%2Fwidgets-cache.jotform.io%2F&ul=en-us&de=UTF-8&dt=India%20govt.%20declares%20most%20populated%20state%20officially%20COVID%20free%20after%20widespread%20use%20of%20ivermectin%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=587x350&je=0&_u=YEBAAEABAAAAAC~&jid=378313894&gjid=1133273022&cid=1804966172.1634840515&tid=UA-44331619-1&_gid=1091925903.1634840515&_r=1&_slc=1&z=1456387145
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rumble.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 18:21:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rumble.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 008C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=174396226&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.vkmp2k%2F&dr=https%3A%2F%2Fwidgets-cache.jotform.io%2F&ul=en-us&de=UTF-8&dt=India%20govt.%20declares%20most%20populated%20state%20officially%20COVID%20free%20after%20widespread%20use%20of%20ivermectin%20-%20Rumble&sd=24-bit&sr=1600x1200&vp=587x350&je=0&ec=Embed&ea=View&el=vkmp2k&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1804966172.1634840515&tid=UA-44331619-1&_gid=1091925903.1634840515&z=1453019797
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vkmp2k/?pub=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 12:58:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19376
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 2BA1 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rumble.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Thu, 21 Oct 2021 01:10:48 GMT
expires
Fri, 21 Oct 2022 01:10:48 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
61867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 008C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Oct 2021 18:21:55 GMT
a..4.5z34n.kmp2k..fs.13zb5ob
rumble.com/l/ Frame 008C 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/a..4.5z34n.kmp2k..fs.13zb5ob?p=2.3&r=89670257&ref=https%3A%2F%2Fwidgets-cache.jotform.io%2F&t=6&a=0&art=0&atype=0&et=405&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Referer
https://rumble.com/embed/vkmp2k/?pub=4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Oct 2021 18:21:55 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
a..4.5z34n.kmp2k..fs.13zb5ob
rumble.com/l/ Frame 008C 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/a..4.5z34n.kmp2k..fs.13zb5ob?p=2.3&r=89670257&ref=https%3A%2F%2Fwidgets-cache.jotform.io%2F&t=5&a=0&art=0&atype=0&et=406&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Referer
https://rumble.com/embed/vkmp2k/?pub=4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Oct 2021 18:21:55 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
collect
stats.g.doubleclick.net/j/ Frame 008C 		4 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-44331619-1&cid=1804966172.1634840515&jid=378313894&gjid=1133273022&_gid=1091925903.1634840515&_u=YEBAAEAAAAAAAC~&z=1051786967
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rumble.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 21 Oct 2021 18:21:55 GMT
content-type
text/plain
access-control-allow-origin
https://rumble.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.jotform.com/jsform/212635437266256/ Frame 4C87 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.jotform.com/jsform/212635437266256/?ref=&res=1600x1200&eventID=1634840515255_212635437266256_1lLKK0p&loc=https%253A%252F%252Fwww.buyivermectin.io%252F
Requested by
Host: www.buyivermectin.io
URL: https://www.buyivermectin.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.133.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.buyivermectin.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 18:21:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Thu, 21 Oct 2021 14:21:55 GMT
server
cloudflare
access-control-allow-headers
origin, content-type, accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
6a1c82246cf539f9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 1 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/ Frame 008C 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-44331619-1&cid=1804966172.1634840515&jid=378313894&_u=YEBAAEAAAAAAAC~&z=1590392647
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vkmp2k/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 18:21:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 008C 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-44331619-1&cid=1804966172.1634840515&jid=378313894&_u=YEBAAEAAAAAAAC~&z=1590392647
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vkmp2k/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rumble.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 18:21:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| qsProxy function| FrameBuilder object| i212635437266256 function| handleIFrameMessage function| isPermitted number| sc_project number| sc_invisible string| sc_security function| _statcounter

13 Cookies

Domain/Path Name / Value
.buyivermectin.io/ Name: sc_is_visitor_unique
Value: rx12631192.1634840514.1D5F2E65F5EF4FFD2EBA6D308CF77D17.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12631192.1634840513.0
.statcounter.com/ Name: is_visitor_unique
Value: 1634840513332490710
.jotform.com/ Name: userReferer
Value: https%3A%2F%2Fwww.buyivermectin.io%2F
.jotform.com/ Name: theme
Value: tile-black
.jotform.com/ Name: JOTFORM_SESSION
Value: kct4ivk0db418m02dn4h530kh3
.jotform.com/ Name: guest
Value: guest_439a4b61070cd169
.linkedin.com/ Name: bcookie
Value: "v=2&cf85b6e5-c594-4b81-8c4b-332b4031f9f8"
.www.linkedin.com/ Name: bscookie
Value: "v=1&20211021182154f41ea9d4-f80c-471f-82e9-05f1e3113c80AQFN6H2JLv8Zs419aXbhZXPtI3WtaHJ9"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2342:u=1:x=1:i=1634840514:t=1634926914:v=2:sig=AQFySoCHpFHt-d_bwVoMPGcwV_ur0pLC"
.rumble.com/ Name: _ga
Value: GA1.2.1804966172.1634840515
.rumble.com/ Name: _gid
Value: GA1.2.1091925903.1634840515
.rumble.com/ Name: _gat_rumble
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fwww.buyivermectin.io&format=jsonp&callback=jQuery19102169368778263998_1634840514608&_=1634840514609
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://graph.facebook.com/?id=https%3A%2F%2Fwww.buyivermectin.io
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.pinterest.com
c.statcounter.com
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
events.jotform.com
files.jotform.com
form.jotform.com
graph.facebook.com
imasdk.googleapis.com
ivermectin.pet
js.jotform.com
platform.linkedin.com
rumble.com
s0.2mdn.net
sp.rmbl.ws
stats.g.doubleclick.net
widgets-cache.jotform.io
widgets.jotform.io
www.buyivermectin.io
www.google-analytics.com
www.google.com
www.google.de
www.jotform.com
www.linkedin.com
www.statcounter.com
104.16.18.94
104.22.52.65
104.23.133.11
104.23.134.11
104.26.6.134
104.26.7.134
13.107.42.14
142.250.184.230
142.250.185.174
142.250.185.99
142.250.186.42
151.101.128.84
151.139.128.11
169.59.64.184
172.217.18.106
172.67.71.74
185.60.216.15
2.16.186.19
216.58.212.132
3.96.23.237
35.190.41.132
35.201.118.58
51.75.190.153
66.102.1.156
0b9235c831a84b3d19304597e38db0e4762a588d3a846e610fa170505f123ec2
0f86c6eab5b31144c7a27df83be3826a38f5cb28d3923785a15815371aa9c587
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73
1f63505190760786bd4835290ba43a8424001a64e8d65ba8b3d885b8eeb9e4bf
281b2fd15cfbfc80b53dd48cb1cd4f54c1667a5e0da7f6bce08a8ea6b7fca2c4
2a1dca98fdd5907f7fcb88246575508d8af0fb184f63926d2c4b0f9549735d1b
2a767bbec1a4ac999a027520af58a654b74e2e54f6af0960b46384f00b550481
2ac02151c2b5fed0343165bf417ad169bca8e35716029292296856f42e1cd45a
2ac19c3b8b8593614fbbfcc1c88aed5fa088d6cd8858743af3062aa667d76963
33c3f597b3248a21fcfc4e20c520b20e2ae03c827bf5d15392abefa44cfb982f
3ef34c6c3820a814292e75626748fe9ee156dd14e485f4fb0e733c6f2553ea50
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
4aca6ee5818ee1345c061a02dfe9b6449299ce0b8b1b6367e51200cf52d738c0
4b77528c4ef55a916a6cc5e602616a79d1e7f7455030352edd6fa6360cf8338a
556840efe919c737c88fed6bb84aa5506ecff94b534fad1bec733fb83c8df062
60f55137a9e36f79a99b610abb3fd7111ea2df7165acb0a764eec8b16e941c15
64a6e6e03edd8ce0e5f0d3701b0bc3824f765bd5139091746907ac981578b56e
667d63caae20cc231c73a06a886880b4efc7c511baa29d95d855fcb851896026
6b8973ef4fbdb37d6ffed3fd9691a9f7d4785a5002562f0ce57ee97a156319fd
747f8c979727bd7bef98178c9508328a4474f89bb4d4997686efc4ba036f6bce
7b1b8ca1914e49019f7b04314d9a3d321f3de8f2b5acc5724a95d35e9936e307
81d131c1fcf907c6d75b24ec535a0b4d5405a23fe545d167f1e94988a630c726
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f0ecf8bb9197433e04d58a55b132940e31370b3b893d2ae6fa5d4bc23fcb414
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
932d7c2c5ee1bf28465874a487f8a78fe3afb63c03368d90f1c3cd4c48adf674
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
984931326ae3d3bc9c29791ce5b9d53f9dfb75a227903b8f4c406642471a66f8
986b58ed174208c1c97246920f40e377e8cad6191466e07c7a29bcddf9aec009
9a28dc3f66218fdd21453785a26c0b4ac25fd78fe7ad9ad03e6dc6422a1407ed
9c41a25510fed58afeeed790172950fac9161c0beaba558cf7da2aebd2815626
a18cd04e000c4cc9ed14457b188e2fdca725f0febacd52a5a5113375654b1301
a55d4aecbb748898fb696f85c3d487423ee9d673ad8658b7a066095e1560921e
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b964d22113c72edc7c33057a3b06ef2f569cc59abc89b40642915070a7363f91
beb415c0f3973ae4c8db4d4647d7139dfee6c28f3626977e691dc23af826a17d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c576e1c1009524f63f23fbd1e7ea25c66d7979584b1d14b3958a506d6430a4e4
cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5
cc984748ebb69ecf45962cec3b786c21687e9679cab081fd5931a9e924b9b566
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3cb77739776b54e145c35b5595ed8eb8ff9793b496e3be88edeef42b0527d5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d2ad915ba54360c03e0bb90f242513f688da595cd1ffd6493b801efc7fcc94
face5e70d4053a18d938aa959d62f5805952f322a1d9bd763ee3167dff0b4f9f
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fcbfe016bc82f68a5d7c0646201c46ee424475bb679608f99a9b38c336b4520d