vedroshan.com Open in urlscan Pro
167.88.39.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sape.ngumaz.com/api/direct/0.09571119401476902
Effective URL:
https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Submission: On August 17 via api (August 17th 2024, 10:19:35 am UTC) from US — Scanned from US

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 53 HTTP transactions. The main IP is 167.88.39.72, located in Canada and belongs to AS-HOSTINGER, CY. The main domain is vedroshan.com.
TLS certificate: Issued by R11 on August 16th 2024. Valid for: 3 months.

This is the only time vedroshan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	206.72.205.7 206.72.205.7	19318 (IS-AS-1) (IS-AS-1)
1	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::2001	15169 (GOOGLE) (GOOGLE)
2 14	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
13	167.88.39.72 167.88.39.72	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
4	192.0.78.12 192.0.78.12	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
53	16

1 206.72.205.7 (United States)

ASN19318 (IS-AS-1, US)
PTR: rkinfocom.host

sape.ngumaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

rahapekee.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 139.45.197.238 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

whairtoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 167.88.39.72 (Canada)

ASN47583 (AS-HOSTINGER, CY)

vedroshan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.78.12 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

insurance9107.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	whairtoa.com 2 redirects whairtoa.com — Cisco Umbrella Rank: 574844	32 KB
13	vedroshan.com vedroshan.com	222 KB
6	googlesyndication.com 725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	19 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	194 KB
4	wordpress.com insurance9107.wordpress.com	467 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 4519 pixel.wp.com — Cisco Umbrella Rank: 4225	3 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 5822	994 B
2	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 15460 rahapekee.blogspot.com	55 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10
1	gstatic.com fonts.gstatic.com	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 7953	5 KB
1	ngumaz.com sape.ngumaz.com	534 B
53	13

	Domain	Requested by
14	whairtoa.com	2 redirects rahapekee.blogspot.com whairtoa.com
13	vedroshan.com	vedroshan.com
5	securepubads.g.doubleclick.net	vedroshan.com securepubads.g.doubleclick.net
4	insurance9107.wordpress.com	vedroshan.com
3	725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	my.rtmark.net	whairtoa.com
1	www.google.com	tpc.googlesyndication.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.wp.com	vedroshan.com
1	fonts.gstatic.com	fonts.googleapis.com
1	stats.wp.com	vedroshan.com
1	fonts.googleapis.com	vedroshan.com
1	blogger.googleusercontent.com	rahapekee.blogspot.com
1	rahapekee.blogspot.com	sape.ngumaz.com
1	1.bp.blogspot.com	sape.ngumaz.com
1	sape.ngumaz.com
53	17

This site contains links to these domains. Also see Links.

Domain
insurance.vedroshan.com
wordpress.org
www.idtheme.com

Subject Issuer	Validity	Valid
shukri.mwikace.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-24` - `2025-04-24`	a year	crt.sh
misc-sni.blogspot.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
whairtoa.com R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
rtmark.net R11	`2024-07-05` - `2024-10-03`	3 months	crt.sh
vedroshan.com R11	`2024-08-16` - `2024-11-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Frame ID: 5263765D0E0FF587F674C98E5B5819E4
Requests: 56 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 4EAD94DED719092C902494F2F57758A1
Requests: 1 HTTP requests in this frame

Frame: https://725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 11E6C69B8516CB28843BA2A9D70018E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A646B858867AC249022D3429914E421
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3C169742A29D95EE273061BD6B1A680
Requests: 1 HTTP requests in this frame

Frame: https://725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 838E3332BED5965F66BAADC07CEE2CDB
Requests: 1 HTTP requests in this frame

Frame: https://725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB264B0EFC49F843BCBE6D517AFBA334
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How much does health insurance cost for a small business per employee USA? - Small Business Insurance

Page URL History Show full URLs

http://sape.ngumaz.com/api/direct/0.09571119401476902 HTTP 307
https://sape.ngumaz.com/api/direct/0.09571119401476902 Page URL
https://rahapekee.blogspot.com/ Page URL
https://whairtoa.com/4/5186635 Page URL
https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false HTTP 302
https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x Page URL
https://whairtoa.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

53
Requests

96 %
HTTPS

60 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

1037 kB
Transfer

6140 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://insurance.vedroshan.com/how-many-types-of-health-insurance-are-there-in-the-usa/

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://www.idtheme.com/superfast/
Title: Theme: Superfast

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sape.ngumaz.com/api/direct/0.09571119401476902 HTTP 307
https://sape.ngumaz.com/api/direct/0.09571119401476902 Page URL
https://rahapekee.blogspot.com/ Page URL
https://whairtoa.com/4/5186635 Page URL
https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false HTTP 302
https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x Page URL
https://whairtoa.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sape.ngumaz.com/api/direct/0.09571119401476902 HTTP 307
https://sape.ngumaz.com/api/direct/0.09571119401476902

Request Chain 10

https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false HTTP 302
https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x

53 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

0.09571119401476902
sape.ngumaz.com/api/direct/
Redirect Chain

http://sape.ngumaz.com/api/direct/0.09571119401476902
https://sape.ngumaz.com/api/direct/0.09571119401476902

355 B
534 B

514ms
78ms

Document
text/html

206.72.205.7
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sape.ngumaz.com/api/direct/0.09571119401476902
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.72.205.7 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: rkinfocom.host
Software: LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 281
content-type: text/html
date: Sat, 17 Aug 2024 10:19:26 GMT
last-modified: Wed, 24 Apr 2024 21:28:26 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Location: https://sape.ngumaz.com/api/direct/0.09571119401476902
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 fsfss%2B%25281%2529.gif
1.bp.blogspot.com/-4MmEmATwoJU/YRCgO_yOnOI/AAAAAAAACQs/yRrK6HMrO9YkSfoL6od11hB592cFzCasgCPcBGAsYHg/w400-h134/ 54 KB
55 KB 237ms
4ms Image
image/gif 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4MmEmATwoJU/YRCgO_yOnOI/AAAAAAAACQs/yRrK6HMrO9YkSfoL6od11hB592cFzCasgCPcBGAsYHg/w400-h134/fsfss%2B%25281%2529.gif

Requested by

Host: sape.ngumaz.com
URL: https://sape.ngumaz.com/api/direct/0.09571119401476902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sape.ngumaz.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 07:09:36 GMT
x-content-type-options: nosniff
age: 11390
content-disposition: inline;filename="fsfss (1).gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55745
x-xss-protection: 0
server: fife
etag: "v90b"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 18 Aug 2024 07:09:36 GMT

GET
H2 200 /
rahapekee.blogspot.com/ 571 B
736 B 141ms
101ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rahapekee.blogspot.com/

Requested by

Host: sape.ngumaz.com
URL: https://sape.ngumaz.com/api/direct/0.09571119401476902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sape.ngumaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 413
content-type: text/html; charset=UTF-8
date: Sat, 17 Aug 2024 10:19:26 GMT
etag: W/"5c3c90281fb3a700413f3e318bac2201baad4c21ecfe21c5605ef6e0032f394b"
expires: Sat, 17 Aug 2024 10:19:26 GMT
last-modified: Thu, 04 Jul 2024 05:32:45 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 da.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq7SH6Cwb2acO_PSYZYPCUP_UCriGcfadfBX7OtjnvudX2k-woY8ye7HcOtLRyB_fQ0qd5VTodQtoSkOGU7IUQmWf5arbRlc-8SojMHr8O3chczLwa_q7Eyou_xvYQ5HAS0bFquqfCY4w/s0/ 5 KB
5 KB 336ms
314ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq7SH6Cwb2acO_PSYZYPCUP_UCriGcfadfBX7OtjnvudX2k-woY8ye7HcOtLRyB_fQ0qd5VTodQtoSkOGU7IUQmWf5arbRlc-8SojMHr8O3chczLwa_q7Eyou_xvYQ5HAS0bFquqfCY4w/s0/da.png

Requested by

Host: rahapekee.blogspot.com
URL: https://rahapekee.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rahapekee.blogspot.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v4ed"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="da.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4670
x-xss-protection: 0
expires: Sun, 18 Aug 2024 10:19:27 GMT

GET
H2 200 5186635
whairtoa.com/4/ 30 KB
14 KB 408ms
143ms Document
text/html 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whairtoa.com/4/5186635

Requested by

Host: rahapekee.blogspot.com
URL: https://rahapekee.blogspot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://rahapekee.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 17 Aug 2024 10:19:27 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 74bf13743d09565660676bafb1afc2a1

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 241ms
74ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080bb0edd764359eeb4022dea0c8461&z=5186635&p_rid=bcdb85a9-cb06-4351-a88f-db9f76e0262d&p_src=sf

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/5186635

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:27 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 sftouch
whairtoa.com/ 2 B
589 B 76ms
75ms Image
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whairtoa.com/sftouch?userId=0080bb0edd764359eeb4022dea0c8461&z=5186635&p_rid=bcdb85a9-cb06-4351-a88f-db9f76e0262d&p_src=sf&branchId=0&rb=837P7RGGu7f4AxT8RKPet-kooUGDKn8g0uzPEqztfMylL2od9wr6tepOzFDnYyknJQLHohFOb_ON_Rlx1gFbDOWdz2Hm0BnWboyoxHikl_REQ4lp6v9RLamXL1TJW-1PvDaOVbhNV3ZjBOESJt73a_dlXxdpFzhRmF8_9SZcWTlvPo4JNaDyeuHN3C3ahp8YHbXH15Tt6D6fBjPExoz_AYBRpV9B-XMDOkgH72qGqdKRODvrShnyI4L85Q058xayW6UzAlcWnA4X7bzV2cxO_MI1EnK13Dd_Jv1jmHzQ1SopiXvWjAWaFccanV2KnsntNtX_QVuBGaI3e_lI

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/5186635

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/4/5186635
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:27 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 1f75b69fe0f6843c28df8b10c1f819cd
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 add
whairtoa.com/log/ 12 B
382 B 80ms
77ms XHR
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whairtoa.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bcdb85a9-cb06-4351-a88f-db9f76e0262d

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/5186635

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/4/5186635
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Aug 2024 10:19:27 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whairtoa.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 12

POST
H2 200 add
whairtoa.com/async_log/ 0
336 B 77ms
73ms XHR
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whairtoa.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bcdb85a9-cb06-4351-a88f-db9f76e0262d

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/5186635

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/4/5186635
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Aug 2024 10:19:27 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://whairtoa.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 0

GET
H2 204 favicon.ico
whairtoa.com/ 0
150 B 74ms
73ms Other
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whairtoa.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://whairtoa.com/4/5186635
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Aug 2024 10:19:27 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

6118780 Show response
whairtoa.com/4/
Redirect Chain

https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false
https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x

30 KB
14 KB

78ms
76ms

Document
text/html

139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b31f6c806c8f1e23552462c44a47a988b5df5bdeeafff5d1032205e7280c74fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whairtoa.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sat, 17 Aug 2024 10:19:28 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 122fcfa35db9dee7e6226b3a27d9ddfe

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whairtoa.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sat, 17 Aug 2024 10:19:28 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://whairtoa.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: f28a1ff160f43f9b5b71ee22e5031280

GET
H2 204 favicon.ico
whairtoa.com/ 0
0 0ms
0ms Other
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whairtoa.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://whairtoa.com/afu.php?zoneid=5186635&var=5186635&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Aug 2024 10:19:27 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 img.gif
my.rtmark.net/ 43 B
503 B 78ms
77ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080bb0edd764359eeb4022dea0c8461&z=6118780&p_rid=4ef05daa-fb32-4ea4-bc8e-7a15cae5f95d&p_src=sf

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:28 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://whairtoa.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 sftouch
whairtoa.com/ 2 B
588 B 79ms
74ms Image
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whairtoa.com/sftouch?userId=0080bb0edd764359eeb4022dea0c8461&z=6118780&p_rid=4ef05daa-fb32-4ea4-bc8e-7a15cae5f95d&p_src=sf&branchId=0&rb=9uQORfU1MCOb9oIJ2kubdBBJf3Z2LQc5nPzsXKK44uOV3jFaMggBwyGeqCkfD3B-BCghXqceElyqqQdEFLz3jbZZ4H7kPeYzd0bBQHQTlQrwmIKYqwJ5HvxULfAXrsAUsznf6C19_aagkqz5Wj8U4NVD7VwfTNAkeVJaPAVpucIABZB_Lvfj_0HlokPPYDcxWiXuV54CK9VMZt1i2Tp4cskKO4rOgSG1yY3O43y2xvwDeysOXN9tke0u8ZFX37u-8rclaC7kDUKIN88i2nyuxoNbHUQ33C6Jtqsr45G5oj48u18U

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:28 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: e34020568494841331e52ce1e23a1077
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 add
whairtoa.com/log/ 12 B
382 B 76ms
75ms XHR
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whairtoa.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4ef05daa-fb32-4ea4-bc8e-7a15cae5f95d

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Aug 2024 10:19:28 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://whairtoa.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 12

GET
H2 204 favicon.ico
whairtoa.com/ 0
0 0ms
0ms Other
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whairtoa.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Aug 2024 10:19:27 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 add
whairtoa.com/async_log/ 0
336 B 73ms
72ms XHR
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whairtoa.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4ef05daa-fb32-4ea4-bc8e-7a15cae5f95d

Requested by

Host: whairtoa.com
URL: https://whairtoa.com/4/6118780?var=5186635&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://whairtoa.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 17 Aug 2024 10:19:28 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://whairtoa.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 0

GET
H2

200

Primary Request / Show response
vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Redirect Chain

https://whairtoa.com/?z=6118780&syncedCookie=false&rhd=false
https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

189 KB
72 KB

110ms
38ms

Document
text/html

167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

nginx /

Resource Hash

a9adce817a8e3b921202218c292de3827e401d524dd2583e85dcd1366dbcf99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whairtoa.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Aug 2024 10:19:28 GMT
link: </wp-includes/css/dist/block-library/A.style.min.css,qver=6.6.1.pagespeed.cf.7_G2C5ff8m.css>; rel=preload; as=style; nopush </wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17>; rel=preload; as=style; nopush </wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.1>; rel=preload; as=style; nopush </wp-content/themes/superfast/A.style.css,qver=2.1.3.pagespeed.cf.IbXfAsyIV9.css>; rel=preload; as=style; nopush </wp-includes/js/jquery/jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js>; rel=preload; as=script; nopush </wp-includes/js/jquery/jquery-migrate.min.js,qver=3.4.1.pagespeed.jm.bhhu-RahTI.js>; rel=preload; as=script; nopush </wp-content/themes/superfast/js/customscript.js,qver=2.1.3.pagespeed.jm.F08fc115jb.js>; rel=preload; as=script; nopush </wp-includes/js/comment-reply.min.js,qver=6.6.1.pagespeed.jm.ZjGOfUn0Vj.js>; rel=preload; as=script; nopush
pragma: no-cache
referrer-policy: same-origin same-origin
server: nginx
vary: Accept-Encoding
x-cache-age: 9289
x-cache-lifetime: 604800
x-cache-tags: 770b,770b-post-12
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-tag: 17c_HTTP.200
x-page-speed: 1
x-permitted-cross-domain-policies: master-only
x-pingback: https://vedroshan.com/xmlrpc.php
x-xss-protection: 1; mode=block

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whairtoa.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sat, 17 Aug 2024 10:19:28 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://vedroshan.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: c9444f4463e4d1d711ea4eb75e2f8782

GET
H2 204 favicon.ico
whairtoa.com/ 0
0 0ms
0ms Other
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whairtoa.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://whairtoa.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sat, 17 Aug 2024 10:19:27 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 A.style.min.css,qver=6.6.1.pagespeed.cf.7_G2C5ff8m.css
vedroshan.com/wp-includes/css/dist/block-library/ 110 KB
13 KB 28ms
25ms Stylesheet
text/css 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-includes/css/dist/block-library/A.style.min.css,qver=6.6.1.pagespeed.cf.7_G2C5ff8m.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: 9c511b71bc48251021b8f8176f8b5af1f51eb758137c38d67b77a75fe0d99355

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-page-speed: 1
date: Sat, 17 Aug 2024 10:09:41 GMT
content-encoding: br
last-modified: Sat, 17 Aug 2024 10:09:41 GMT
server: nginx
x-original-content-length: 112419
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Aug 2025 10:09:41 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
vedroshan.com/wp-includes/js/mediaelement/ 11 KB
3 KB 32ms
28ms Stylesheet
text/css 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 06:28:50 GMT
content-encoding: br
server: nginx
etag: W/"5f735862-2bf8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.css
vedroshan.com/wp-includes/js/mediaelement/ 4 KB
1 KB 37ms
34ms Stylesheet
text/css 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 06:28:50 GMT
content-encoding: br
server: nginx
etag: W/"5cfaccce-105a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 A.style.css,qver=2.1.3.pagespeed.cf.IbXfAsyIV9.css
vedroshan.com/wp-content/themes/superfast/ 35 KB
7 KB 33ms
30ms Stylesheet
text/css 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-content/themes/superfast/A.style.css,qver=2.1.3.pagespeed.cf.IbXfAsyIV9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: 43423dbfe3962d98abc5a3566edf96cdc4150d361c90fdd5b6b2de1d6556ba4e

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-page-speed: 1
date: Sat, 17 Aug 2024 10:09:41 GMT
content-encoding: br
last-modified: Sat, 17 Aug 2024 10:09:41 GMT
server: nginx
x-original-content-length: 45712
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Aug 2025 10:09:41 GMT

GET
H2 200 jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js Show response
vedroshan.com/wp-includes/js/jquery/ 85 KB
29 KB 39ms
37ms Script
application/javascript 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-includes/js/jquery/jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: fa6dbf56efed1b69b023b1601a9632014760997b1ac750af80088e8ca2fb5439

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-page-speed: 1
date: Fri, 16 Aug 2024 11:42:08 GMT
content-encoding: br
last-modified: Fri, 16 Aug 2024 11:42:08 GMT
server: nginx
x-original-content-length: 87553
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 16 Aug 2025 11:42:08 GMT

GET
H2 200 jquery-migrate.min.js,qver=3.4.1.pagespeed.jm.bhhu-RahTI.js Show response
vedroshan.com/wp-includes/js/jquery/ 13 KB
5 KB 40ms
38ms Script
application/javascript 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.4.1.pagespeed.jm.bhhu-RahTI.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: 765eb1dcd37c5d83c3df75654fda881374d5135474c7bb3029ae61bc9942515c

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-page-speed: 1
date: Fri, 16 Aug 2024 11:42:08 GMT
content-encoding: br
last-modified: Fri, 16 Aug 2024 11:42:08 GMT
server: nginx
x-original-content-length: 13577
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 16 Aug 2025 11:42:08 GMT

GET
H2 200 customscript.js,qver=2.1.3.pagespeed.jm.F08fc115jb.js Show response
vedroshan.com/wp-content/themes/superfast/js/ 12 KB
4 KB 40ms
39ms Script
application/javascript 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-content/themes/superfast/js/customscript.js,qver=2.1.3.pagespeed.jm.F08fc115jb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: 227e732f887622763f809c2052ae5e77d2a06855095b2a4c67ffd770f4c13286

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-page-speed: 1
date: Fri, 16 Aug 2024 11:42:08 GMT
content-encoding: br
last-modified: Fri, 16 Aug 2024 11:42:08 GMT
server: nginx
x-original-content-length: 13996
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 16 Aug 2025 11:42:08 GMT

GET
H2 200 comment-reply.min.js,qver=6.6.1.pagespeed.jm.ZjGOfUn0Vj.js Show response
vedroshan.com/wp-includes/js/ 3 KB
1 KB 39ms
38ms Script
application/javascript 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-includes/js/comment-reply.min.js,qver=6.6.1.pagespeed.jm.ZjGOfUn0Vj.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: c60cd38def5c368f0694c5b8c5c976b26a3f8ca3100968cced4fa3723538428c

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-page-speed: 1
date: Fri, 16 Aug 2024 11:42:08 GMT
content-encoding: br
last-modified: Fri, 16 Aug 2024 11:42:08 GMT
server: nginx
x-original-content-length: 2981
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 16 Aug 2025 11:42:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 122ms
22ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.1.3

Requested by

Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f136ca06d69de0c1598cd9f012a3232ec9e2861fb7f4ee93a551ca5265823adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Aug 2024 10:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Aug 2024 09:18:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Aug 2024 10:19:28 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
32 KB 114ms
75ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce63b4315cef7456976003fd572f4c4c2ab6da3f5e86f69b184774eb7eec5f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32381
x-xss-protection: 0
server: cafe
etag: 833 / 19952 / m202408120101 / config-hash: 16231218297231399992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Aug 2024 10:19:28 GMT

GET
H2 200 1.JiBnMqyl6S.gif
vedroshan.com/pagespeed_static/ 53 B
369 B 12ms
11ms Image
image/gif 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vedroshan.com/pagespeed_static/1.JiBnMqyl6S.gif

Requested by

Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

nginx /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:28 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
referrer-policy: same-origin
last-modified: Sat, 17 Aug 2024 10:19:28 GMT
server: nginx
x-permitted-cross-domain-policies: master-only
etag: W/"0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 e-202433.js Show response
stats.wp.com/ 7 KB
3 KB 97ms
4ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202433.js
Requested by: Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT jfk
date: Sat, 17 Aug 2024 10:19:28 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113530.9253
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Aug 2025 08:52:25 GMT

GET
BLOB 200
OK a2631b0e-73e7-4ab6-b3b4-abda7f798b8c
https://vedroshan.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vedroshan.com/a2631b0e-73e7-4ab6-b3b4-abda7f798b8c
Requested by: Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 26 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 184ebf92f88cf35d24a6e61bbece67a61b7bf31fa75d070134bf1b92c511b5a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 28ms
3ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vedroshan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 20:27:11 GMT
x-content-type-options: nosniff
age: 49937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Aug 2025 20:27:11 GMT

GET
H2 206 km_20240816_720p_30f_20240816_125232.mp4
insurance9107.wordpress.com/wp-content/uploads/2024/08/ 1 MB
0 35ms
4ms Media
video/mp4 192.0.78.12
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance9107.wordpress.com/wp-content/uploads/2024/08/km_20240816_720p_30f_20240816_125232.mp4

Requested by

Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 17 Aug 2024 10:19:28 GMT
x-ac: 1.jfk _dfw HIT
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Aug 2024 07:26:18 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: video/mp4
Content-Range: bytes 0-36209594/36209595
alt-svc: h3=":443"; ma=86400
Content-Length: 36209595
expires: Tue, 24 Sep 2024 00:02:56 GMT

GET
DATA 200
OK truncated
/ 324 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0035a398c5a022dc1cd66b7acff4f370dd11f699ee1394220aba5bc7396fd92

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 xpicsart_24-08-16_12-44-32-8858106735266030001088.jpg.pagespeed.ic._cU9e80I6w.webp
vedroshan.com/wp-content/uploads/2024/08/ 81 KB
82 KB 16ms
15ms Image
image/webp 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vedroshan.com/wp-content/uploads/2024/08/xpicsart_24-08-16_12-44-32-8858106735266030001088.jpg.pagespeed.ic._cU9e80I6w.webp
Requested by: Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: a9c64f3548c3851fe1e6baf550e29b917b7eba61783eddc65894e1d78cfcf345

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-page-speed: 1
date: Sat, 17 Aug 2024 10:07:01 GMT
last-modified: Sat, 17 Aug 2024 10:07:01 GMT
server: nginx
x-original-content-length: 178142
etag: W/"0"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://vedroshan.com/wp-content/uploads/2024/08/picsart_24-08-16_12-44-32-8858106735266030001088.jpg>; rel="canonical"
content-length: 83200
expires: Sun, 17 Aug 2025 10:07:01 GMT

GET
H2 200 picsart_24-08-15_14-32-19-4367131594643316387193.jpg
insurance9107.wordpress.com/wp-content/uploads/2024/08/ 49 KB
49 KB 20ms
18ms Image
image/jpeg 192.0.78.12
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insurance9107.wordpress.com/wp-content/uploads/2024/08/picsart_24-08-15_14-32-19-4367131594643316387193.jpg

Requested by

Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9cf68d9e4ca096cd26659764662d682471afb7a4c926de2e4950ca2e832bcf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
x-ac: 1.jfk _dfw HIT
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Aug 2024 06:52:50 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 50158
expires: Thu, 12 Sep 2024 22:47:01 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 23ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=202858186&post=12&tz=0&srv=vedroshan.com&j=1%3A13.7&host=vedroshan.com&ref=&fcp=690&rand=0.47479822714750664
Requested by: Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Aug 2024 10:19:29 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/ 477 KB
149 KB 12ms
11ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a3dad21122c92d2255a4de3f4c4d60d065a40dedfa32db1ced34a546090a8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 08:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4942
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152032
x-xss-protection: 0
server: cafe
etag: 8138746910856260998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 17 Aug 2025 08:57:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 218 B
135 B 140ms
86ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vedroshan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6451bb7b192482a7726891d8ce6dbc14850b2cae7c3c15630a9ea073e1a1472a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0
expires: Sat, 17 Aug 2024 10:19:29 GMT

GET
H2 200 wp-emoji-release.min.js Show response
vedroshan.com/wp-includes/js/ 18 KB
5 KB 24ms
20ms Script
application/javascript 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: 24a2071a6ff33f8868cf8d73f227924716780ba699241ada0a66298ab7e6b824

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
content-encoding: br
x-original-content-length: 18726
server: nginx
etag: W/"PSA-aj-DuwcSre_hv"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315259325
expires: Mon, 14 Aug 2034 06:21:35 GMT

GET
H2 206 km_20240816_720p_30f_20240816_125232.mp4
insurance9107.wordpress.com/wp-content/uploads/2024/08/ 417 KB
418 KB 46ms
15ms Media
video/mp4 192.0.78.12
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance9107.wordpress.com/wp-content/uploads/2024/08/km_20240816_720p_30f_20240816_125232.mp4

Requested by

Host: vedroshan.com
URL: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

25a31a86d9e1e56a0d31369b6396e3bd5cc2216cadb5742fc66506c77d513847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=35782656-

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
x-ac: 1.jfk _dfw HIT
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Aug 2024 07:26:18 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: video/mp4
Content-Range: bytes 35782656-36209594/36209595
alt-svc: h3=":443"; ma=86400
Content-Length: 426939
expires: Tue, 24 Sep 2024 00:02:56 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 4EAD 0
0 33ms
4ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29247
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Aug 2024 10:12:24 GMT
expires: Sat, 17 Aug 2024 11:02:24 GMT
last-modified: Mon, 12 Aug 2024 19:45:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
14 KB 541ms
541ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3116390975877285&correlator=2946212871288330&eid=31079957%2C31083340%2C31086033&output=ldjh&gdfp_req=1&vrg=202408120101&ptt=17&impl=fifs&iu_parts=22700238333%2Cca-pub-5131157774224276-tag%2C1%2C2%2C3%2C4&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=320x50%7C930x180%7C970x250%7C88x31%7C960x90%7C250x250%7C468x60%7C750x100%7C970x66%7C180x150%7C125x125%7C336x280%7C240x400%7C320x100%7C300x31%7C300x100%7C728x90%7C234x60%7C1024x768%7C300x50%7C120x600%7C168x28%7C300x75%7C480x320%7C300x1050%7C120x60%7C160x600%7C300x600%7C120x90%7C320x480%7C320x50%7C216x36%7C970x90%7C200x446%7C220x90%7C250x360%7C980x90%7C750x300%7C200x200%7C120x30%7C980x120%7C216x54%7C580x400%7C292x30%7C950x90%7C168x42%7C300x250%7C1x1%7C120x20%7C120x240%7C768x1024%7C240x133%7C750x200%2C768x1024%7C120x600%7C300x75%7C240x400%7C320x100%7C160x600%7C168x42%7C336x280%7C200x446%7C580x400%7C970x90%7C300x250%7C320x50%7C240x133%7C216x36%7C120x20%7C180x150%7C200x200%7C468x60%7C120x60%7C125x125%7C970x250%7C120x240%7C750x300%7C750x200%7C220x90%7C292x30%7C300x50%7C1024x768%7C970x66%7C216x54%7C300x31%7C950x90%7C728x90%7C980x90%7C750x100%7C300x600%7C234x60%7C300x1050%7C168x28%7C960x90%7C980x120%7C930x180%7C120x30%7C480x320%7C88x31%7C300x100%7C250x360%7C320x480%7C120x90%7C250x250%2C120x60%7C480x320%7C300x600%7C160x600%7C168x28%7C980x120%7C200x200%7C300x1050%7C300x250%7C728x90%7C750x200%7C320x50%7C970x90%7C240x133%7C120x20%7C240x400%7C300x31%7C300x75%7C120x600%7C320x100%7C300x100%7C580x400%7C1024x768%7C250x250%7C250x360%7C336x280%7C120x90%7C120x30%7C970x66%7C320x480%7C125x125%7C970x250%7C930x180%7C88x31%7C234x60%7C180x150%7C750x100%7C120x240%7C168x42%7C960x90%7C300x50%7C216x54%7C950x90%7C768x1024%7C292x30%7C980x90%7C200x446%7C220x90%7C468x60%7C216x36%7C750x300%2C240x400%7C580x400%7C120x600%7C300x75%7C768x1024%7C292x30%7C320x50%7C970x90%7C300x250%7C168x42%7C960x90%7C120x240%7C320x100%7C120x60%7C125x125%7C970x250%7C200x200%7C180x150%7C160x600%7C200x446%7C220x90%7C468x60%7C216x36%7C750x300%7C216x54%7C300x100%7C1024x768%7C980x90%7C120x20%7C750x200%7C168x28%7C728x90%7C300x50%7C240x133%7C950x90%7C930x180%7C234x60%7C300x600%7C300x1050%7C88x31%7C250x360%7C750x100%7C320x480%7C980x120%7C250x250%7C336x280%7C970x66%7C120x90%7C120x30%7C480x320%7C300x31%2C728x90%7C320x50%7C970x90&fluid=height%2C0%2C0%2C0%2C0&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723889969342&lmt=1723889969&adxs=320%2C320%2C320%2C320%2C436&adys=682%2C1481%2C1027%2C1175%2C1141&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvedroshan.com%2Fhow-much-does-health-insurance-cost-for-a-small-business-per-employee-usa%2F&vis=1&psz=630x20%7C630x20%7C630x4845%7C630x4845%7C728x-1&msz=630x20%7C630x20%7C630x20%7C630x20%7C728x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723889968660&idt=562&adks=1796632040%2C2606935009%2C1264209424%2C2532678541%2C4088963534&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38fdc5020d5c6658818916b7ee60e536aacf64efb1514c29d97d084fb1aa97fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14220
x-xss-protection: 0
google-lineitem-id: -2,-1,-2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vedroshan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 11E6 0
0 74ms
19ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Aug 2024 10:19:29 GMT
expires: Sat, 17 Aug 2024 10:19:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 106ms
85ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0503f72b8a21365edb048e281f397c1cc89ccedd6cd3cf6067bac7b468781bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12744
x-xss-protection: 0

GET
H2 404 favicon.ico
vedroshan.com/ 548 B
239 B 10ms
9ms Other
text/html 167.88.39.72
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://vedroshan.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.88.39.72 , Canada, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://vedroshan.com/how-much-does-health-insurance-cost-for-a-small-business-per-employee-usa/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
content-encoding: br
cache-control: s-maxage=10
server: nginx
vary: Accept-Encoding
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 315ms
28ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 10:19:29 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A64 0
0 25ms
6ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Aug 2024 10:16:18 GMT
expires: Sun, 17 Aug 2025 10:16:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame A3C1 0
0 71ms
30ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZY2F6WZasPJVu1RHG6PLiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZY2F6WZasPJVu1RHG6PLiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Aug 2024 10:19:30 GMT
expires: Sat, 17 Aug 2024 10:19:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html
725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 838E 0
0 1ms
1ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Aug 2024 10:19:29 GMT
expires: Sat, 17 Aug 2024 10:19:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB26 0
0 1ms
1ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Aug 2024 10:19:29 GMT
expires: Sat, 17 Aug 2024 10:19:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 206 km_20240816_720p_30f_20240816_125232.mp4
insurance9107.wordpress.com/wp-content/uploads/2024/08/ 3 MB
0 0ms
0ms Media
video/mp4 192.0.78.12
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance9107.wordpress.com/wp-content/uploads/2024/08/km_20240816_720p_30f_20240816_125232.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=983040-

Response headers

date: Sat, 17 Aug 2024 10:19:29 GMT
x-ac: 1.jfk _dfw HIT
last-modified: Fri, 16 Aug 2024 07:26:18 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: video/mp4
Content-Range: bytes 983040-36209594/36209595
alt-svc: h3=":443"; ma=86400
Content-Length: 35226555
expires: Tue, 24 Sep 2024 00:02:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408120101&jk=3116390975877285&bg=!c3ClcD_NAAag2_gngNs7ADQBe5WfOGhKdXp1VfejVybqVkERSW_VVzqqDH9VN_sHQBHU0Yxf2pVu8nmjGoLTa9KhfcOfAgAAAV9SAAAAB2gBB34ANrbPtazbttzsVAi7OeZ87lCxiGd0Uo9ODrHAdgG7Lo_C6nRVyckcVMhN7C3DlbrzH2X2D7EqXZkCrQAstif75o9GoMDT8SPX3dbMmLTp3OA7yrA2BQLXVuGHhMLbRYGIhXmmoD3DZTH85cOndFKG8YIIkJP0rZn-dxrL7FkUKITAS9XyFFyaw5PUFsOL_ch4nLtidVPpuMtXdyWQ28R6-skIFsOeuYdY13pQ7mInkQQL4sxIvntDKZydRnAVQ03bueFyVAML15CMzqhqXI7hSMRc-lSVmACNSzoo11RruBSMElj4fQjgqlj0K83NKoDCP4aC-0mFwh1UAf-Oh8sUjwHwGZ88bGtjtFGDktiFZBpXvGY2vaQJpH9sHX8bMLMpRHaqt39jSnRRvEC5lf1CvnpKh_sPenCB8Kgr2qQ0LOSbYIS0tqZtxaYvFMZMKfeh-GAUc0Hkgx5_1PL5ehcNpSCbuOC0Q0fK9k4CJ3jipgVs3Bi4d_CskVx-QTrmdNXD1zEJnvB03qXu3MC8UowtS_yYjyaoPelFbidQ4JqHWV6hVOF0qsRBotvsRDCpRiPJ4bGH6Qeof3quBix8nR7G6Bf9D8BvTdCClmU0RIhwah8-11kavF2LVSAcEbUG0Wyz7W1jn7nUBXIn8UV2I1UiOtexfu8JAjoVRp2L87GxXG22Fu-l4AfZoHZXe5c7kJLsVfcAJhPjpVrIcNQjaRClh9D3nWzYrnbJFLsJjth65mA7MVqQSxwAO5qwGqWHGkZM_g3Ghd8eXEGse6fnYYP6zp3A5NXIU1hhS-XO4QoqTQiivlca4bbvRZorY6t8PCx1-m4GOJ3TDzVMPxdbubrKBH9Yd1WU6uLyZzjM1g13SMZIVosVLMTW7YkMjaKEe9skIpn-E0DEaFEpODOECYLkKx0g6b11kgO3fhOY8ICggYcJHpfLaPv5MV-a6EGlMODspnbGo-Sq2gnXjQGgv_z5cPA3yOInWzw

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
whairtoa.com/	1970-01-21 07:37:05	Name: OAID Value: 0080bb0edd764359eeb4022dea0c8461
whairtoa.com/	1970-01-21 07:37:05	Name: oaidts Value: 1723889967
my.rtmark.net/	1970-01-21 07:37:05	Name: ID Value: 0080bb0edd764359eeb4022dea0c8461
whairtoa.com/	1970-01-20 23:01:34	Name: syncedCookie Value: true
.vedroshan.com/	1970-01-21 08:13:05	Name: __gads Value: ID=821f84292be3d67c:T=1723889969:RT=1723889969:S=ALNI_MbTlgmci-620UvHZpxViC5sYlJWew
.vedroshan.com/	1970-01-21 08:13:05	Name: __gpi Value: UID=00000a4cd0ad7ef3:T=1723889969:RT=1723889969:S=ALNI_Mb8xt1UxUyYEhcjAtCkIRIPGRi_4g
.vedroshan.com/	1970-01-21 03:10:41	Name: __eoi Value: ID=5c7db72c7a7ece65:T=1723889969:RT=1723889969:S=AA-AfjYoBuj-mFTDnCYBCmsjAWdW
.doubleclick.net/	1970-01-21 08:27:29	Name: IDE Value: AHWqTUluItVs_53tliaX3-PFnvA8NcBkYQ0Wjlar7f4graj9L65gtKTvwmHBGa0eZUE
.travelaudience.com/	1970-01-21 08:21:44	Name: _tracker Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22BBB4153D-E3A3-482E-BF22-E14F403A3060%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sape.ngumaz.com/api/direct/0.09571119401476902 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vedroshan.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
725772801cbabdbef339c2198c4bbc66.safeframe.googlesyndication.com
blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
insurance9107.wordpress.com
my.rtmark.net
pagead2.googlesyndication.com
pixel.wp.com
rahapekee.blogspot.com
sape.ngumaz.com
securepubads.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
vedroshan.com
whairtoa.com
www.google.com
pagead2.googlesyndication.com
139.45.195.8
139.45.197.238
167.88.39.72
192.0.76.3
192.0.78.12
206.72.205.7
2607:f8b0:4006:806::2001
2607:f8b0:4006:80e::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2001
0503f72b8a21365edb048e281f397c1cc89ccedd6cd3cf6067bac7b468781bca
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
184ebf92f88cf35d24a6e61bbece67a61b7bf31fa75d070134bf1b92c511b5a2
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
227e732f887622763f809c2052ae5e77d2a06855095b2a4c67ffd770f4c13286
24a2071a6ff33f8868cf8d73f227924716780ba699241ada0a66298ab7e6b824
25a31a86d9e1e56a0d31369b6396e3bd5cc2216cadb5742fc66506c77d513847
2a3dad21122c92d2255a4de3f4c4d60d065a40dedfa32db1ced34a546090a8ad
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
38fdc5020d5c6658818916b7ee60e536aacf64efb1514c29d97d084fb1aa97fe
43423dbfe3962d98abc5a3566edf96cdc4150d361c90fdd5b6b2de1d6556ba4e
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6451bb7b192482a7726891d8ce6dbc14850b2cae7c3c15630a9ea073e1a1472a
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
765eb1dcd37c5d83c3df75654fda881374d5135474c7bb3029ae61bc9942515c
9c511b71bc48251021b8f8176f8b5af1f51eb758137c38d67b77a75fe0d99355
9cf68d9e4ca096cd26659764662d682471afb7a4c926de2e4950ca2e832bcf18
a9adce817a8e3b921202218c292de3827e401d524dd2583e85dcd1366dbcf99a
a9c64f3548c3851fe1e6baf550e29b917b7eba61783eddc65894e1d78cfcf345
b31f6c806c8f1e23552462c44a47a988b5df5bdeeafff5d1032205e7280c74fd
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
c60cd38def5c368f0694c5b8c5c976b26a3f8ca3100968cced4fa3723538428c
ce63b4315cef7456976003fd572f4c4c2ab6da3f5e86f69b184774eb7eec5f31
d0035a398c5a022dc1cd66b7acff4f370dd11f699ee1394220aba5bc7396fd92
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f136ca06d69de0c1598cd9f012a3232ec9e2861fb7f4ee93a551ca5265823adc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fa6dbf56efed1b69b023b1601a9632014760997b1ac750af80088e8ca2fb5439

vedroshan.com Open in urlscan Pro 167.88.39.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

60 %IPv6

13 Domains

17 Subdomains

16 IPs

3 Countries

1037 kBTransfer

6140 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vedroshan.com Open in urlscan Pro
167.88.39.72 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

60 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

1037 kB
Transfer

6140 kB
Size

9
Cookies

53 HTTP transactions
9 data transactions