zedhitspromoss.com Open in urlscan Pro
2606:4700:3030::6815:37aa Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.zedhitspromoss.com/
Effective URL:
https://zedhitspromoss.com/
Submission: On July 19 via api (July 19th 2023, 6:35:00 am UTC) from US — Scanned from US

Summary HTTP 157 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 27 IPs in 2 countries across 18 domains to perform 157 HTTP transactions. The main IP is 2606:4700:3030::6815:37aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is zedhitspromoss.com.
TLS certificate: Issued by GTS CA 1P5 on July 9th 2023. Valid for: 3 months.

This is the only time zedhitspromoss.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2606:4700:303... 2606:4700:3030::6815:37aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	13.225.214.32 13.225.214.32	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:251... 2600:9000:2514:6600:b:a48f:6ec0:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:251... 2600:9000:2511:1800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.15.44.3 52.15.44.3	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	104.21.12.20 104.21.12.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.160.41.28 18.160.41.28	16509 (AMAZON-02) (AMAZON-02)
4	172.67.182.219 172.67.182.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2607:f8b0:400... 2607:f8b0:4006:81d::200d	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:19f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	18.218.158.161 18.218.158.161	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
32	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
4 5	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
157	27

30 2606:4700:3030::6815:37aa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mail.zedhitspromoss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zedhitspromoss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.214.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-32.ewr50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:808::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2514:6600:b:a48f:6ec0:21 (United States)

ASN16509 (AMAZON-02, US)

d3x0jb14w6nqz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:1800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.15.44.3 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-44-3.us-east-2.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.12.20 (None, )

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.41.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-28.iad55.r.cloudfront.net

inncreasukedrev.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.182.219 (United States)

ASN13335 (CLOUDFLARENET, US)

dfearinglestp.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::200d (Flushing, United States) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:80f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.218.158.161 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-158-161.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::200a (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:806::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2004 (Flushing, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	669 KB
30	zedhitspromoss.com 1 redirects mail.zedhitspromoss.com zedhitspromoss.com	4 MB
20	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	193 KB
14	google.com 8 redirects accounts.google.com — Cisco Umbrella Rank: 67 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	5 KB
10	wp.com c0.wp.com — Cisco Umbrella Rank: 7806 stats.wp.com — Cisco Umbrella Rank: 2759 pixel.wp.com — Cisco Umbrella Rank: 2584	104 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	91 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	337 KB
6	sharethis.com 1 redirects platform-api.sharethis.com — Cisco Umbrella Rank: 4636 buttons-config.sharethis.com — Cisco Umbrella Rank: 5545 l.sharethis.com — Cisco Umbrella Rank: 4909 pd.sharethis.com — Cisco Umbrella Rank: 14401	50 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	4 KB
4	dfearinglestp.info dfearinglestp.info	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 27346 ui.cleverwebserver.com — Cisco Umbrella Rank: 27873 call.cleverwebserver.com — Cisco Umbrella Rank: 29233	48 KB
3	inncreasukedrev.info inncreasukedrev.info	4 KB
3	cloudfront.net d3x0jb14w6nqz.cloudfront.net	69 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 31305	101 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	140 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	608 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100
157	18

	Domain	Requested by
32	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
29	zedhitspromoss.com	zedhitspromoss.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net zedhitspromoss.com
16	pagead2.googlesyndication.com	zedhitspromoss.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	c0.wp.com	zedhitspromoss.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	accounts.google.com	4 redirects zedhitspromoss.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	dfearinglestp.info	zedhitspromoss.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	pagead2.googlesyndication.com
3	inncreasukedrev.info	d3x0jb14w6nqz.cloudfront.net
3	d3x0jb14w6nqz.cloudfront.net	zedhitspromoss.com inncreasukedrev.info
2	pogothere.xyz	d3x0jb14w6nqz.cloudfront.net
2	l.sharethis.com	1 redirects zedhitspromoss.com
2	www.googletagmanager.com	zedhitspromoss.com www.googletagmanager.com
2	platform-api.sharethis.com	zedhitspromoss.com platform-api.sharethis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	pixel.wp.com	zedhitspromoss.com
1	stats.wp.com	zedhitspromoss.com
1	call.cleverwebserver.com	zedhitspromoss.com
1	ui.cleverwebserver.com	zedhitspromoss.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pd.sharethis.com	zedhitspromoss.com
1	scripts.cleverwebserver.com	zedhitspromoss.com
1	www.facebook.com	zedhitspromoss.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	mail.zedhitspromoss.com	1 redirects
157	31

This site contains links to these domains. Also see Links.

Domain
instagram.com
youtube.com
twitter.com
facebook.com
combodef.com
zambianmag.com
zambiancliq.com
viralmusik.com

Subject Issuer	Validity	Valid
zedhitspromoss.com GTS CA 1P5	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
inncreasukedrev.info Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
dfearinglestp.info E1	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-27` - `2023-07-26`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://zedhitspromoss.com/
Frame ID: 197D3491E1FCB815BDE39EE5DF3DC785
Requests: 77 HTTP requests in this frame

Frame: https://inncreasukedrev.info/UWdLczMwBSgeDDBaKVVGIwt2VgEXQnk1V2IfexlRYFM8RV0gHWUQXz4SLxVBPgk/XV00E25BdWIFDCUHNC8sI3A5Pi4hSzYqAzZlEzAnOXgFIgk4dyYUEzVbKT4DMWZiIR8EcRpXcipwOBR6O1g+NQobSxc/Dj5mFjUSP2QXUy81VGg+GCUHCyQKF3UFIX8qdQMEHyFiYTcNC1ABIRpLcBkfLzh2EwsNNWIcAQ4hYgQjHjF4AQx6MGUHVgAgdgA0DiFqMiYzOn8JMjsQcCYfLyBfKTIYNWkYNB0qBQkyOxB2OSIcJ185JhgJQzU/JyZyBQwzNWIUSjs6dAMQHTVxYTcIIlAFIhoLeQcdfj1gYBMHIANkAxMfZQAiMzJqEiUZF2A4XgogWDYyCSIHNT8eA1AQD3sRdiYpBitmIS4PBAMaITMmeQAiJFYBEzQdQmEHDCMkZActBydlCwMTNnE1NCcEZBY1fyl7Nh8vIFlkPR0YCgY0egN3FTIdORU7FCQdQ2wDJjxKCB4YRAc+NAYV
Frame ID: 30F846022C8DCC9DF79DAD4E06C2FD79
Requests: 2 HTTP requests in this frame

Frame: https://inncreasukedrev.info/Q3dycUwiFREccyJKEFc5MRtPVH4FUkA3KHAPQhsuckMFRyIyDVwSICwCFhc+LBkGXyImA1dDCikhGQF9ED8jQAYRBAciNQodNykaDS46QAQlMkMGBQIuHDYlGUQ2MnQXOCZBegodSkApK0M2JCUKADcpGgYUMSgZCR88Ay4BNh83fjdAJwgnEjk6FQ4hEDdCKDsQHDUmexo1IiARLTMJDRkcIAspBiEVMDZ7HDciLwc9JUgEJjUdGC5zE0YjGxkcICZ9CzE1SAQmNj9UfgU9Nz90FiAnOBkLBzc9Ijs1KycKKBIaIHgBMx0HDSpHJSEfDjUQJBUSEUJcFmZFNCYhFU8nOTwGERs0KBM1GUcucxQ+JBsRQTUiCSU6QEgEJjU/CwcRQxwpFA1DICI/ID0xJBUPITQaCAYlRyAEK0ElQn0HLSpILiYiQwQucxNGMzYgBDQ1IycUQRY2JSIWGRYGLVdDDhYePEIeAlEYAiMtB08IKyQYBT4mCBRCGgc
Frame ID: 12D424D9E948C30AE16DA329DDC9B149
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html
Frame ID: 96DC6A9830D6D6A4DDA2D565E30D36C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&adk=2969136045&adf=3689892565&lmt=1689748492&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fzedhitspromoss.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748492709&bpp=5&bdt=492&idt=145&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8746826520748&frm=20&pv=2&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=2041596051&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171
Frame ID: FE5ECD450CF3B51FAC907040B461A2A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=2737543352&adk=3526789567&adf=1343987665&pi=t.ma~as.2737543352&w=308&fwrn=4&fwrnh=100&lmt=1689748492&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748492958&bpp=4&bdt=742&idt=4&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=2041596051&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=386b0JUfJf&p=https%3A//zedhitspromoss.com&dtd=9
Frame ID: DB01DB67C84E9BA5908CD08E180EADB8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=9302951709&adk=3841459635&adf=1900508291&pi=t.ma~as.9302951709&w=308&fwrn=4&fwrnh=100&lmt=1689748493&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748493348&bpp=8&bdt=1132&idt=8&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55797aea15d729a1-2282d216c4e200b5%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MaMXPoXxfYCJfM97LknbOiqVR3KdA&gpic=UID%3D00000cd986596e22%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MZUZFwx5LsedP252ftIZ3kmZM8KgQ&prev_fmts=0x0%2C308x250&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=497212178&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OaXyQxJChx&p=https%3A//zedhitspromoss.com&dtd=15
Frame ID: E724EF2770E8236213608DF6768FA348
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB40276BC182DACA9B8E9E682D6D5CFF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ED8EB450F5FC09C72891D88E760FB002
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: 2215F22446CBC896FAAFCCEDEA5462F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
Frame ID: CFD99C3BEA47C3782F167C4D28B72A86
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
Frame ID: C90544E342F16AAD13CD887A98CB296B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
Frame ID: F2371A53C0BA756177B29485D3FA0542
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
Frame ID: 846D4873C051B0A79E344F1C91FE996E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: D42F0134B1E64B9C067BD3D64128FF72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 984CA7E4CE96F7347F43B64CE1A00493
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A0B9DF812081C6943A84ABDB1277B23
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 351E1BA80851EAB23C20739F0D8039B3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: 20B526D23385D6213725FAF92C0F8048
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: 6BB9321102F5C65DDB519CCBC9C70CC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: DAD78A33C66AECDCFDC22A51ABC83DF0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: 97798493AD1EA6C524B0E6A4CEF33A8D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0BAFF9A2868E857263EA7D9530B6833
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C18F9F2F69995E0358A5D369C1C5E1C5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Zambian Music mp3 & Videos.Get lastest Zed Music »

Page URL History Show full URLs

https://mail.zedhitspromoss.com/ HTTP 301
https://zedhitspromoss.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

157
Requests

98 %
HTTPS

69 %
IPv6

18
Domains

31
Subdomains

27
IPs

2
Countries

5496 kB
Transfer

9359 kB
Size

12
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/zedhitspromosofficial/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://youtube.com/c/zedhitspromoskasp2/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/zedhitsofficial/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/zedhitspromosofficial/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://combodef.com//L?tag=d_2393865m_60651c_&site=2393865&ad=60651

Search URL Search Domain Scan URL

URL: https://zambianmag.com/tag/chile-one-mr-zambia/
Title: Zambianmag

Search URL Search Domain Scan URL

URL: https://zambianmag.com/category/download-zambia-music/
Title: Download Zambian Music

Search URL Search Domain Scan URL

URL: https://zambiancliq.com/
Title: Download Zambian Music

Search URL Search Domain Scan URL

URL: http://viralmusik.com/
Title: Download Zambian Music

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.zedhitspromoss.com/ HTTP 301
https://zedhitspromoss.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://l.sharethis.com/pview?event=pview&hostname=zedhitspromoss.com&location=%2F&product=inline-reaction-buttons&url=https%3A%2F%2Fzedhitspromoss.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Zambian%20Music%20mp3%20%26%20Videos.Get%20lastest%20Zed%20Music%20%C2%BB&cms=unknown&publisher=6064e75c9269c20011a2a24d&sop=true&version=st_sop.js&lang=en&description=Download%20Zambian%20Music%202022%20-2023.%20Download%20Latest%20mp3%20zambian%20Music%2C%20Yo%20Maps%202020-2022%20songs%2C%20AlifatiQ%202020-2022%20Mp3.%20Latest%20Chile%20One%20MrZambia%20Songs%20Ilovezedmusic%20.%20Westside%20musicblog%20afrofire%20zambianmusichits%20Zedpushup%20Zambianmusic%20Kopalajams%20Download%20Zed%20Music%202022%20Mp3%20%26%20Videos.%20Latest%20Zed%20Music%202021%20%26%20Old%20Zambian%20Music%202023%20Mp3%20indimba%20%26%20get%20Zed%20New%20Songs%20Music%20Download.&ua=&ua_mobile=false&ua_full_version_list= HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=zedhitspromoss.com&location=%2F&product=inline-reaction-buttons&url=https%3A%2F%2Fzedhitspromoss.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Zambian%20Music%20mp3%20%26%20Videos.Get%20lastest%20Zed%20Music%20%C2%BB&cms=unknown&publisher=6064e75c9269c20011a2a24d&sop=true&version=st_sop.js&lang=en&description=Download%20Zambian%20Music%202022%20-2023.%20Download%20Latest%20mp3%20zambian%20Music%2C%20Yo%20Maps%202020-2022%20songs%2C%20AlifatiQ%202020-2022%20Mp3.%20Latest%20Chile%20One%20MrZambia%20Songs%20Ilovezedmusic%20.%20Westside%20musicblog%20afrofire%20zambianmusichits%20Zedpushup%20Zambianmusic%20Kopalajams%20Download%20Zed%20Music%202022%20Mp3%20%26%20Videos.%20Latest%20Zed%20Music%202021%20%26%20Old%20Zambian%20Music%202023%20Mp3%20indimba%20%26%20get%20Zed%20New%20Songs%20Music%20Download.&ua=&ua_mobile=false&ua_full_version_list=&samesite=None

Request Chain 38

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXiHPU92P101PRN1Ls5-JQfTNfa7MeDP0-4NR5ZSMMi12UCtuFdrSxW7wDOtNEqIQFyhui6pgQ HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S1930207775%3A1689748492878874&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6zngpXTiV6zp2G1YFGRabg4UmYv-RKGU3c1kNqUsv03T4jlPKHa7jHh5mOeoS40q7JDXydA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 39

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXgqdXZmU0eJR-juPlDx529TIss2wd_wiEC1_sZzHvQ3OYWvFoChxXcdtw5EQg1JgWPnviHDUA HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S1292415188%3A1689748492875683&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgQog-39qTI9OoW6C3c_ebWZxONu26wk_t1tVdWRyOky3vZUfe7dhDdRj8XJ3uOsTbO_EhNiA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

157 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
zedhitspromoss.com/
Redirect Chain

https://mail.zedhitspromoss.com/
https://zedhitspromoss.com/

116 KB
19 KB

1052ms
1023ms

Document
text/html

2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.29
Resource Hash: 321495a7337c35ffc6856376c0464eb8c66fb3b8b1b72be89f2310b542f73a1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e90f0e5facc32d3-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 19 Jul 2023 06:34:52 GMT
link: <https://zedhitspromoss.com/wp-json/>; rel="https://api.w.org/" <https://zedhitspromoss.com/wp-json/wp/v2/pages/785>; rel="alternate"; type="application/json" <https://wp.me/PcfmwC-cF>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Pzn%2BKfJAEYbjL9%2FPwhhvYlfrV0ESyJajmN9swSe%2FJJdMm41mxt1Mpahh3XSfXIoXu1IxQ0WEp0PKaEs%2BUtO4mGSk7m5s1F1DNIXHO%2BPcyJe9Y2zxHDIp%2BV9MN3tMuM9uidvY6GEzdtGOZctOZp2Vmc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/8.0.29
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e90f0dfe83032d3-EWR
content-type: text/html; charset=UTF-8
date: Wed, 19 Jul 2023 06:34:51 GMT
location: https://zedhitspromoss.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AD0xfuG6yAYD%2BbTLll%2FqQcMSX7bqh%2BnUbX724Nnl%2F5dImOUtsZB5NeoeNNT9Wuqsv7T2JWbLWB%2F7rvUwnakPCuueU2M3b8w0a61MwWMep%2F%2BWXsfR%2BdZpHhnNBiovgfQJYX86xWcoGtOcZx6IdsaoQlmcJ3aBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-powered-by: PHP/8.0.29
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
c0.wp.com/c/6.2.2/wp-includes/css/dist/block-library/ 95 KB
12 KB 33ms
2ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.2.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H2 200 view.css
zedhitspromoss.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 602 B
610 B 20ms
18ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 07:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 153047
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fcPzTA96vPEepSZBCFZONUYoN8YRhzxdkEwmh4Vy75EzQF%2BfRTm4QvIwzKEzpbLAFrwvul4fR3rJgg%2FI1DZhuOof5f%2FnL1W%2BKo5QlItq4Eab1lCS9RMR%2BgK%2BLybHditxTrmbRDh%2BuUXQPlZHEvXSFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0ec6d7b32d3-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 12:04:05 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/ 11 KB
2 KB 35ms
5ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/ 4 KB
1 KB 35ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H2 200 classic-themes.min.css
c0.wp.com/c/6.2.2/wp-includes/css/ 291 B
354 B 35ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.2.2/wp-includes/css/classic-themes.min.css

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
strict-transport-security: max-age=15552000
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 291
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zedhitspromoss.com/wp-includes/js/ 18 KB
5 KB 13ms
12ms Script
application/javascript 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 06:50:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4GBlLjBp98eTxuNyf5hj5VJMy8msFF0Ul507MrEJ%2FZkbHy1Jzn30eubQPnPLqIaE7fdlX77zRh1UE0gg3ndWr0Ch6ErymiLWK9Wwx34VX%2BGiBJZad9tFJs2OgvTG4yc70DGpEU%2Bi%2Fzz7HsFwsKvVJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb1d8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H2 200 dashicons.min.css
c0.wp.com/c/6.2.2/wp-includes/css/ 58 KB
34 KB 10ms
3ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.2.2/wp-includes/css/dashicons.min.css

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H3 200 frontend.min.css
zedhitspromoss.com/wp-content/plugins/post-views-counter/css/ 215 B
637 B 22ms
19ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.3.13
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Apr 2023 17:55:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQ01NvijigyseAJO6tU9m6sCLhtkPQFclIIW60ShkDB86OpS%2BNOO6uXuGMJSzisGJJa6jSbur5c2DkRIgbR9Q0m9pvil2CjheN2ORmHXfhDqrdWTteGBgHGqPm5qQxmilFfflj5GLfHrd91fyGWJoq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb1f8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H3 200 button-styles.css
zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 9 KB
2 KB 20ms
17ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 17:18:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 520199
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVyAv1QrEMDes52cQy2Bwyvf8JqJ8G4r0Vz4YzZfvFjlMDJNGIglonHUwSot778N5pmYI6U0utDK3H9GQsh93pSjb%2F%2FX2E6HCLH2ZoFww%2BKiZ4PQrscpMAnTZPJibvsyW785FUHLtI%2FD15RrS1vG3YU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb208c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 06:04:53 GMT

GET
H3 200 base.min.css
zedhitspromoss.com/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 24ms
20ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904ff27f1e28f1e7342eb8112cfd255a4918e6f4c71da07e7e1c365aab78d559

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Apr 2021 17:57:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=624yS6dW7oVPcDlAB4xJUyj9X1X96Ve2yhPDbx1uUdnM1lbjtr3sJ%2FExXMXgMOAS83%2BAb9v7lAbXXxSN%2FWfbElInuGX3Ow6p%2FJRwQSKb9xhmy6lTv5QxGN0xGjjXjazPyvclAJqod6zQzxPWBng%2BvcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb218c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H3 200 style.min.css
zedhitspromoss.com/wp-content/themes/jannah/assets/css/ 171 KB
30 KB 27ms
22ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8077e3725527b0a4f14d12f2620e3787ce393abb753c0c78d6312fb484218e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Feb 2021 16:00:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 520199
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=En9QPl7rOvH68LY7KVnsLTzXAq1wWL4V7IbymWspEYtjYol4s98Z0GZiwiTuZUlfnSASXUpCPXgJxDSvPE5wXokdUwkHxcVzUCzVPTzPQJVc9Qpj5gL4kjvstHPANuQoF0W3giiUlT5ex3XPhDqZtas%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb228c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 20 Jul 2023 06:04:53 GMT

GET
H3 200 widgets.min.css
zedhitspromoss.com/wp-content/themes/jannah/assets/css/ 53 KB
10 KB 30ms
26ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Feb 2021 16:24:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZjgexdBkxlF1NqgPpm0G3ZWn8Y5vr0Ex%2Fy0ZYusltPy5RFHhLyNytb0T%2FYI9JBQHT%2FIgStiDYxZMpgzDLRYro%2BXTHEYnucEF5UErmuGjFTb9zqLpcIcbht7qbnRYqBSPSe8lDeUW042hQRC4C9NlpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb238c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H3 200 helpers.min.css
zedhitspromoss.com/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 36ms
31ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b30cd43c5ddbb3a85552d04d490b182c2fe1a46e7246344b8110ea0bcb6f3af0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 07 Feb 2021 17:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZ9V5X9wpcTIq8NqJgyRQC7DAHUAaIobRMO2LXmfuTjfxZ2K2njix8xtx0KEGhVvats600sZIy%2BTjD%2FSbJaPOfA%2B8paXHuOePZtSsauv%2BTJXg01ePHk9O%2FDvthG6v6yYxXPY9e%2FLkHDmAlZdwsGP0Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb248c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 26 Jul 2023 06:34:52 GMT

GET
H3 200 fontawesome.css
zedhitspromoss.com/wp-content/themes/jannah/assets/css/ 57 KB
13 KB 31ms
27ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Jul 2020 17:01:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgsILa8N5j3MfyrB34%2F%2Btkruz0BIgbvnuDItWab1s30aSheX7PwocyEhU2cn3yvSEbV%2FFThBp%2B%2Fl1QPg%2BhcNRzDu9he%2B%2BF8FPk7Co2FYWtkjEQtQbf8UI38uGt2nTYdGIoy%2BKJcnM3PG%2Fv%2BCvZfOf6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb258c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H3 200 skin.css
zedhitspromoss.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 12 KB
3 KB 22ms
17ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Nov 2020 01:20:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix2beVXf4%2FjucNPBlf9VFgwBHO98O6n2byys8QDMTd09n%2FcN11dV3dtOkExKuJHKou79LUJjc8v2K9x3jICR5%2Bin5M7pkcGW2r403TSgeUSmpCQdXLdv2oWn1AC6pVoCYDLFGD5ozrt%2BqzqGGKeWl3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb268c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H3 200 style-custom.css
zedhitspromoss.com/wp-content/themes/jannah/assets/custom-css/ 4 KB
2 KB 32ms
27ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=47380
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c1a0a49fb1cdbf1a13f432ce3fbd33e497225a532195a2d27c8b1c2b1b7dea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 16 Jul 2023 09:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68901
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLU8ckGCPJQ%2BE36S5ljKS1uaz12VGmCasDR%2Bx4C2o%2FUU7yemz46zltLzFp0YZ%2BadkL8uKJ%2FrHXq%2FQLRlqXCS6Ug3Qk89i%2FVUsDXyv03m3UiCY3pFAu7ZYhWwis0L8mnANCbZtrrrjFNToQakK9GAF%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0eccb288c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 11:26:31 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/12.3/css/ 97 KB
17 KB 8ms
3ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.3/css/jetpack.css

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d7b7d9d5f46003fd39e1c6dee0c2f617bc32ec707d819bd4eab2fc8081938de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 05 Jul 2023 12:24:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.2.2/wp-includes/js/jquery/ 88 KB
30 KB 10ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.2.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.2.2/wp-includes/js/jquery/ 13 KB
5 KB 13ms
9ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.2.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Jul 2024 06:34:52 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
45 KB 67ms
28ms Script
text/javascript 13.225.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=1.2.3

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-32.ewr50.r.cloudfront.net

Software

Resource Hash

64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: gzip
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: EWR50-C1
etag: W/"32a36-40XB9TFKL290b/MnE4xfx5SGfVQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 1ilk5kQ2lFSxbMKg7L_oUEMLqi1w7F0nWQXmKZQZm5n8Gux8S10WhA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 64ms
45ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NRDEKNWY4C

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f58ffbce68245cbcf6ce592fbf5e1b8e64a6561dbafc0e38fb551a46021ef421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jul 2023 06:34:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 82ms
54ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e11d5d62748aa2cc65e1a50fefbcdb5e66f7fa30b9dfa5ab5389de4b27b04cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50723
x-xss-protection: 0
server: cafe
etag: 6895188854959286548
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:52 GMT

GET
H2 200 / Show response
d3x0jb14w6nqz.cloudfront.net/ 204 KB
68 KB 165ms
92ms Script
text/plain 2600:9000:2514:6600:b:a48f:6ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3x0jb14w6nqz.cloudfront.net/?wbjxd=967248
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:6600:b:a48f:6ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95fa370bf668c7e5d41ba14188225da297ba799f3b078fd0bb80b58fba3b821f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: gzip
via: 1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 68991
x-amz-cf-id: cs2aZjm3m6JC4hY7HJb5y3WLuEthT597om18maa4memwP1j5HWrZow==

GET
H3 200 IMG_30072020_202306_550_x_78_pixel.jpg
zedhitspromoss.com/wp-content/uploads/2020/07/ 23 KB
24 KB 14ms
13ms Image
image/jpeg 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zedhitspromoss.com/wp-content/uploads/2020/07/IMG_30072020_202306_550_x_78_pixel.jpg
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60d8458e3f507d17920898c8690111c5074a8a61fd47f700c91ab52c9ba635e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25739
alt-svc: h3=":443"; ma=86400
content-length: 24045
last-modified: Thu, 30 Jul 2020 18:24:07 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83lW0pfjzd9su9HOiOvu08WXPFxUVma8%2BJ3Nx7N8JWTJH%2FRuvK%2Fi%2FEFMeqypDWl0Nd2P1MUN%2FFanb4v4zLi5ne%2FsuToR3%2FISQLTi3Nr0d5f6EeoSLPlXzWmQcYcMP0K4AUYOHMB1qdAUA8Kij7yL6yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0ed7b908c9b-EWR
expires: Tue, 25 Jul 2023 23:25:53 GMT

GET
H3 200 Frame-4534101-1-2.gif
zedhitspromoss.com/wp-content/uploads/2023/06/ 3 MB
3 MB 16ms
15ms Image
image/gif 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zedhitspromoss.com/wp-content/uploads/2023/06/Frame-4534101-1-2.gif
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26db4e879310e58ca4e67f1e115baedb387f0c9cafcbcb97a58c60532a9d4691

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 326509
alt-svc: h3=":443"; ma=86400
content-length: 3270844
last-modified: Tue, 13 Jun 2023 07:50:15 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9s3fGPLYEm3sG8VPQKI81HYTt6EFW7WRcSV8By3PVNrNzZ1v0osnQx8ENiLkEOrdIzjzZNp7qXBU96A6Dg2UBSCKGAkqblI4oYuhzVcRfSl4Y9dJy3uZbt3JARqHxmEyGmWeOk0uDLrSSjSQG71I5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0ed7b928c9b-EWR
expires: Sat, 22 Jul 2023 11:53:03 GMT

GET
H3 200 dashicons.min.css
zedhitspromoss.com/wp-includes/css/ 58 KB
35 KB 23ms
16ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-includes/css/dashicons.min.css
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 06:12:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnmSSd0pjekLHdlTewPomjVUgjTc5p5J%2FmGPeKaqYZUY5Hs1Zmda3MxIqw0%2BaUmtGct0kvBc2vJ6hDb8ci8HBvBVFIMiBDY72cFh%2B08%2FZ8ot2S3EFqmmkqXbphR40yN%2FfgchTgKO0mkTytCvpNboEWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0ed0b4e8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H3 200 font-awesome.min.css
zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 86 KB
13 KB 24ms
17ms Stylesheet
text/css 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 17:18:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326517
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFQWaNNncx0KSiNJXVutJ7UH10pMI%2BaAgeusRb8ohT07mVHIdlKdvhS1V2hac0XHGSLfHHTX58I09yfmm%2FDHp3ppY4bdYC1tViMtIDYTCq6NdfPWmVXiY4bLIgh%2F8paEswSsXxOv%2Bu1toNpFR0K6hxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0ed0b4f8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:52:55 GMT

GET
H2 200 6064e75c9269c20011a2a24d.js Show response
buttons-config.sharethis.com/js/ 266 B
690 B 206ms
78ms Script
text/javascript 2600:9000:2511:1800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6064e75c9269c20011a2a24d.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:1800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b5c0e825ba9f58e33c94cf870e4786b7b64983593d1e73d0b347f410855c8467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
via: 1.1 b33e91c066f49dc7c18162b9a344e266.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 22 Sep 2022 19:46:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
etag: "a3cbc5f455ec4bdf8297fea66e3eeb54"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 266
x-amz-cf-id: odQq4-S9Gkq7175QXQsdied-8rWYBIsJREeofM8J-x0LWKeXQ3zNYg==

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=zedhitspromoss.com&location=%2F&product=inline-reaction-buttons&url=https%3A%2F%2Fzedhitspromoss.com%2F&source=sharethis.js&fcmp=false&fcmpv2=fals...
https://l.sharethis.com/sc?event=pview&hostname=zedhitspromoss.com&location=%2F&product=inline-reaction-buttons&url=https%3A%2F%2Fzedhitspromoss.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&h...

192 B
716 B

23ms
23ms

XHR
text/plain

52.15.44.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=zedhitspromoss.com&location=%2F&product=inline-reaction-buttons&url=https%3A%2F%2Fzedhitspromoss.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Zambian%20Music%20mp3%20%26%20Videos.Get%20lastest%20Zed%20Music%20%C2%BB&cms=unknown&publisher=6064e75c9269c20011a2a24d&sop=true&version=st_sop.js&lang=en&description=Download%20Zambian%20Music%202022%20-2023.%20Download%20Latest%20mp3%20zambian%20Music%2C%20Yo%20Maps%202020-2022%20songs%2C%20AlifatiQ%202020-2022%20Mp3.%20Latest%20Chile%20One%20MrZambia%20Songs%20Ilovezedmusic%20.%20Westside%20musicblog%20afrofire%20zambianmusichits%20Zedpushup%20Zambianmusic%20Kopalajams%20Download%20Zed%20Music%202022%20Mp3%20%26%20Videos.%20Latest%20Zed%20Music%202021%20%26%20Old%20Zambian%20Music%202023%20Mp3%20indimba%20%26%20get%20Zed%20New%20Songs%20Music%20Download.&ua=&ua_mobile=false&ua_full_version_list=&samesite=None

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

HTTP/1.1

Server

52.15.44.3 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-44-3.us-east-2.compute.amazonaws.com

Software

Resource Hash

4e9f27ad962a29f1b09bec7d715ee406bf2197c3be9a4f6367fb724b81f06628

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 06:34:52 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://zedhitspromoss.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHkABGS3hAwAAAALDwbfAw==
Access-Control-Allow-Headers: *
Content-Length: 192
X-Robots-Tag: noindex, nofollow

Redirect headers

Date: Wed, 19 Jul 2023 06:34:52 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://zedhitspromoss.com
Location: /sc?event=pview&hostname=zedhitspromoss.com&location=%2F&product=inline-reaction-buttons&url=https%3A%2F%2Fzedhitspromoss.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Zambian%20Music%20mp3%20%26%20Videos.Get%20lastest%20Zed%20Music%20%C2%BB&cms=unknown&publisher=6064e75c9269c20011a2a24d&sop=true&version=st_sop.js&lang=en&description=Download%20Zambian%20Music%202022%20-2023.%20Download%20Latest%20mp3%20zambian%20Music%2C%20Yo%20Maps%202020-2022%20songs%2C%20AlifatiQ%202020-2022%20Mp3.%20Latest%20Chile%20One%20MrZambia%20Songs%20Ilovezedmusic%20.%20Westside%20musicblog%20afrofire%20zambianmusichits%20Zedpushup%20Zambianmusic%20Kopalajams%20Download%20Zed%20Music%202022%20Mp3%20%26%20Videos.%20Latest%20Zed%20Music%202021%20%26%20Old%20Zambian%20Music%202023%20Mp3%20indimba%20%26%20get%20Zed%20New%20Songs%20Music%20Download.&ua=&ua_mobile=false&ua_full_version_list=&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHkABGS3hAwAAAALDwbfAw==
Access-Control-Allow-Headers: *
Content-Length: 1043
X-Robots-Tag: noindex, nofollow

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 36ms
35ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-198821967-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NRDEKNWY4C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4582f62f6f0bea1214f7f6975720d6f6eb98accd1fc41da6f5c661311be8aeb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61037
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jul 2023 06:34:52 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 63ms
24ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NRDEKNWY4C&gtm=45je37h0&_p=1917979708&cid=1544688222.1689748492&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689748492&sct=1&seg=0&dl=https%3A%2F%2Fzedhitspromoss.com%2F&dt=Download%20Zambian%20Music%20mp3%20%26%20Videos.Get%20lastest%20Zed%20Music%20%C2%BB&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NRDEKNWY4C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 06:34:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zedhitspromoss.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 83ms
26ms Fetch
binary/octet-stream 104.21.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3x0jb14w6nqz.cloudfront.net
URL: https://d3x0jb14w6nqz.cloudfront.net/?wbjxd=967248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 18 Jul 2023 17:42:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://zedhitspromoss.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD0Js9XhpGhfs9nxVR1NS%2BD6X1Az2oj2JaRfVYF1pSPF%2BWN3%2Bj3jj8A8Lr2N9BAR5o7fFN3iORkq8pQSTt3mPMNnhfmfb9QyHQw00qzqrdwS4Q%2FmR3rVwmY%2FEuoI6kBR"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e90f0ee89c2436f-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 27 B
619 B 82ms
25ms Fetch
text/plain 104.21.12.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3x0jb14w6nqz.cloudfront.net
URL: https://d3x0jb14w6nqz.cloudfront.net/?wbjxd=967248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75df4f68e86fe8af0a832e8a830c50118a4ee65f3187902830a301f3a5c31103

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFhtitdlZchRnrwPg6%2F6gc9RX20oaB4l0h7Y%2FZUqqhzX4O3pebcN7WAwcnPmSpy%2Fi%2FdjaMi56oxlburrx3yU56tnTNLknSv1j90z9A55%2B%2FSonTomO8vJAQULc2ATbsQl"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://zedhitspromoss.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7e90f0ee89c3436f-EWR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
inncreasukedrev.info/ 0
540 B 89ms
20ms XHR
text/plain 18.160.41.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://inncreasukedrev.info/utx?cb=Sxs9vYBRIUMc&top=zedhitspromoss.com&tid=967248
Requested by: Host: d3x0jb14w6nqz.cloudfront.net
URL: https://d3x0jb14w6nqz.cloudfront.net/?wbjxd=967248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-28.iad55.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 06:34:52 GMT
via: 1.1 8332ab8bd32a6ba696984216199de564.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: IAD55-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://zedhitspromoss.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: _Aw7xiww750KdmjqvCoHgrjqNHyf4jnZlznqlAAOSUzebECDl19OMA==

GET
H2 200 JyZyBQwzNWIUSjs6dAMQHTVxYTcIIlAFIhoLeQcdfj1gYBMHIANkAxMfZQAiMzJqEiUZF2A4XgogWDYyCSIHNT8eA1AQD3sRdiYpBitmIS4PBAMaITMmeQAiJFYBEzQdQmEHDCMkZActBydlCwMTNnE1NCcEZBY1fyl7Nh8vIFlkPR0YCgY0egN3FTIdORU7FCQdQ... Show response
inncreasukedrev.info/UWdLczMwBSgeDDBaKVVGIwt2VgEXQnk1V2IfexlRYFM8RV0gHWUQXz4SLxVBPgk/XV00E25BdWIFDCUHNC8sI3A5Pi4hSzYqAzZlEzAnOXgFIgk4dyYUEzVbKT4DMWZiIR8EcRpXcipwOBR6O1g+NQobSxc/Dj5mFjUSP2QXUy81VGg+... Frame 30F8 3 KB
2 KB 91ms
53ms Document
text/html 18.160.41.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://inncreasukedrev.info/UWdLczMwBSgeDDBaKVVGIwt2VgEXQnk1V2IfexlRYFM8RV0gHWUQXz4SLxVBPgk/XV00E25BdWIFDCUHNC8sI3A5Pi4hSzYqAzZlEzAnOXgFIgk4dyYUEzVbKT4DMWZiIR8EcRpXcipwOBR6O1g+NQobSxc/Dj5mFjUSP2QXUy81VGg+GCUHCyQKF3UFIX8qdQMEHyFiYTcNC1ABIRpLcBkfLzh2EwsNNWIcAQ4hYgQjHjF4AQx6MGUHVgAgdgA0DiFqMiYzOn8JMjsQcCYfLyBfKTIYNWkYNB0qBQkyOxB2OSIcJ185JhgJQzU/JyZyBQwzNWIUSjs6dAMQHTVxYTcIIlAFIhoLeQcdfj1gYBMHIANkAxMfZQAiMzJqEiUZF2A4XgogWDYyCSIHNT8eA1AQD3sRdiYpBitmIS4PBAMaITMmeQAiJFYBEzQdQmEHDCMkZActBydlCwMTNnE1NCcEZBY1fyl7Nh8vIFlkPR0YCgY0egN3FTIdORU7FCQdQ2wDJjxKCB4YRAc+NAYV
Requested by: Host: d3x0jb14w6nqz.cloudfront.net
URL: https://d3x0jb14w6nqz.cloudfront.net/?wbjxd=967248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-28.iad55.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 4924bfc0f1c031d73c9de466c6f6b4c3ce24db8be2bf6ba41163c7640c7411ef

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1237
content-type: text/html
date: Wed, 19 Jul 2023 06:34:52 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 8332ab8bd32a6ba696984216199de564.cloudfront.net (CloudFront)
x-amz-cf-id: 2WXyJgN0KJaNV79h0Kebat5mnMH3gz45apQnvjKbP0CtY78CkekEtA==
x-amz-cf-pop: IAD55-P1
x-cache: Miss from cloudfront

GET
H2 200 ID0xJBUPITQaCAYlRyAEK0ElQn0HLSpILiYiQwQucxNGMzYgBDQ1IycUQRY2JSIWGRYGLVdDDhYePEIeAlEYAiMtB08IKyQYBT4mCBRCGgc Show response
inncreasukedrev.info/Q3dycUwiFREccyJKEFc5MRtPVH4FUkA3KHAPQhsuckMFRyIyDVwSICwCFhc+LBkGXyImA1dDCikhGQF9ED8jQAYRBAciNQodNykaDS46QAQlMkMGBQIuHDYlGUQ2MnQXOCZBegodSkApK0M2JCUKADcpGgYUMSgZCR88Ay4BNh83fjdA... Frame 12D4 3 KB
2 KB 29ms
18ms Document
text/html 18.160.41.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://inncreasukedrev.info/Q3dycUwiFREccyJKEFc5MRtPVH4FUkA3KHAPQhsuckMFRyIyDVwSICwCFhc+LBkGXyImA1dDCikhGQF9ED8jQAYRBAciNQodNykaDS46QAQlMkMGBQIuHDYlGUQ2MnQXOCZBegodSkApK0M2JCUKADcpGgYUMSgZCR88Ay4BNh83fjdAJwgnEjk6FQ4hEDdCKDsQHDUmexo1IiARLTMJDRkcIAspBiEVMDZ7HDciLwc9JUgEJjUdGC5zE0YjGxkcICZ9CzE1SAQmNj9UfgU9Nz90FiAnOBkLBzc9Ijs1KycKKBIaIHgBMx0HDSpHJSEfDjUQJBUSEUJcFmZFNCYhFU8nOTwGERs0KBM1GUcucxQ+JBsRQTUiCSU6QEgEJjU/CwcRQxwpFA1DICI/ID0xJBUPITQaCAYlRyAEK0ElQn0HLSpILiYiQwQucxNGMzYgBDQ1IycUQRY2JSIWGRYGLVdDDhYePEIeAlEYAiMtB08IKyQYBT4mCBRCGgc
Requested by: Host: d3x0jb14w6nqz.cloudfront.net
URL: https://d3x0jb14w6nqz.cloudfront.net/?wbjxd=967248
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-28.iad55.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: aab7b6688899d310497e61fe1bf020891be30ef2bca4c376c6c682ebf3f6a246

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1217
content-type: text/html
date: Wed, 19 Jul 2023 06:34:52 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 8332ab8bd32a6ba696984216199de564.cloudfront.net (CloudFront)
x-amz-cf-id: zkaUXYiDsl9Pq_Z8SuT5CUVXAOSnlo3Y5e5-gS-iGBctXbchD5n_Nw==
x-amz-cf-pop: IAD55-P1
x-cache: Miss from cloudfront

GET
H2 204 U2JBeFV8XSILaB5SLU0YBFIJHT4gKBYPB2U2ACIxEVEDKBQFBWcMPDdfeE5iYVZ5XiU6BnxJcyAWIAwgIF9wXjw9BC5FcyVfcFZmZ0xyS3tjRDRFZHUWMRkyblNnCCEnDnxJY2tbdkxtZ1tzTWdi
dfearinglestp.info/ 0
398 B 59ms
29ms Image
text/plain 172.67.182.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfearinglestp.info/U2JBeFV8XSILaB5SLU0YBFIJHT4gKBYPB2U2ACIxEVEDKBQFBWcMPDdfeE5iYVZ5XiU6BnxJcyAWIAwgIF9wXjw9BC5FcyVfcFZmZ0xyS3tjRDRFZHUWMRkyblNnCCEnDnxJY2tbdkxtZ1tzTWdi
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.182.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQNSbZqYC6z%2FN%2Fq6Ds16I54PEoGq%2BOFvkH2ZcurV3%2FthVQgC5UMZM5MnGBU2Sb8H2Y6IK4lagKqC%2BBwYvw17hY%2BBycfRl1QXRYHhvPfKbRuYidc3mZENF1TlSw4wjhqWMjzE7vI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e90f0eeeaddc33d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 106ms
82ms Image
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXiHPU92P101PRN1Ls5-JQfTNfa7MeDP0-4NR5ZSMMi12UCtuFdrSxW7wDO...
https://accounts.google.com/v3/signin/identifier?dsh=S1930207775%3A1689748492878874&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6zngpXTiV6zp2G1YFGRabg4UmYv-RKGU3c1kNqUsv03...

0
0

41ms
40ms

Image
text/html

2607:f8b0:4006:81d::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S1930207775%3A1689748492878874&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6zngpXTiV6zp2G1YFGRabg4UmYv-RKGU3c1kNqUsv03T4jlPKHa7jHh5mOeoS40q7JDXydA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Server: 2607:f8b0:4006:81d::200d Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Wed, 19 Jul 2023 06:34:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-FddnFSYlpzN3jxpvMwU3ug' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S1930207775%3A1689748492878874&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6zngpXTiV6zp2G1YFGRabg4UmYv-RKGU3c1kNqUsv03T4jlPKHa7jHh5mOeoS40q7JDXydA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXgqdXZmU0eJR-juPlDx529TIss2wd_wiEC1_sZzHvQ3OYWvFoChxXc...
https://accounts.google.com/v3/signin/identifier?dsh=S1292415188%3A1689748492875683&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgQog-39qTI9OoW6C3c_ebWZxONu26wk_t1tVdWRyOky...

0
0

31ms
30ms

Image
text/html

2607:f8b0:4006:81d::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S1292415188%3A1689748492875683&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgQog-39qTI9OoW6C3c_ebWZxONu26wk_t1tVdWRyOky3vZUfe7dhDdRj8XJ3uOsTbO_EhNiA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Server: 2607:f8b0:4006:81d::200d Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date: Wed, 19 Jul 2023 06:34:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q_tA-0WLf8PHkKB4O6YAsw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S1292415188%3A1689748492875683&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgQog-39qTI9OoW6C3c_ebWZxONu26wk_t1tVdWRyOky3vZUfe7dhDdRj8XJ3uOsTbO_EhNiA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 Xwx9VjgEXHlBcEtLMBE8GEt5QW4EViIfdUtOeUFmXRZ2XntLTXlBbhlIJRd1XB40BDwBBXVGcFQPcEh8VApxRn0
dfearinglestp.info/bThEcEhCBycDdThVIwgFBlwqKBkOcCA3Agh6BSYwNFRwMwpeAGIEIQkFfUZ/ 0
249 B 60ms
30ms Image
text/plain 172.67.182.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfearinglestp.info/bThEcEhCBycDdThVIwgFBlwqKBkOcCA3Agh6BSYwNFRwMwpeAGIEIQkFfUZ/Xwx9VjgEXHlBcEtLMBE8GEt5QW4EViIfdUtOeUFmXRZ2XntLTXlBbhlIJRd1XB40BDwBBXVGcFQPcEh8VApxRn0
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.182.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2F4L75xCeoiSpy0BMvH8csl1Ht0ZbBXaSx206XazSJZK1aXndlSo3X9rUAgphq3jB8%2FiP1BskoxA%2BXkSMs7qOYLM08Vy8Y62hOmPPOJTRjgsrHMQsoeSoV%2BRC7cSZ8aDxgiewOE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e90f0eeeadec33d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 561424d947276f8a0cf9469f5f3935e8.js Show response
scripts.cleverwebserver.com/ 127 KB
48 KB 243ms
204ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/561424d947276f8a0cf9469f5f3935e8.js
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a2d05c2f1e367bb2fd852f9a2f073bacb622db9dc0e0ab6f0ea87261c33948

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
x-amz-version-id: aPWxo96R_Fu_XOP4.6CqQXHu4ucHTIiY
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 30 Jun 2023 18:23:42 GMT
server: cloudflare
x-amz-request-id: 11KDTTHXRXZS50QE
etag: W/"40e9db4d34f9204840ee0379260be683"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7e90f0ef29484251-EWR
x-amz-id-2: 4AU7qhxbPdsc9wnkk8RBUCIy+mBv/N9K17IGuuUIjw6ENZPBl6GL2I58SgGvRKC0zwD3tEb5FdI=
expires: Wed, 19 Jul 2023 07:04:52 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 fa-brands-400.woff2
zedhitspromoss.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
75 KB 45ms
45ms Font
font/woff2 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.3
Origin: https://zedhitspromoss.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 23 Mar 2020 18:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7phYyDdKS3PANz21z%2Bfm0VHeim5VamwWs0Q%2FhMGL1gDwIySJQW9uUQazlBJZ%2BRHlcGV6DmRGHpUHoqlIpP%2BnUlHKO65PciFR4NPrK%2Bo5N5lB%2FPZS4mFdwbBzWV%2FZkmHgX%2Bc9T1U8EefL7NKUiaDQhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0eefc628c9b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 76612

GET
H3 200 tielabs-fonticon.woff
zedhitspromoss.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
40 KB 21ms
19ms Font
font/woff 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.3
Origin: https://zedhitspromoss.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Aug 2020 22:31:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BB5xNm1cik1YYiuf1y89EQXGgjP7bZdUc%2FHDKE6ZAguXMoDNcHGUGEfhPXBhzR5ybiYW9sQ3YnVwY%2FbYV4jF90c9KQfs49wMI6KfLi1ZqbiWlg94cbzfzXTo27V%2Ff7SJnvNalhknQV2cqOiS2GyytY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0ef0c658c9b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 40536

GET
H3 200 fa-solid-900.woff2
zedhitspromoss.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 78 KB
78 KB 28ms
25ms Font
font/woff2 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://zedhitspromoss.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.3
Origin: https://zedhitspromoss.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 23 Mar 2020 18:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8%2FUTRcDtueRpkTwcjeU%2BTlZf0E8jieqavzfS9fgng5KbJA51XUYSWMttS%2Bqr0Lqlf97q3miSQiBfJNF%2By%2Fd%2B4XhLKxyWXnf1QOd2P7Escb3NPJyquh8a4iuuiXJmPEPW0t5Y%2BqSajaG0tWW%2FU0Epbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0ef0c668c9b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 79444

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/ 359 KB
123 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2c645f95af4b97469e0c06c5d4a88df9b205eabb909fab87e28fb3f1a244b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126131
x-xss-protection: 0
server: cafe
etag: 14370216274401322662
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/ Frame 96DC 10 KB
5 KB 25ms
3ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:24:41 GMT
etag: 12368291122986407432
expires: Wed, 02 Aug 2023 06:24:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 atlas-exp.js Show response
platform-api.sharethis.com/ 1 KB
889 B 5ms
4ms Script
application/javascript 13.225.214.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/atlas-exp.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-32.ewr50.r.cloudfront.net

Software

Resource Hash

eb3e4e556216eb2df06c5f10401beb749efca983a5bbe7349c972672e8a337c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 05:48:02 GMT
content-encoding: gzip
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 18 Jul 2023 16:26:09 GMT
x-amz-cf-pop: EWR50-C1
age: 2810
etag: W/"442-18969d2c8e8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cache: Hit from cloudfront
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-cf-id: CV_7oUGRQYq0NH2lf8-u_QB2FEUBK2e2w8O-fVRuYwXWxAFUon8aFA==

GET
H2 200 WmV8UHpEfiEdPBk6b0cLUWR6GSEfM29HeBMzKR4nXXN4RSscJCUYLVFkDER5QHh6W31DZX9beU1ub0d4BzcsFDodc3gzfUdhZEZ+UiN3RA Show response
d3x0jb14w6nqz.cloudfront.net/jVkp1SHQ1JRsuSyIjEXVNYH1HfE1wIAYnGiZ3DC8TOT06Ij81eh4DUiIwEXVEcCYUJhNrbBAmF2t7UykQNHdBbgE3dxgnDj8mGSlRZAxAZkRzeEVgAz8kEScDJW9HeBoib0d4RWZkRW1HFG9HeAM/JEN8UWUIUHpELnxBYVF... Frame 12D4 204 B
468 B 95ms
95ms Script
text/plain 2600:9000:2514:6600:b:a48f:6ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3x0jb14w6nqz.cloudfront.net/jVkp1SHQ1JRsuSyIjEXVNYH1HfE1wIAYnGiZ3DC8TOT06Ij81eh4DUiIwEXVEcCYUJhNrbBAmF2t7UykQNHdBbgE3dxgnDj8mGSlRZAxAZkRzeEVgAz8kEScDJW9HeBoib0d4RWZkRW1HFG9HeAM/JEN8UWUIUHpELnxBYVFkehQ4BDovAi0WPSMBbUYQf0-Z/WmV8UHpEfiEdPBk6b0cLUWR6GSEfM29HeBMzKR4nXXN4RSscJCUYLVFkDER5QHh6W31DZX9beU1ub0d4BzcsFDodc3gzfUdhZEZ+UiN3RA
Requested by: Host: inncreasukedrev.info
URL: https://inncreasukedrev.info/Q3dycUwiFREccyJKEFc5MRtPVH4FUkA3KHAPQhsuckMFRyIyDVwSICwCFhc+LBkGXyImA1dDCikhGQF9ED8jQAYRBAciNQodNykaDS46QAQlMkMGBQIuHDYlGUQ2MnQXOCZBegodSkApK0M2JCUKADcpGgYUMSgZCR88Ay4BNh83fjdAJwgnEjk6FQ4hEDdCKDsQHDUmexo1IiARLTMJDRkcIAspBiEVMDZ7HDciLwc9JUgEJjUdGC5zE0YjGxkcICZ9CzE1SAQmNj9UfgU9Nz90FiAnOBkLBzc9Ijs1KycKKBIaIHgBMx0HDSpHJSEfDjUQJBUSEUJcFmZFNCYhFU8nOTwGERs0KBM1GUcucxQ+JBsRQTUiCSU6QEgEJjU/CwcRQxwpFA1DICI/ID0xJBUPITQaCAYlRyAEK0ElQn0HLSpILiYiQwQucxNGMzYgBDQ1IycUQRY2JSIWGRYGLVdDDhYePEIeAlEYAiMtB08IKyQYBT4mCBRCGgc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:6600:b:a48f:6ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0fa5334f052475d554d2a722fd5039e21fb3639d96781a2b3772378c946466a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://inncreasukedrev.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: gzip
via: 1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 191
x-amz-cf-id: cp_usReJ7Md_x6BLkWWwEiMm9FE_Z_-AGEkWlsSprpQW1pN0LqymRQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 17ms
15ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-198821967-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 06:11:08 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1424
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jul 2023 08:11:08 GMT

GET
H2 200 3bGV4eHgPChYeRxgMHEVBWlJKTEBKDwsXFhxYHBU3FTwBK09YCis1HkoRAhxFXEMUGRYLWF4dFg9YSV4ZCAdFTF4YFRcTRQ0PFxcPFQ8CHxdKEBlFFQMfERQUDUBKPk1CVV1KSEQSERYcAxILXUpcCwxdSlxUSFZISVY6XUpcEhEWTlhASzpdXlUATkxFQE-pIGRw... Show response
d3x0jb14w6nqz.cloudfront.net/ Frame 30F8 825 B
852 B 90ms
88ms Script
text/plain 2600:9000:2514:6600:b:a48f:6ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3x0jb14w6nqz.cloudfront.net/3bGV4eHgPChYeRxgMHEVBWlJKTEBKDwsXFhxYHBU3FTwBK09YCis1HkoRAhxFXEMUGRYLWF4dFg9YSV4ZCAdFTF4YFRcTRQ0PFxcPFQ8CHxdKEBlFFQMfERQUDUBKPk1CVV1KSEQSERYcAxILXUpcCwxdSlxUSFZISVY6XUpcEhEWTlhASzpdXlUATkxFQE-pIGRwVFB0PCQcTEQxJVz5NS1tLS05dXlVQExAYCBRdSi9ASkgUBQ4dXUpcAh0bEwNMXUpIDw0KFxUJQEo+SV1RVkhWWVJLTVZdXEBdSlwWGR4ZHgxdSj5ZVk9WS1pDDUVJ
Requested by: Host: inncreasukedrev.info
URL: https://inncreasukedrev.info/UWdLczMwBSgeDDBaKVVGIwt2VgEXQnk1V2IfexlRYFM8RV0gHWUQXz4SLxVBPgk/XV00E25BdWIFDCUHNC8sI3A5Pi4hSzYqAzZlEzAnOXgFIgk4dyYUEzVbKT4DMWZiIR8EcRpXcipwOBR6O1g+NQobSxc/Dj5mFjUSP2QXUy81VGg+GCUHCyQKF3UFIX8qdQMEHyFiYTcNC1ABIRpLcBkfLzh2EwsNNWIcAQ4hYgQjHjF4AQx6MGUHVgAgdgA0DiFqMiYzOn8JMjsQcCYfLyBfKTIYNWkYNB0qBQkyOxB2OSIcJ185JhgJQzU/JyZyBQwzNWIUSjs6dAMQHTVxYTcIIlAFIhoLeQcdfj1gYBMHIANkAxMfZQAiMzJqEiUZF2A4XgogWDYyCSIHNT8eA1AQD3sRdiYpBitmIS4PBAMaITMmeQAiJFYBEzQdQmEHDCMkZActBydlCwMTNnE1NCcEZBY1fyl7Nh8vIFlkPR0YCgY0egN3FTIdORU7FCQdQ2wDJjxKCB4YRAc+NAYV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:6600:b:a48f:6ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61a680ff0e0363f5d7a07e4e191e9b7897802b6bbfcb4514089fabb7eee3a48f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://inncreasukedrev.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: gzip
via: 1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 575
x-amz-cf-id: m8b6iWOs_SiRVStUz6wHcdCoNUBx8vhnyn9SuwlHjTB35nfJgea86Q==

GET
H/1.1 204
No Content atlas-exp
pd.sharethis.com/ 0
445 B 100ms
20ms Image
text/plain 18.218.158.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/atlas-exp?atlas_params={%22connection%22:{%22downlink%22:9.1,%22effectiveType%22:%224g%22,%22rtt%22:0,%22saveData%22:false},%22cookieEnabled%22:true,%22deviceMemory%22:8,%22hardwareConcurrency%22:4,%22language%22:%22en-US%22,%22languages%22:[%22en-US%22,%22en%22],%22maxTouchPoints%22:0,%22pdfViewerEnabled%22:false,%22storage%22:{%22quota%22:1947843571,%22usage%22:0,%22usageDetails%22:{}}}

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.218.158.161 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-158-161.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 06:34:52 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHkABGS3hAwAAAALDwbfAw==
Access-Control-Allow-Headers: *
X-Robots-Tag: noindex, nofollow

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 18ms
17ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1917979708&t=pageview&_s=1&dl=https%3A%2F%2Fzedhitspromoss.com%2F&ul=en-us&de=UTF-8&dt=Download%20Zambian%20Music%20mp3%20%26%20Videos.Get%20lastest%20Zed%20Music%20%C2%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=629796264&gjid=1906068739&cid=1544688222.1689748492&tid=UA-198821967-1&_gid=1537983562.1689748493&_r=1&gtm=457e37h0&jsscut=1&z=527430587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zedhitspromoss.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 06:34:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zedhitspromoss.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
608 B 36ms
19ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=zedhitspromoss.com&callback=_gfp_s_&client=ca-pub-8132346113159270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc738d6b7f861dd3e577bd3c35f079f38fe33403bdf82577f5ea17def5cea35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 35ms
18ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zedhitspromoss.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE5E 537 KB
99 KB 1183ms
1182ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&adk=2969136045&adf=3689892565&lmt=1689748492&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fzedhitspromoss.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748492709&bpp=5&bdt=492&idt=145&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8746826520748&frm=20&pv=2&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=2041596051&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d14145172608b6f12ac676299b866cf9c2ae364e376903da20faad2c883a2324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101392
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:54 GMT
expires: Wed, 19 Jul 2023 06:34:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 40ms
17ms XHR
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-198821967-1&cid=1544688222.1689748492&jid=629796264&gjid=1906068739&_gid=1537983562.1689748493&_u=YADAAUAAAAAAACAAI~&z=942140632

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zedhitspromoss.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Jul 2023 06:34:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zedhitspromoss.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 41ms
30ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8132346113159270

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db1a36d46aecb88b833d42cd2d004140e4d2cc25b0727ddec32a819a6c59bf65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Origin: https://zedhitspromoss.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50772
x-xss-protection: 0
server: cafe
etag: 4153174906117397781
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:52 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB01 87 KB
34 KB 1006ms
1006ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=2737543352&adk=3526789567&adf=1343987665&pi=t.ma~as.2737543352&w=308&fwrn=4&fwrnh=100&lmt=1689748492&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748492958&bpp=4&bdt=742&idt=4&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=2041596051&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=386b0JUfJf&p=https%3A//zedhitspromoss.com&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d35d14147e3fcd40272a36e06f5e6dcfad213d46885c061397149bf0be5e0775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34692
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:53 GMT
expires: Wed, 19 Jul 2023 06:34:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
221 B 155ms
115ms Script
application/javascript 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35cc00582a04959566c7852685ee0bd8ea31fc956de4aec2f8202dac868856ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e90f0f18a4a4251-EWR
content-type: application/javascript

GET
H2 204 eg
dfearinglestp.info/b05MWGVAcS8rWD0WKB4GKD40Ci0LBxQQLyotCTwEDBt5IjQpdmosDAtzdW5SXXp0fhUGKnFpQxw6LSwQHHN/aFVeaCU2AwBzfGhVXmg6ZVRBfXh2VlxgfH4QUn9+a1Rfe3hrVFx+e25cXXtqLBUOKXFpQx86ODRYXnh0YVJbdnhhVl9/ 0
271 B 19ms
17ms Image
text/plain 172.67.182.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfearinglestp.info/b05MWGVAcS8rWD0WKB4GKD40Ci0LBxQQLyotCTwEDBt5IjQpdmosDAtzdW5SXXp0fhUGKnFpQxw6LSwQHHN/aFVeaCU2AwBzfGhVXmg6ZVRBfXh2VlxgfH4QUn9+a1Rfe3hrVFx+e25cXXtqLBUOKXFpQx86ODRYXnh0YVJbdnhhVl9/eg
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.182.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACZJcwKZRNUAG6zAgsQNz4IL7NtSOdEqbPrsgQIw5H0G6piOUqWka7ob2%2BGJTgzYvN26TQm9W5kiUZLPzSW7STVGbOVziq78IiF0hYCDB1758Ed301EkDLYuz714OEAoNQk1NxY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e90f0f16bd3c33d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 90ms
67ms Image
image/gif 2606:4700::6812:19f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=52086&c=US&r=NY&l=159&b=Chrome&os=Win10&mob=0&v=1.43.0&ref=aHR0cHM6Ly96ZWRoaXRzcHJvbW9zcy5jb20v&ruri=&iv=-1&ctr=US&sz=1200
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e90f0f26ab04251-EWR
content-length: 43
content-type: image/gif

GET
H3 200 popunder.gif
dfearinglestp.info/ 35 B
538 B 14ms
14ms Image
image/gif 172.67.182.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dfearinglestp.info/popunder.gif
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Wed, 19 Jul 2023 06:34:53 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 08:32:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 424935
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qymkr7e9vFvCTt%2B7P0QOeFP9uSSrjJoshg80cyRr7Rl16n7TI%2BNGYS%2F6xkirSOg%2Btop9VwVd4cYkRb1suSPBtICp9BwDdr1IMbVF9hJ6FPjEdHndx67B%2F%2Blh1nkBXJoY4sk4k80%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7e90f0f2aa748c51-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 19ms
18ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zedhitspromoss.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E724 103 KB
36 KB 419ms
419ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=9302951709&adk=3841459635&adf=1900508291&pi=t.ma~as.9302951709&w=308&fwrn=4&fwrnh=100&lmt=1689748493&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748493348&bpp=8&bdt=1132&idt=8&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55797aea15d729a1-2282d216c4e200b5%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MaMXPoXxfYCJfM97LknbOiqVR3KdA&gpic=UID%3D00000cd986596e22%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MZUZFwx5LsedP252ftIZ3kmZM8KgQ&prev_fmts=0x0%2C308x250&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=497212178&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OaXyQxJChx&p=https%3A//zedhitspromoss.com&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d587d0f27cf69bc7de785f78b0b04273413509e997f4f1f9335231e14d965d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37189
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:53 GMT
expires: Wed, 19 Jul 2023 06:34:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 intersection-observer.js Show response
zedhitspromoss.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 07:04:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68896
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1IWy4XccEykEJlzCqKK8rS9f9nZ1UurN%2FfwnYbAhBMSpHhFhlMVRs3S0NpwNpU%2FpDSnDiqJivsNC6thM%2FH9whLBCZsOtmXRhkOWbonZf0jesZw8a1yV%2Fl4Jfq0QyK6VzwPHpPJNfrqod3C1NfC84og%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0f4bfeb8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 11:26:37 GMT

GET
H3 200 lazy-images.js Show response
zedhitspromoss.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 12ms
11ms Script
application/javascript 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8be1269a134d7df5a75a02b0fce70d409e6d6984554acef232eabdaa4c39d66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 07:04:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326510
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtE%2FTak0v161eRpweBbKOvxc7hyYm1%2B44N9r6KbGwgGE%2BA%2FijkrehtRhWvCheijc8bSTkVLphlcRzAhVW%2BoXsyhE9j7ih2o2fSlExMuA0%2Fvb%2FBKz1al5eY%2FX6qditsubXJHzKjnJn6NHY4SqPhiwDqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0f4cfec8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:53:03 GMT

GET
H3 200 scripts.min.js Show response
zedhitspromoss.com/wp-content/themes/jannah/assets/js/ 22 KB
7 KB 13ms
11ms Script
application/javascript 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f64586f3dd71280aa264aba2d068f6f2fd64cf039d37e4d4062c33e4e8fec4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 08 May 2021 05:32:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326510
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BCxEZMOHtbzQerTLrRXNKHi%2BDEiaQqkGX2Mghzo6iigS3TY8xz7JYHpoVlEDU0J7zQIVahX4p0gIJ8pXlsFHOOaNZZydD0DfeIiacjwfcVnA3bqlWwzK3NU5O9bsCpYRu051VKJK0UHHiV5U1SPXF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0f4cfed8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:53:03 GMT

GET
H3 200 lightbox.js Show response
zedhitspromoss.com/wp-content/themes/jannah/assets/ilightbox/ 79 KB
26 KB 16ms
15ms Script
application/javascript 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c4cc1b3ac48b492748c8b49ea4b73b07143980b51794727399872fc9c7b86b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Nov 2020 01:30:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68893
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnTQxjil5M1Ys0%2BR%2FTd3Wxb%2B78cxduCvUhQQ9t8jdPNYmyykMkrJ6zd%2FnF5vfNXTqww098okCIOm9wuzCzS%2FuLicvrtaSjl%2BVaR2moQk3%2FLcrPAYXXX7sVDiOnX5265mMvA%2F4yWwMnVCrchIB1DWN3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0f4cfee8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 11:26:40 GMT

GET
H3 200 desktop.min.js Show response
zedhitspromoss.com/wp-content/themes/jannah/assets/js/ 16 KB
6 KB 15ms
13ms Script
application/javascript 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Aug 2020 15:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326510
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PghMykjFlPr1qIdZYTXhqhEursCOseMmxEdYN%2Fj%2BuAXoSblm4ZvO68H6vtoHRV22Cdc1%2BwZclAK%2BPPhhLAq%2BjAF8OCyKBRregRp6T1SE2AmF5vJan8pKAQ4OFoiOvYFo%2FYnjgHR2kBSfD%2FI0bHxEx1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0f4cfef8c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:53:03 GMT

GET
H3 200 live-search.js Show response
zedhitspromoss.com/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 13ms
11ms Script
application/javascript 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zedhitspromoss.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.3
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Jul 2020 00:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 326510
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78%2BqIMboUTnf%2BFOOJa8UD2GNijqh81NmI8e1JofIChTfT1lQwEVWG3ohKkKaOTq8zELpNZV2oW7dCa75%2B%2B3AxUTVoDyf110SCTp%2Bi76KECt%2FVxMfdfrFFCzpWnVmIb%2BATXMwsXhOyERTdiDxpe8CBQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7e90f0f4cff08c9b-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 11:53:03 GMT

GET
H2 200 e-202329.js Show response
stats.wp.com/ 7 KB
3 KB 25ms
3ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202329.js
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT jfk
date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684460848292.3706
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 15 Jul 2024 15:31:47 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 10ms
3ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=180977542&post=785&tz=2&srv=zedhitspromoss.com&j=1%3A12.3&host=zedhitspromoss.com&ref=&fcp=2623&rand=0.17423992647875108
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 06:34:53 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 IMG-20230706-WA0001-390x220.jpg
zedhitspromoss.com/wp-content/uploads/2023/07/ 22 KB
22 KB 12ms
11ms Image
image/jpeg 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zedhitspromoss.com/wp-content/uploads/2023/07/IMG-20230706-WA0001-390x220.jpg
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639fe2f41433fb4c7a8cb04d3d7111fd89384c97d594fb587e8302bbb42f0a27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238847
alt-svc: h3=":443"; ma=86400
content-length: 22201
last-modified: Thu, 06 Jul 2023 05:58:23 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnccDsKNEBZfv5ZWAVcF3px3BUHZkFg%2FV6yZPBYSjkSP4bk7aw%2FP%2FdThz1oJXOf1KxGZ0zASrwF25MuN7Rl6r%2BeNqb%2Bh9tc167D4HebbvhN2JZNGnv%2FoDYJ1UAOdvzTA%2BLhYaaK8UOMi8diH1v77c9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0f5483a8c9b-EWR
expires: Sun, 23 Jul 2023 12:14:06 GMT

GET
H3 200 IMG-20230708-WA0006-220x150.jpg
zedhitspromoss.com/wp-content/uploads/2023/07/ 9 KB
10 KB 28ms
26ms Image
image/jpeg 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zedhitspromoss.com/wp-content/uploads/2023/07/IMG-20230708-WA0006-220x150.jpg
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50230b0d78af1d79acd8c0c29ff7a5bb30764b52f699a81889bd9d7cb5ab85be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Jul 2023 18:19:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDonHPI%2FvErFRTIMdf0uwIHJO%2BRX7d3RZnDQUDL4g4mcueXAGkJB7bHYb%2BFoxMHtEOKNIHji4ZDmIBAe%2BXS8r%2BoghM4DWIB4EHZUYv6eJNgGl0%2BH3MtHri3r5DJn6cJwIy5B2Spojz8l5wPfGj%2B9UwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0f5483b8c9b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 9443
expires: Wed, 26 Jul 2023 06:34:53 GMT

GET
H3 200 IMG-20230621-WA0002-220x150.jpg
zedhitspromoss.com/wp-content/uploads/2023/06/ 11 KB
11 KB 10ms
9ms Image
image/jpeg 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zedhitspromoss.com/wp-content/uploads/2023/06/IMG-20230621-WA0002-220x150.jpg
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7aef80d7a9508bbac937fa5c6402931d087a4d8cf1d9deb8ee6a27e02754cf2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238842
alt-svc: h3=":443"; ma=86400
content-length: 11102
last-modified: Wed, 21 Jun 2023 07:47:42 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFiPDCqkATeyW2pyllf9L819XGfENqIbtzEomsl%2BIerOSRgt9kx%2FW74YBKYdZdZmuKXPE8TCUu6nkoORiW7rJNQdWQmNOVUU4XsDv9WteQ6FGvctynXBzcIucoP34ht34wQHW39V9dwujHX84nBDXUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0f5483c8c9b-EWR
expires: Sun, 23 Jul 2023 12:14:11 GMT

GET
H3 200 IMG-20230630-WA0000-390x220.jpg
zedhitspromoss.com/wp-content/uploads/2023/06/ 11 KB
12 KB 22ms
21ms Image
image/jpeg 2606:4700:3030::6815:37aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zedhitspromoss.com/wp-content/uploads/2023/06/IMG-20230630-WA0000-390x220.jpg
Requested by: Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:37aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c8ff663c466a69e752788707647fea6bdb997510a0cb9ad9d3c58c3cde6a540

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
cf-cache-status: MISS
last-modified: Fri, 30 Jun 2023 01:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9V1TI2wnIG6IaYST8gnHIf%2BXpLmLI0ehM6oQ8jQcf9P8SOi1WudD%2BocQV2iNi06jN9gW6dC6Y7hdQRGPkYZ02nNJMtDG%2F4sf%2FMCDIWgz3TMUgpasvVozci8hUeOPYMYosBg5zIg4LBY4bryTwZWrXuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7e90f0f5784e8c9b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 11770
expires: Wed, 26 Jul 2023 06:34:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E724 8 KB
1 KB 52ms
32ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=9302951709&adk=3841459635&adf=1900508291&pi=t.ma~as.9302951709&w=308&fwrn=4&fwrnh=100&lmt=1689748493&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748493348&bpp=8&bdt=1132&idt=8&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55797aea15d729a1-2282d216c4e200b5%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MaMXPoXxfYCJfM97LknbOiqVR3KdA&gpic=UID%3D00000cd986596e22%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MZUZFwx5LsedP252ftIZ3kmZM8KgQ&prev_fmts=0x0%2C308x250&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=497212178&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OaXyQxJChx&p=https%3A//zedhitspromoss.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 04:50:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 06:34:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame E724 2 KB
945 B 63ms
28ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame E724 23 KB
9 KB 45ms
27ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame E724 3 KB
2 KB 38ms
20ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame E724 20 KB
8 KB 57ms
23ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E724 179 KB
57 KB 69ms
35ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:53 GMT

GET
H2 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame E724 33 KB
14 KB 38ms
20ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:22:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB40 143 B
166 B 25ms
24ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=9302951709&adk=3841459635&adf=1900508291&pi=t.ma~as.9302951709&w=308&fwrn=4&fwrnh=100&lmt=1689748493&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748493348&bpp=8&bdt=1132&idt=8&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55797aea15d729a1-2282d216c4e200b5%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MaMXPoXxfYCJfM97LknbOiqVR3KdA&gpic=UID%3D00000cd986596e22%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MZUZFwx5LsedP252ftIZ3kmZM8KgQ&prev_fmts=0x0%2C308x250&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=497212178&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OaXyQxJChx&p=https%3A//zedhitspromoss.com&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:24:13 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E724 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB40
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
44ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:54 GMT
expires: Wed, 19 Jul 2023 06:34:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E724 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d61f500d13227ebc32738acd302d6a796fe144e610ce5d5bcc3a87dc6caae775

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame E724 47 KB
48 KB 84ms
4ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 22:34:53 GMT
x-content-type-options: nosniff
age: 28801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 22:34:53 GMT

GET
H2 200 8175289360313350210
tpc.googlesyndication.com/simgad/ Frame DB01 50 KB
50 KB 26ms
22ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8175289360313350210?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmB1unQYSNB80ZeWkghalB0otElfA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=2737543352&adk=3526789567&adf=1343987665&pi=t.ma~as.2737543352&w=308&fwrn=4&fwrnh=100&lmt=1689748492&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748492958&bpp=4&bdt=742&idt=4&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=2041596051&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=386b0JUfJf&p=https%3A//zedhitspromoss.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd2cb35c5796af21a3f31ea3642659345a148d5639769796e1a0279476976bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 03:39:58 GMT
x-content-type-options: nosniff
age: 183296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51201
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 19:39:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 Jul 2024 03:39:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame DB01 23 KB
9 KB 25ms
21ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame DB01 3 KB
1 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame DB01 20 KB
8 KB 25ms
22ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB01 179 KB
56 KB 77ms
74ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame DB01 33 KB
13 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7fe7cde06e7ef9eba6d622b537681e18577e12261a81181e39b831c37826d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13539
x-xss-protection: 0
server: cafe
etag: 10385592765940340113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:05:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED8E 143 B
166 B 27ms
25ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=2737543352&adk=3526789567&adf=1343987665&pi=t.ma~as.2737543352&w=308&fwrn=4&fwrnh=100&lmt=1689748492&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748492958&bpp=4&bdt=742&idt=4&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=2041596051&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=386b0JUfJf&p=https%3A//zedhitspromoss.com&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:24:13 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DB01 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd55733469c52a1523bd0233e758ed7bb72847fd7e1e5d41661909629a5eba2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED8E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
18ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:54 GMT
expires: Wed, 19 Jul 2023 06:34:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E724 0
23 B 31ms
30ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C60WVDYS3ZPvyF4Wj_gTJjYrIDoSV0d5xudC82_QR2tkeEAEg_42BggFgoQKgAaf798coyAEBqAMByAPLBKoE5AFP0EPNd1acHepU29ofkKKMmq6R33e417DKXIBWaA5e4ppaeqKXkdGPfjjd6Ckmol3bk657SgqAQR5mNDOEKXEG8sj_oh_oeHrnuqdvpuX6aeI7IVztPRHblW57P1zuMSGnHTHqdREyV_-THTdEVzR-aT0pC4B35gmLpuXIo5Q5X2WMVkfALVqDuD46sycPpXGHJtv0yEVZWxmQEsYyQixt3CYYcboJ634QQp9skBVnh8LWmDqI8q8B7w36L3pV9nFFJLYTzRtuez7n-G-1GaqiHmjaSmfHUoF8SfEZJ7VcG97Xe9jABN--wImuBJIFBAgEGAGSBQQIBRgEgAf9osmhBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELGTNNIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTgxMzIzNDYxMTMxNTkyNzAYAA&sigh=YChB_rFF4uY&uach_m=[UACH]&cid=CAQSSwBpAlJWFb6aEceg25dTl9sVCkWTfMx1HtDsXDviMwL_3s3g7NzkOV9lYXg4dgzj40Du11EXWu3KrvKXI6Ggw80wclwaKUukJq66QxgB&template_id=5028&cbvp=2&vis=1

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=9302951709&adk=3841459635&adf=1900508291&pi=t.ma~as.9302951709&w=308&fwrn=4&fwrnh=100&lmt=1689748493&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748493348&bpp=8&bdt=1132&idt=8&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D55797aea15d729a1-2282d216c4e200b5%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MaMXPoXxfYCJfM97LknbOiqVR3KdA&gpic=UID%3D00000cd986596e22%3AT%3D1689748492%3ART%3D1689748492%3AS%3DALNI_MZUZFwx5LsedP252ftIZ3kmZM8KgQ&prev_fmts=0x0%2C308x250&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=3933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=497212178&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OaXyQxJChx&p=https%3A//zedhitspromoss.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 06:34:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/ 154 KB
52 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/reactive_library_fy2021.js?bust=31076134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec7f734c918ae16e7bed24547cebf49f7d191501692540f8d3afc1130c8d4583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53456
x-xss-protection: 0
server: cafe
etag: 17415237421839411487
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2215 37 KB
14 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 05:59:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB01 0
19 B 27ms
26ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaH39DIS3ZMjHPJGMNdShhcACyYH2vXCD_qCxsxGisd_Riw4QASD_jYGCAWDJxqmLwKTYD6ABgcmv1APIAQKoAwHIA8kEqgTyAU_QNLp1csp9i543EXOy_gVtJmCiFqDWYDyawMMnwyjCP8o_PIsCSS1RkQvxOLTMbAeTOoTO2klfhUaPvgyK_ftiYY0CiY7DZnT8pu-ukRe1HJjmnjGlMLe0EPNoTbvQKJlaNh1Qtg3rsExZi1Vqql5ESc1Rq6gVyLgrobLxMMdTYRy6-WkvFQPD5KFbg2JP-68nu322iJC_szXxwUaEZa7yWX37Tj9fmXYuFw6qNhK06g7Xv1geqUrSiZ9L4oyL2U9Y3qjyFr7as6aH4avFXWJc3JBiCzUjxrMy11QqMsobNIFOMSPQAfi_LVEZLOiohcGSwASUlr_GqQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHvODLlwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRD-7sRq0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItODEzMjM0NjExMzE1OTI3MBgA&sigh=Cvto5DYdbK8&uach_m=[UACH]&cid=CAQSGwBpAlJW8y3dHQuMLNGEtYeEwjoVscOYFeIHNxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8132346113159270&output=html&h=250&slotname=2737543352&adk=3526789567&adf=1343987665&pi=t.ma~as.2737543352&w=308&fwrn=4&fwrnh=100&lmt=1689748492&rafmt=1&format=308x250&url=https%3A%2F%2Fzedhitspromoss.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689748492958&bpp=4&bdt=742&idt=4&shv=r20230717&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8746826520748&frm=20&pv=1&ga_vid=1544688222.1689748492&ga_sid=1689748493&ga_hid=1917979708&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076134%2C42531706%2C44788442%2C44796477&oid=2&pvsid=3090250889786671&tmod=2041596051&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=386b0JUfJf&p=https%3A//zedhitspromoss.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 06:34:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zedhitspromoss.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/ Frame CFD9 10 KB
4 KB 17ms
4ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:48:17 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 17:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/ Frame C905 10 KB
4 KB 18ms
5ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:48:17 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 17:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/ Frame F237 10 KB
4 KB 17ms
6ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:48:17 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 17:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/ Frame 846D 10 KB
4 KB 17ms
6ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:48:17 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 17:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame D42F 37 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 05:59:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame CFD9 4 KB
769 B 22ms
21ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 05:19:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CFD9 205 B
520 B 6ms
4ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:20:59 GMT
x-content-type-options: nosniff
age: 476035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jul 2024 18:20:59 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CFD9 604 B
696 B 6ms
5ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 10:16:14 GMT
x-content-type-options: nosniff
age: 245920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 15 Jul 2024 10:16:14 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame CFD9 14 KB
6 KB 8ms
7ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d7405fc94e171d45658f9a25ebf09530ca7622d23a3f7623d15c3a1bd009f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6325
x-xss-protection: 0
server: cafe
etag: 8771891585566167871
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:05:05 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame CFD9 20 KB
8 KB 9ms
8ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:03:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8597
x-xss-protection: 0
server: cafe
etag: 17435004113268094812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:03:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame C905 23 KB
9 KB 8ms
3ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 984C 143 B
166 B 8ms
3ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:24:13 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame C905 3 KB
1 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame C905 20 KB
8 KB 8ms
6ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 6976167123854538577
tpc.googlesyndication.com/simgad/ Frame C905 29 KB
29 KB 9ms
7ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6976167123854538577?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntZlMSXurDOfKnnKZk_tHQ2dh0rg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea98b75578f4171bd9c9042ac9bc1726a798a9a2baa0c0cd43868062b0cacdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 04:16:23 GMT
x-content-type-options: nosniff
age: 94711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29920
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:00:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 04:16:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C905 179 KB
56 KB 51ms
49ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame C905 33 KB
13 KB 10ms
9ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7fe7cde06e7ef9eba6d622b537681e18577e12261a81181e39b831c37826d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13539
x-xss-protection: 0
server: cafe
etag: 10385592765940340113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:05:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F237 6 KB
706 B 27ms
27ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 05:18:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame F237 2 KB
892 B 8ms
4ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame F237 23 KB
9 KB 9ms
5ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame F237 3 KB
1 KB 11ms
7ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame F237 20 KB
8 KB 9ms
5ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F237 179 KB
56 KB 25ms
21ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame F237 33 KB
14 KB 13ms
9ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:22:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 846D 23 KB
9 KB 11ms
7ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A0B 143 B
166 B 10ms
8ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:24:13 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 846D 3 KB
1 KB 9ms
6ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 846D 20 KB
8 KB 9ms
7ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 10947706053434257806
tpc.googlesyndication.com/simgad/ Frame 846D 25 KB
25 KB 12ms
10ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10947706053434257806?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmMdB4axto_C_Biem_HQ1J0Ljkuaw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779a82adca8c9f040b7bfa5cdf66b7463e11ff22659dcf148eb5c5e056fda2cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:42:37 GMT
x-content-type-options: nosniff
age: 35537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25575
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 18:00:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 20:42:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 846D 179 KB
56 KB 44ms
42ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 846D 33 KB
13 KB 11ms
9ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7fe7cde06e7ef9eba6d622b537681e18577e12261a81181e39b831c37826d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13539
x-xss-protection: 0
server: cafe
etag: 10385592765940340113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:05:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 351E 14 KB
1 KB 27ms
27ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 05:14:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 351E 2 KB
892 B 15ms
14ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 351E 23 KB
9 KB 15ms
14ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 351E 3 KB
1 KB 16ms
15ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 351E 20 KB
8 KB 15ms
14ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:00:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 351E 179 KB
56 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 06:34:54 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 351E 33 KB
14 KB 13ms
12ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:22:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 984C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
19ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:55 GMT
expires: Wed, 19 Jul 2023 06:34:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A0B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
23ms

Document
text/html

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:55 GMT
expires: Wed, 19 Jul 2023 06:34:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 846D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ee4cb4d8f35dc117bf23ffba1acbe77739567be909b6ee22df6bb1eadea0605

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 846D 0
19 B 29ms
29ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_D_GDIS3ZNirN96uNfLMvqAK_v634HGAquKnqRGeuIi2gwMQASD_jYGCAWDJxqmLwKTYD6ABqb-wrSjIAQKoAwHIA8kEqgTnAU_QCo13LldZpz_u11iQqIeTuDLOziFjslpnJYh8UT5nBByMKGLYH-tGRuwINfUAnreqbL2n9YrNdcLRETd1U19cSHeyfJUOLvNzvVYxctaFNm82AAfHiL5x0iqhLt-s0FvwnaT2rxeHelU1G72pn8MnH2ML0NugS4YT75AYRfuaAgD5vfSiJgxJgPBdWr6S_44m83UnJCL20SEjzwsFgqUQJ9wJZq2HOc1btoRGXvdKkVGvgKYXaeY7YsGoudHMSPauMIsrNTWOz9rAWs1npt8uRt3WRQUOlz59H0fkmj-3TgUgf1Erx8AEgfnLmqkEkgUECAQYAZIFBAgFGASgBgKAB6n3gI0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQoKKvOdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgxMzIzNDYxMTMxNTkyNzAYAA&sigh=Jqx86vV1REM&uach_m=[UACH]&cid=CAQSGwBpAlJWwECbT8K0VHS8Vxl8DBuWHW1vCn2SSxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 06:34:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 20B5 37 KB
14 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 05:59:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 38ms
37ms XHR
application/json 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230717&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd9e4481f7bcc950179e0d8b7687034b3207c5fe00d45b334b66b49d65d0cdf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11828
x-xss-protection: 0

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BB9 37 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 05:59:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB01 42 B
64 B 21ms
21ms Fetch
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYSVRD45yKb7BWyGPIlhaHGQZ4IKOuqdVpG6j8gkUCxQJ_ufob5G5vPMfwNKdr4PYJvB-sqc5K5dab-VIJdFk7H-JGDm_OeG1sY_X8dgXiNBiR-fZiDnCc3ZsWJkHNd4lBguA8WDB4Ow&sai=AMfl-YTs1pVrWlSisNOIISfCQn3qAV2wXNMwezmvPLrbyq7x9ym_uNKNCNA6Xo_wlh_gdDclszcaA3mGqFjJ&sig=Cg0ArKJSzEygDuXReqrJEAE&cid=CAQSGwBpAlJW8y3dHQuMLNGEtYeEwjoVscOYFeIHNxgB&id=lidar2&mcvt=1049&p=0,4,250,304&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3526789567&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689748492969&rpt=1254&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 06:34:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame DAD7 37 KB
14 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: zedhitspromoss.com
URL: https://zedhitspromoss.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 05:59:39 GMT

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9779 37 KB
14 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 05:59:39 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 06:34:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A0BA 13 KB
5 KB 5ms
4ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:27:56 GMT
expires: Thu, 18 Jul 2024 06:27:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C18F 783 B
534 B 26ms
25ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe1cebcf41e6b44e70082a0686cfc539849370e4ceab7d8c9da48063e1f9e257

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E5SdMfKsrXZ3gFHRiziltA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zedhitspromoss.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-E5SdMfKsrXZ3gFHRiziltA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 06:34:55 GMT
expires: Wed, 19 Jul 2023 06:34:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C18F 0
0 20ms
20ms Image
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230717&jk=3090250889786671&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame A0BA 37 KB
14 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 05:59:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 05:59:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 846D 42 B
64 B 23ms
22ms Fetch
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCAdxkA-cm-4Npu_sUvRj97MlMuVJj7RtatogpPfaWtvrWkghvUIcFYRq47l7zm8Ld4N7fz2M--MzlZmIBPACsL8MnfaaRpwwyPgWwrAZ3iuAIdTu-2wRXc1sWZt-SBQcd9-DO3fxF-w&sai=AMfl-YRyL6UQ8a1_5v5QMxYhdGPqMwXWTgD5TIV34AKZ_h0Ip5Tm7xmnm_HZU7m9tUwsEEknsY0_7D3hQZWu&sig=Cg0ArKJSzE76K_4xKpWoEAE&cid=CAQSGwBpAlJWwECbT8K0VHS8Vxl8DBuWHW1vCn2SSxgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=305,1001,1001,1001,1001&tos=305,696,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2969136041&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689748494335&rpt=678&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 06:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A0BA 0
10 B 31ms
31ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GMnzPA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:34:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 21ms
20ms Image
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230717&jk=3090250889786671&bg=!JiWlJXHNAAa3SiIRl0o7ADkAdvg8WnMn4nek-KP3140FFrb97FQJcOxGKgoPYamil5zWYovAeEbDfHYu2WrMRL4JGuXhhWe4mSICAAAAglIAAAAHaAEHCgCPLlWZqtaUTs2d5b1-7NTfxMLzNz4_wYH5wRoiv6wv6JBnjXVT2v5rFbpJwDbzAy1PvRVYz8QDea3fEbOcmOq1yAmA2LezvJSNDMgZjqQh3xw5wPg4XryAquNEiQSIVPn-C6boDqQLq-rEZDovasCVNXTdnoDvaWkLVx-uJcBz5sjl1DgPZ-OiVpGZUZbCh8mZAsf14CFdhk7Md8vzL5nIgr9c4fnxiUwsdiz4HnHz0k1iT3u_Y-LUMPxF2t0DJdremuT4MZbMy3BLvZX11QFXaFFnD-TKsz1udPo_y2MSfPRRXAlRd6Dudw11V_wkzKWBiIdwc2fGiJ1dx-H2tu0Fk8j16_nG9HQ9MyzWwhXdpDCOk6mWVT96EdwsZaAmPYQlhyaBNpjHV1JAddRpaTy3eOzlubyV2L1Htzh06thBYM7d57RbKq3AcWB0HHGsvbMGfdYM78_LdNqXMog2tt462t73oEWfURPqpIZYYhdf6A975AISFKMjhQY8nnyiRhXYM12WqOa_q7sBI9iVu40j-BOw66HirxIkkPMkzWcUbM6TFl29dP15og3MCNdHNcMyviEv0dEETsFuvC57lMU5UXZajd_kNoGvFOALjxtL5oRiBFaIRSVXETKOMRSd6TFH0pzxcfdtcVQbLtamyg0mYvoIrYUa4mKF9r3Bl-nQ0uVC-UzzS7Yy24AAl92RMMJykT8zito5c2oNlZvXbHuqfiEuyxqe5kdA6d8eB5xQwTLEFBv4L-k3QtIr_VCeydwI6D4OCpbdF2w0pweLz7DK389UUnO2UTUY_G9QanG8ygc5N1w4Xdj1s0dc1-TIjzy87UM5-VN8yG0q1OdMjXPYBKpD3OW4P0YVMt5whocE4WP8SwsbzCXSlGZLKsA4ixVhrsZTpJli1Z5Zx8HmKUBG0TopnUFPwkbnwZybpNz6zsAgrtTxZvaLZ7dCtp4BLtbyZYhuHJ74EWTfFJo9Vx8Zz4IXsqsWk1XeFxmI5zZUtnafRlTogIFeMLXViLImCP2EhCrpyQgqFNQ0jXxE0CUe0u0RX1nguQM2F5VVBgtpvHbbNdBk9YnK-H0dNOqqyAi7o2YTuZ3Qp4mPDyBY6RciizXgJXZSCEBofIZd64EfHKrHX4OletAf5ew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NRDEKNWY4C&gtm=45je37h0&_p=1917979708&cid=1544688222.1689748492&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1689748492&sct=1&seg=0&dl=https%3A%2F%2Fzedhitspromoss.com%2F&dt=Download%20Zambian%20Music%20mp3%20%26%20Videos.Get%20lastest%20Zed%20Music%20%C2%BB&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NRDEKNWY4C
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zedhitspromoss.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 06:34:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zedhitspromoss.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zedhitspromoss.com/	1970-01-20 22:58:28	Name: _ga_NRDEKNWY4C Value: GS1.1.1689748492.1.0.1689748492.0.0.0
.sharethis.com/	1970-01-20 22:09:30	Name: __stid Value: ZHkABGS3hAwAAAALDwbfAw==
.sharethis.com/	1970-01-20 22:09:30	Name: __stidv Value: 2
pogothere.xyz/	1970-01-20 22:00:52	Name: csu Value: 1231054313076925@1@1689748492
.zedhitspromoss.com/	1970-01-20 22:09:30	Name: fpestid Value: Erqs9qeLmSGOwr-4DnTmSQEwywypl73BBUbs9yRxF6T3CXZMB6vWQnoXM_94MzjEpChn1Q
.zedhitspromoss.com/	1970-01-20 22:58:28	Name: _ga Value: GA1.2.1544688222.1689748492
.zedhitspromoss.com/	1970-01-20 13:23:54	Name: _gid Value: GA1.2.1537983562.1689748493
.zedhitspromoss.com/	1970-01-20 13:22:28	Name: _gat_gtag_UA_198821967_1 Value: 1
.zedhitspromoss.com/	1970-01-20 22:44:04	Name: __gads Value: ID=55797aea15d729a1-2282d216c4e200b5:T=1689748492:RT=1689748492:S=ALNI_MaMXPoXxfYCJfM97LknbOiqVR3KdA
.zedhitspromoss.com/	1970-01-20 22:44:04	Name: __gpi Value: UID=00000cd986596e22:T=1689748492:RT=1689748492:S=ALNI_MZUZFwx5LsedP252ftIZ3kmZM8KgQ
.doubleclick.net/	1970-01-20 13:22:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:58:28	Name: IDE Value: AHWqTUkjoZQ00JX8QGdw5ZLuJJ6TPLc5Ny8sFpg1nkVOWOqR_S2M2WQcGXtr6gflJZM

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S1292415188%3A1689748492875683&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXgQog-39qTI9OoW6C3c_ebWZxONu26wk_t1tVdWRyOky3vZUfe7dhDdRj8XJ3uOsTbO_EhNiA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S1930207775%3A1689748492878874&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6zngpXTiV6zp2G1YFGRabg4UmYv-RKGU3c1kNqUsv03T4jlPKHa7jHh5mOeoS40q7JDXydA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=2969136044&client=ca-pub-8132346113159270&fa=4&ifi=7&uci=a!7&btvi=3&xpc=eaAHtX1WxL&p=https%3A//zedhitspromoss.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
buttons-config.sharethis.com
c0.wp.com
call.cleverwebserver.com
d3x0jb14w6nqz.cloudfront.net
dfearinglestp.info
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inncreasukedrev.info
l.sharethis.com
mail.zedhitspromoss.com
pagead2.googlesyndication.com
partner.googleadservices.com
pd.sharethis.com
pixel.wp.com
platform-api.sharethis.com
pogothere.xyz
scripts.cleverwebserver.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
ui.cleverwebserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zedhitspromoss.com
104.21.12.20
13.225.214.32
172.67.182.219
18.160.41.28
18.218.158.161
192.0.76.3
192.0.77.37
2600:9000:2511:1800:c:abe:f440:93a1
2600:9000:2514:6600:b:a48f:6ec0:21
2606:4700:3030::6815:37aa
2606:4700::6812:19f6
2607:f8b0:4004:c08::9c
2607:f8b0:4006:806::2002
2607:f8b0:4006:808::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::200d
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2002
2a03:2880:f112:83:face:b00c:0:25de
52.15.44.3
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
0fa5334f052475d554d2a722fd5039e21fb3639d96781a2b3772378c946466a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
26db4e879310e58ca4e67f1e115baedb387f0c9cafcbcb97a58c60532a9d4691
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d7b7d9d5f46003fd39e1c6dee0c2f617bc32ec707d819bd4eab2fc8081938de
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321495a7337c35ffc6856376c0464eb8c66fb3b8b1b72be89f2310b542f73a1d
35cc00582a04959566c7852685ee0bd8ea31fc956de4aec2f8202dac868856ab
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4582f62f6f0bea1214f7f6975720d6f6eb98accd1fc41da6f5c661311be8aeb5
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
4924bfc0f1c031d73c9de466c6f6b4c3ce24db8be2bf6ba41163c7640c7411ef
4bd55733469c52a1523bd0233e758ed7bb72847fd7e1e5d41661909629a5eba2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e9f27ad962a29f1b09bec7d715ee406bf2197c3be9a4f6367fb724b81f06628
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380
50230b0d78af1d79acd8c0c29ff7a5bb30764b52f699a81889bd9d7cb5ab85be
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
61a680ff0e0363f5d7a07e4e191e9b7897802b6bbfcb4514089fabb7eee3a48f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639fe2f41433fb4c7a8cb04d3d7111fd89384c97d594fb587e8302bbb42f0a27
64ffd4b2224c9e2a0f2193cf1d37239572a67ce9d2bf3d97c58d6939139af61b
68c4cc1b3ac48b492748c8b49ea4b73b07143980b51794727399872fc9c7b86b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8ff663c466a69e752788707647fea6bdb997510a0cb9ad9d3c58c3cde6a540
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
75df4f68e86fe8af0a832e8a830c50118a4ee65f3187902830a301f3a5c31103
779a82adca8c9f040b7bfa5cdf66b7463e11ff22659dcf148eb5c5e056fda2cf
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7d7405fc94e171d45658f9a25ebf09530ca7622d23a3f7623d15c3a1bd009f5a
7ee4cb4d8f35dc117bf23ffba1acbe77739567be909b6ee22df6bb1eadea0605
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f64586f3dd71280aa264aba2d068f6f2fd64cf039d37e4d4062c33e4e8fec4
904ff27f1e28f1e7342eb8112cfd255a4918e6f4c71da07e7e1c365aab78d559
94a2d05c2f1e367bb2fd852f9a2f073bacb622db9dc0e0ab6f0ea87261c33948
95fa370bf668c7e5d41ba14188225da297ba799f3b078fd0bb80b58fba3b821f
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7aef80d7a9508bbac937fa5c6402931d087a4d8cf1d9deb8ee6a27e02754cf2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aab7b6688899d310497e61fe1bf020891be30ef2bca4c376c6c682ebf3f6a246
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b2c645f95af4b97469e0c06c5d4a88df9b205eabb909fab87e28fb3f1a244b3b
b30cd43c5ddbb3a85552d04d490b182c2fe1a46e7246344b8110ea0bcb6f3af0
b3c1a0a49fb1cdbf1a13f432ce3fbd33e497225a532195a2d27c8b1c2b1b7dea
b5c0e825ba9f58e33c94cf870e4786b7b64983593d1e73d0b347f410855c8467
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bea98b75578f4171bd9c9042ac9bc1726a798a9a2baa0c0cd43868062b0cacdf
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c60d8458e3f507d17920898c8690111c5074a8a61fd47f700c91ab52c9ba635e
c8be1269a134d7df5a75a02b0fce70d409e6d6984554acef232eabdaa4c39d66
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
d14145172608b6f12ac676299b866cf9c2ae364e376903da20faad2c883a2324
d35d14147e3fcd40272a36e06f5e6dcfad213d46885c061397149bf0be5e0775
d587d0f27cf69bc7de785f78b0b04273413509e997f4f1f9335231e14d965d45
d61f500d13227ebc32738acd302d6a796fe144e610ce5d5bcc3a87dc6caae775
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
db1a36d46aecb88b833d42cd2d004140e4d2cc25b0727ddec32a819a6c59bf65
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd2cb35c5796af21a3f31ea3642659345a148d5639769796e1a0279476976bd2
dd9e4481f7bcc950179e0d8b7687034b3207c5fe00d45b334b66b49d65d0cdf0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e11d5d62748aa2cc65e1a50fefbcdb5e66f7fa30b9dfa5ab5389de4b27b04cc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3e4e556216eb2df06c5f10401beb749efca983a5bbe7349c972672e8a337c1
ec7f734c918ae16e7bed24547cebf49f7d191501692540f8d3afc1130c8d4583
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f58ffbce68245cbcf6ce592fbf5e1b8e64a6561dbafc0e38fb551a46021ef421
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f7fe7cde06e7ef9eba6d622b537681e18577e12261a81181e39b831c37826d1e
f8077e3725527b0a4f14d12f2620e3787ce393abb753c0c78d6312fb484218e5
fc738d6b7f861dd3e577bd3c35f079f38fe33403bdf82577f5ea17def5cea35c
fe1cebcf41e6b44e70082a0686cfc539849370e4ceab7d8c9da48063e1f9e257

zedhitspromoss.com Open in urlscan Pro 2606:4700:3030::6815:37aa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

98 %HTTPS

69 %IPv6

18 Domains

31 Subdomains

27 IPs

2 Countries

5496 kBTransfer

9359 kBSize

12 Cookies

9 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zedhitspromoss.com Open in urlscan Pro
2606:4700:3030::6815:37aa Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

98 %
HTTPS

69 %
IPv6

18
Domains

31
Subdomains

27
IPs

2
Countries

5496 kB
Transfer

9359 kB
Size

12
Cookies

157 HTTP transactions
5 data transactions