URL: https://amazon.hzp.co/
Submission Tags: falconsandbox
Submission: On December 24 via api from US — Scanned from DE

Summary

This website contacted 32 IPs in 4 countries across 23 domains to perform 86 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is amazon.hzp.co.
TLS certificate: Issued by WR3 on December 24th 2024. Valid for: 3 months.
This is the only time amazon.hzp.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2620:0:890::100 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 18.172.105.200 16509 (AMAZON-02)
7 199.36.158.100 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:26e... 16509 (AMAZON-02)
1 2 142.250.185.68 15169 (GOOGLE)
2 2620:1ec:33::10 8075 (MICROSOFT...)
1 6 2600:9000:264... 16509 (AMAZON-02)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 157.240.0.6 32934 (FACEBOOK)
2 142.250.74.194 15169 (GOOGLE)
3 142.250.186.67 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 1 142.250.184.226 15169 (GOOGLE)
1 216.58.206.35 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
4 157.240.0.35 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
5 23.96.124.68 8075 (MICROSOFT...)
2 216.58.206.46 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 172.217.16.195 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 2001:4860:480... 15169 (GOOGLE)
1 ()
2 3.167.227.60 ()
86 32
Apex Domain
Subdomains
Transfer
11 hzp.co
amazon.hzp.co
250 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
2 MB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
s.clarity.ms — Cisco Umbrella Rank: 7882
31 KB
7 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3645
d.adroll.com — Cisco Umbrella Rank: 1673
121 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 3
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
accounts.google.com — Cisco Umbrella Rank: 17
216 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
418 B
3 bing.net
bat.bing.net — Cisco Umbrella Rank: 8327
584 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
203 KB
2 keyri.com
static.keyri.com
39 KB
2 cloudfunctions.net
us-central1-hzplayer.cloudfunctions.net
63 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
197 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
16 KB
2 amazonwebapps.com
resources.amazonwebapps.com
24 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
7 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 856
4 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
24 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
3 KB
1 kfactors.org
app.kfactors.org
771 B
1 loginwithamazon.com
assets.loginwithamazon.com — Cisco Umbrella Rank: 86788
36 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 20355
5 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
118 KB
86 23
Domain Requested by
11 amazon.hzp.co amazon.hzp.co
resources.amazonwebapps.com
unpkg.com
7 www.gstatic.com amazon.hzp.co
www.gstatic.com
6 s.adroll.com 1 redirects www.googletagmanager.com
amazon.hzp.co
s.adroll.com
5 s.clarity.ms www.clarity.ms
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.facebook.com amazon.hzp.co
3 bat.bing.net bat.bing.com
amazon.hzp.co
3 fonts.gstatic.com fonts.googleapis.com
amazon.hzp.co
3 www.googletagmanager.com amazon.hzp.co
www.googletagmanager.com
2 static.keyri.com amazon.hzp.co
2 us-central1-hzplayer.cloudfunctions.net www.gstatic.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 pagead2.googlesyndication.com www.googletagmanager.com
pagead2.googlesyndication.com
2 connect.facebook.net amazon.hzp.co
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
bat.bing.com
2 www.google.com 1 redirects www.googletagmanager.com
2 resources.amazonwebapps.com amazon.hzp.co
2 fonts.googleapis.com amazon.hzp.co
1 images-na.ssl-images-amazon.com amazon.hzp.co
1 accounts.google.com amazon.hzp.co
1 d.adroll.com s.adroll.com
1 www.google.de amazon.hzp.co
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 app.kfactors.org www.googletagmanager.com
1 assets.loginwithamazon.com amazon.hzp.co
1 r.wdfl.co amazon.hzp.co
1 unpkg.com amazon.hzp.co
86 28

This site contains no links.

Subject Issuer Validity Valid
amazon.hzp.co
WR3
2024-12-24 -
2025-03-24
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
unpkg.com
WE1
2024-12-12 -
2025-03-12
3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M02
2024-08-02 -
2025-08-30
a year crt.sh
resources.amazonwebapps.com
Amazon RSA 2048 M03
2024-07-19 -
2025-08-16
a year crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.loginwithamazon.com
Amazon RSA 2048 M02
2024-01-28 -
2025-02-24
a year crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08
2024-12-15 -
2025-06-13
6 months crt.sh
s.adroll.com
Amazon RSA 2048 M02
2024-05-03 -
2025-06-01
a year crt.sh
kfactors.org
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-10-03 -
2025-01-01
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.googleadservices.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07
2024-10-27 -
2025-04-25
6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
d.adroll.com
Amazon RSA 2048 M02
2024-09-09 -
2025-10-09
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
accounts.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
m.media-amazon.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-03 -
2025-07-05
a year crt.sh
misc.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.keyri.com
Amazon RSA 2048 M02
2024-10-29 -
2025-11-27
a year crt.sh

This page contains 3 frames:

Primary Page: https://amazon.hzp.co/
Frame ID: 990792533503B3F9ECC1357CBADA48A5
Requests: 81 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Famazon.hzp.co
Frame ID: 9ACFD6E478B2619CBC1354BE7C22747C
Requests: 1 HTTP requests in this frame

Frame: https://amazon.hzp.co/KeyriQR.html
Frame ID: 241D31AE305548420AF79A8CE1BA4DC0
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

HZP

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

86
Requests

80 %
HTTPS

50 %
IPv6

23
Domains

28
Subdomains

32
IPs

4
Countries

3256 kB
Transfer

18045 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://s.adroll.com/j/pre/MU37O67ILRCCBASCSRKQ3S/O7DJQS5GQZDTRDXMDM552M/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 33
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Famazon.hzp.co%2F&label=yixmCNykyoUYEN2nub8D&hn=www.googleadservices.com&frm=0&tiba=HZP%20Web&value=0&currency_code=USD&npa=1&pscdl=noapi&auid=427008522.1735078180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&eitems=ChEIgNSpuwYQzur4-f7d6rXoARIdANBGMnMG8xIeepXchpWZ5_SNBVrbOq5V79WuODk&pscrd=IhMI56PA9LXBigMVFKH9Bx3PNQbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2FtYXpvbi5oenAuY28vQldDaEFJZ05TcHV3WVFpZTJPOE5lbXA5RXFFaTBBcW9FLUY2WEFjQjU3QVgzSHIzRlZsYWNZTGZoVGNhSC1heTEtb1NfSG4zU2ZMV0tkYm9XMVZtTjNQLW8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Famazon.hzp.co%2F&label=yixmCNykyoUYEN2nub8D&hn=www.googleadservices.com&frm=0&tiba=HZP%20Web&value=0&currency_code=USD&npa=1&pscdl=noapi&auid=427008522.1735078180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI56PA9LXBigMVFKH9Bx3PNQbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2FtYXpvbi5oenAuY28vQldDaEFJZ05TcHV3WVFpZTJPOE5lbXA5RXFFaTBBcW9FLUY2WEFjQjU3QVgzSHIzRlZsYWNZTGZoVGNhSC1heTEtb1NfSG4zU2ZMV0tkYm9XMVZtTjNQLW8&is_vtc=1&cid=CAQSGwCa7L7dAVzEgE_nJDljd6tYm6PWWxKZJHpukg&eitems=ChEIgNSpuwYQzur4-f7d6rXoARIdANBGMnOOMKNhbcrXWCIcz_w9w-j6e1IZhzf0SPU&random=3784301460 HTTP 302
  • https://www.google.de/pagead/1p-conversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Famazon.hzp.co%2F&label=yixmCNykyoUYEN2nub8D&hn=www.googleadservices.com&frm=0&tiba=HZP%20Web&value=0&currency_code=USD&npa=1&pscdl=noapi&auid=427008522.1735078180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI56PA9LXBigMVFKH9Bx3PNQbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2FtYXpvbi5oenAuY28vQldDaEFJZ05TcHV3WVFpZTJPOE5lbXA5RXFFaTBBcW9FLUY2WEFjQjU3QVgzSHIzRlZsYWNZTGZoVGNhSC1heTEtb1NfSG4zU2ZMV0tkYm9XMVZtTjNQLW8&is_vtc=1&cid=CAQSGwCa7L7dAVzEgE_nJDljd6tYm6PWWxKZJHpukg&eitems=ChEIgNSpuwYQzur4-f7d6rXoARIdANBGMnOOMKNhbcrXWCIcz_w9w-j6e1IZhzf0SPU&random=3784301460&ipr=y

86 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
amazon.hzp.co/
5 KB
2 KB
Document
General
Full URL
https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc529a2509094454900b5eaf1b4022b27f2c4c704881104f6fd2ba2d9f8d28ca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1419
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 22:09:39 GMT
etag
"8059c80a5571a73a34fddc432bad2d292fd748eabc24b3a313b4114ae4fe6df8-br"
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-frame-options
SAMEORIGIN
x-served-by
cache-fra-etou8220083-FRA
x-timer
S1735078179.318804,VS0,VE90
flutter.js
amazon.hzp.co/
8 KB
3 KB
Script
General
Full URL
https://amazon.hzp.co/flutter.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e89bd8789a8f2ea7f00394fddb6c173e1661513e1c1c62fc31b6c4f89b7e74a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"07bd0b54e3d41d03ca18b5c1852570efc838b663013b014fa5d1ce5a0e623b2b-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
text/javascript; charset=utf-8
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220083-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078179.422004,VS0,VE57
accept-ranges
bytes
content-length
2557
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Changa&display=swap
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf139228944798f89d7f6405238acbd11268361aca122f4d03ac0a35a124db68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 22:09:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 22:09:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
tgs-player.js
unpkg.com/@lottiefiles/lottie-player@0.4.0/dist/
354 KB
118 KB
Script
General
Full URL
https://unpkg.com/@lottiefiles/lottie-player@0.4.0/dist/tgs-player.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e44ebdcd65d24497035c580672e164c38f60d1a7eeaafc529d0e6641ea957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"5876c-Cx+djzkHEtEpuLsVyLwNfFMXa78"
age
4909874
x-content-type-options
nosniff
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBB12DSH4WEZZHFQVD0PV4AJ-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f73eabd8f481cb7-FRA
access-control-allow-origin
*
server
cloudflare
rw.js
r.wdfl.co/
18 KB
5 KB
Script
General
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5400:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ced9dd364d3ce2301e270505138339b500ddb8548c940af8e642a4c0af58d8ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

vary
accept-encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"e39a644565106ca8f12d35853ae60f4a"
age
916
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
QfXCSmhgc3Xgiop-6mMy-sLevuvv7gjpZzZi9J27g-bXxNMuRlKqAA==
date
Tue, 24 Dec 2024 21:54:24 GMT
content-type
text/javascript
last-modified
Fri, 20 Dec 2024 13:48:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
Amazon-Web-App-API.min.js
resources.amazonwebapps.com/v1/latest/
6 KB
6 KB
Script
General
Full URL
https://resources.amazonwebapps.com/v1/latest/Amazon-Web-App-API.min.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.105.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-105-200.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d68d8392b042c74823b4d0d2670bffcd41565ef6414ccc8ea649f5120be5f0c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

ETag
"332096975ff3c6534b5c019ecc35d494"
Age
60915
Connection
keep-alive
Via
1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
5970
X-Amz-Cf-Id
ysRmZHuAPNgkFaNZTJqDVVZCM67aRejCx50SVn5DEmsxugrrsu7LDw==
Date
Tue, 24 Dec 2024 05:16:32 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Mar 2015 17:46:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Amazon-Web-App-API-tester.min.js
resources.amazonwebapps.com/v1/latest/
17 KB
17 KB
Script
General
Full URL
https://resources.amazonwebapps.com/v1/latest/Amazon-Web-App-API-tester.min.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.105.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-105-200.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccde0f05f74be53ca39ef99744c80161558aef2504d80517eac9bb3b72c854bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

ETag
"2d09cb3be1f74080e2f378a427cb42e8"
Age
22811
Connection
keep-alive
Via
1.1 0e49b385c2bbe9db0820bc1551bde98a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
17262
X-Amz-Cf-Id
voGB_jOMmU-d5EO2Vi7hwDWnhsHCZ9vjUPyPJhApHCuLqBDSdm8fpg==
Date
Tue, 24 Dec 2024 15:49:29 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Mar 2015 17:46:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
amazon_login.js
amazon.hzp.co/
4 KB
1 KB
Script
General
Full URL
https://amazon.hzp.co/amazon_login.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58b75e30804d4a01e26d1f7238c49748b5f263af9a62caf8c880fe34e9ff9ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"57d2670084e51c7ae2b9fa8ca066d11685c3d3c350f83fd4a79364f1bd9a76eb-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
text/javascript; charset=utf-8
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220083-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078179.421992,VS0,VE93
accept-ranges
bytes
content-length
1165
player.js
amazon.hzp.co/
2 KB
899 B
Script
General
Full URL
https://amazon.hzp.co/player.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29206a261967b45618661eb1104bd7f0d046aaa4ea94a307b01655ce5b58c19a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"606af5d6627da400f5e45fd52f22a1c6575054ad5d00b367b2c6f7a5b0f1b10e-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
text/javascript; charset=utf-8
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220033-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078180.589154,VS0,VE68
accept-ranges
bytes
content-length
554
tracker.js
amazon.hzp.co/
693 B
623 B
Script
General
Full URL
https://amazon.hzp.co/tracker.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37488bf715db8f474fe74765021b554149639e197d8762acb9bc839e7d47afe2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"01c4808e18ffd115a896430a5689ed95473488fc21d80b1beb3a34981693f1af-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
text/javascript; charset=utf-8
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220033-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078180.589457,VS0,VE77
accept-ranges
bytes
content-length
278
gtm.js
www.googletagmanager.com/
289 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1b12b85729ff2fac7a1f75e3eab557fcddecdbe286129056bad728838b2fe3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 24 Dec 2024 22:09:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Dec 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103232
x-xss-protection
0
server
Google Tag Manager
amazon.sdktester.json
amazon.hzp.co/
1 KB
598 B
XHR
General
Full URL
https://amazon.hzp.co/amazon.sdktester.json
Requested by
Host: resources.amazonwebapps.com
URL: https://resources.amazonwebapps.com/v1/latest/Amazon-Web-App-API-tester.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb99ff76b4401615eedb6cf53b353dbbc80f1ebbd68d4692390d0fe4aa3e5cdf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"2863e134f2a5a72b69ab006648581feac5be8cdcebc99f8816a968c668485c23-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/json
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220033-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078179.499197,VS0,VE81
accept-ranges
bytes
content-length
277
login1.js
assets.loginwithamazon.com/sdk/na/
35 KB
36 KB
Script
General
Full URL
https://assets.loginwithamazon.com/sdk/na/login1.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:ba00:1f:5629:35c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51b71925a67df161f28a6c00ec873f2ca3e5da1f869881b83b9ba086bca90a25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

cache-control
max-age=3600
x-amz-version-id
pic4piH.UDLO.Ab_MTr8XcNx7L9mr9hD
etag
"c2db71717a0113df71456cdf3aeeb47f"
age
1427
via
1.1 54458302557dcee9766f255184a02288.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
36295
x-amz-cf-id
m_NEmG2iTcn4b63F_AaTApPON5mlfcvJXVLHknx9ew27XB7uaIB5vA==
date
Tue, 24 Dec 2024 21:45:53 GMT
content-type
application/javascript
last-modified
Wed, 18 Dec 2024 21:13:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
loading_bar.json
amazon.hzp.co/assets/
50 KB
6 KB
XHR
General
Full URL
https://amazon.hzp.co/assets/loading_bar.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@0.4.0/dist/tgs-player.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3dd2b363c6877e162581fb5747e7540d01200ad8fe1b5ee682951f25cce0c4ce
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"f5af3aec74f499fe9257cd305001358bae106b7559431d70e8fd9f8406b136f6-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/json
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220033-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078180.591993,VS0,VE74
accept-ranges
bytes
content-length
5842
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Famazon.hzp.co%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=408037711.1735078180&dt=HZP%20Web&auid=427008522.1735078180&navt=n&npa=1&gtm=45He4cc1v9104966401za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735078179670&tfd=412&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

destination
www.googletagmanager.com/gtag/
295 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-938365917&l=dataLayer&cx=c&gtm=45He4cc1v9104966401za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0297367040913757f64315bf9c83e952565ebc3c2bc71df430f6c27610c95d43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 24 Dec 2024 22:09:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Dec 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103073
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/
50 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 41EDC80A8DBC4286A2733CBA06804D12 Ref B: FRA31EDGE0707 Ref C: 2024-12-24T22:09:39Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
roundtrip.js
s.adroll.com/j/
90 KB
28 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e98c6a1c90c1fa8b92724822dc8424657e815a1e1657f764750d40ee3a23777c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
Bl5g9dwJRcHT4h1QwbWYgR3nSucDww3y
Etag
W/"15b437239e817e522bdb3ffa72663b45"
Age
3167
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
s0gMPTJxrDk3ei-keihJAjh3AQkWiwSpfw-VqxSi99UArBaQv7ihtg==
Date
Tue, 24 Dec 2024 21:16:53 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Thu, 19 Dec 2024 22:14:10 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
9z27a885jc7cj89nhkhrsl2aptsexpr5
app.kfactors.org/pixel/
72 B
771 B
Script
General
Full URL
https://app.kfactors.org/pixel/9z27a885jc7cj89nhkhrsl2aptsexpr5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb0514adb905da471f57fba6b77a3768301f3ea4983debbaf8aa0904a66faf5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

cache-control
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWS%2FysixEt07%2BxjPXVLJCMmCeNnzCXsvpqeRdJt9OP6H0L9aud1VWvRkfyg3oMW0IO4iWVtKQnJljG9D2Iub6oftJ5rNwh5U9bpSGrjot24%2BPIq8NURL7vdEQ7VaLaKzxajx"}],"group":"cf-nel","max_age":604800}
cf-ray
8f73eabf1a26d2f7-FRA
expires
Tue, 24 Dec 2024 22:09:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6336&min_rtt=6236&rtt_var=1159&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4171&recv_bytes=4385&delivery_rate=896&cwnd=12000&unsent_bytes=0&cid=b07eae22121cfb43&ts=276&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript
server
cloudflare
priority
u=3,i=?0
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-yrN48PuR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-yrN48PuR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4467, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
ONd8jWElge1vPIFlPbopBOFNLTz3c6eJgvIoX4nE/L+bJnznO+ysV3UsdZdxSQVqUmR7oGcD+JyHqBDt+a6t7A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3920435112123227
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
764f830a9dc5fc584b1998a90e016f99cf30d14f6d83d1e260eca0ec34f85b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
4594300353047309423
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 22:09:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53299
x-xss-protection
0
server
cafe
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 9ACF
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Famazon.hzp.co
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4PHMZ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Dec 2024 22:09:39 GMT
expires
Wed, 24 Dec 2025 22:09:39 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
free_1.mp3
amazon.hzp.co/
125 KB
126 KB
Media
General
Full URL
https://amazon.hzp.co/free_1.mp3
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a96bb62819aec67bb25ef1998e5d7f3b9ecf4355e7c510056b442c162d097a9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://amazon.hzp.co/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"cdc9bd3213d839fb64899a6437b3af9fc71a6d47f06811ddbf55f2f519268167"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
audio/mpeg
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220033-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078180.693328,VS0,VE90
Content-Range
bytes 0-128411/128412
accept-ranges
bytes
Content-Length
128412
ads_1.mp3
amazon.hzp.co/
109 KB
109 KB
Media
General
Full URL
https://amazon.hzp.co/ads_1.mp3
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e49b5ee21855ec4829555f7b4e0fdf40bff0b694cf0d93c18012145c9f39835e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://amazon.hzp.co/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"ff1fba08b8c230f593bdb732c4cbcbe74d4e118ca91e01fa273d544f8e569a1c"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
audio/mpeg
vary
x-fh-requested-host, accept-encoding
x-served-by
cache-fra-etou8220033-FRA
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078180.693300,VS0,VE115
Content-Range
bytes 0-111428/111429
accept-ranges
bytes
Content-Length
111429
2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
fonts.gstatic.com/s/changa/v27/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/changa/v27/2-c79JNi2YuVOUcOarRPgnNGooxCZ62xcjfj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Changa&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ca9ac92334497827c1775f89bd92666292063d4a62d03e923bea8995badd30da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://amazon.hzp.co
Referer
https://fonts.googleapis.com/

Response headers

age
564500
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 09:21:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 09:21:19 GMT
last-modified
Thu, 24 Aug 2023 17:34:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10048
x-xss-protection
0
server
sffe
230960378633380
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/230960378633380?v=2.9.179&r=stable&domain=amazon.hzp.co&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
e220ea5af5fefe02d576e61135178018d9d2598fdd4706b2d1d3b97bda5e2e95
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vfw5jPwO' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vfw5jPwO' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70513, tp=66, tpl=0, uplat=251, ullat=0
pragma
public
x-fb-debug
HbSfQwvSkdxgAC9a6rAzfMK5rBbitR6mfJRrV4im3BH8ba9WTanTU5w5xbuFlcL/4c5acTD9GvXAVNBwF0nbsg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.googleadservices.com/pagead/conversion/938365917/
5 KB
3 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/938365917/?random=1735078179738&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Famazon.hzp.co%2F&label=yixmCNykyoUYEN2nub8D&hn=www.googleadservices.com&frm=0&tiba=HZP%20Web&value=0&currency_code=USD&bttype=purchase&npa=1&pscdl=noapi&auid=427008522.1735078180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-938365917&l=dataLayer&cx=c&gtm=45He4cc1v9104966401za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
40c55a261d328f76a13ac21d798b667fe12eac12dd4773f43ec870d8b9350aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2605
date
Tue, 24 Dec 2024 22:09:39 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/MU37O67ILRCCBASCSRKQ3S/O7DJQS5GQZDTRDXMDM552M/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B
Script
General
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
HTTP/1.1
Server
2600:9000:2644:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
62437
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
e8j-9KK_QdPtmVoMxWZTLX3KmMCzoN4nK9VUbvNOwwTZPa1et3unuA==
Date
Tue, 24 Dec 2024 04:49:04 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers
*
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256

Redirect headers

Access-Control-Max-Age
600
Location
https://s.adroll.com/j/pre/index.js
Connection
keep-alive
Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET
Via
1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Cache
Error from cloudfront
Content-Length
0
X-Amz-Cf-Id
1_u8HPQh70jui5obHWkd5QkfdXPPIter1tgYeTnnv_POjQh2MwAzxw==
Date
Tue, 24 Dec 2024 22:09:39 GMT
Content-Type
application/xml
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
Access-Control-Allow-Headers
*
index.js
s.adroll.com/j/pre/MU37O67ILRCCBASCSRKQ3S/O7DJQS5GQZDTRDXMDM552M/
9 KB
4 KB
Script
General
Full URL
https://s.adroll.com/j/pre/MU37O67ILRCCBASCSRKQ3S/O7DJQS5GQZDTRDXMDM552M/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Etag
W/"706be4fd28aeb971d2ff83a528c2073a"
X-Amz-Version-Id
1b3Gc6636w16w3AHjiHp7B8DDR_HhUvo
Access-Control-Allow-Methods
GET
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
eQbn6n_s2fuPNaHpC4EIIwoJmAfZDnbMADq8JKgBpdfb_I_P0ySlXg==
Date
Tue, 24 Dec 2024 22:09:41 GMT
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding
Last-Modified
Tue, 24 Dec 2024 11:46:07 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
148002083.js
bat.bing.com/p/action/
4 KB
2 KB
Script
General
Full URL
https://bat.bing.com/p/action/148002083.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d862533dbb99d2c9d1153157e63af5621dc2d14c62c870048892ee13d35d5fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9C47E166169D4C529183A160B80A179B Ref B: FRA31EDGE0707 Ref C: 2024-12-24T22:09:39Z
x-cache
CONFIG_NOCACHE
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
0
bat.bing.net/actionp/
0
120 B
Ping
General
Full URL
https://bat.bing.net/actionp/0?ti=148002083&tm=gtm002&Ver=2&mid=03422a55-f49f-4cc3-889b-76647319fdd3&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D1A038E0C32E40729DBC03CA89E8E30A Ref B: FRA31EDGE0106 Ref C: 2024-12-24T22:09:39Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 24 Dec 2024 22:09:39 GMT
148002083
www.clarity.ms/tag/uet/
947 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/148002083
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/148002083.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a72ce1c3f0abb545b169c70cfe0f17caf0d7b00ef398ce85cd29a8196a4694f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
947
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/x-javascript
x-azure-ref
20241224T220939Z-16fbf75468cc42ljhC1FRAnkyg0000000pv000000000qbuw
0
bat.bing.net/action/
0
119 B
Image
General
Full URL
https://bat.bing.net/action/0?ti=148002083&tm=gtm002&Ver=2&mid=03422a55-f49f-4cc3-889b-76647319fdd3&bo=2&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=HZP%20Web&kw=HZP,%20Solfeggio,%20Solfeggio%20Frequency,%20Solfeggio%20Frequencies,%20Solfeggio%20Music%20Player,%20Solfeggio%20Frequencies%20Music%20Player&p=https%3A%2F%2Famazon.hzp.co%2F&r=&lt=330&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=803304
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 69D3729C787443B4954AC91C1B9163FE Ref B: FRA31EDGE0106 Ref C: 2024-12-24T22:09:39Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 24 Dec 2024 22:09:39 GMT
0
bat.bing.net/action/
0
345 B
Image
General
Full URL
https://bat.bing.net/action/0?ti=148002083&tm=gtm002&Ver=2&mid=03422a55-f49f-4cc3-889b-76647319fdd3&bo=3&gtm_tag_source=awct&ev=0&gc=USD&tpp=1&ea=938365917%2FyixmCNykyoUYEN2nub8D&en=Y&p=https%3A%2F%2Famazon.hzp.co%2F&sw=1600&sh=1200&sc=24&evt=custom&asc=D&cdb=AQAY&rn=338957
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 05D1D8A4E8614ABEB0804D19C5A797E8 Ref B: FRA31EDGE0106 Ref C: 2024-12-24T22:09:39Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 24 Dec 2024 22:09:39 GMT
/
www.google.de/pagead/1p-conversion/938365917/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&g...
  • https://www.google.com/pagead/1p-conversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_c...
  • https://www.google.de/pagead/1p-conversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_cp...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Famazon.hzp.co%2F&label=yixmCNykyoUYEN2nub8D&hn=www.googleadservices.com&frm=0&tiba=HZP%20Web&value=0&currency_code=USD&npa=1&pscdl=noapi&auid=427008522.1735078180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI56PA9LXBigMVFKH9Bx3PNQbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2FtYXpvbi5oenAuY28vQldDaEFJZ05TcHV3WVFpZTJPOE5lbXA5RXFFaTBBcW9FLUY2WEFjQjU3QVgzSHIzRlZsYWNZTGZoVGNhSC1heTEtb1NfSG4zU2ZMV0tkYm9XMVZtTjNQLW8&is_vtc=1&cid=CAQSGwCa7L7dAVzEgE_nJDljd6tYm6PWWxKZJHpukg&eitems=ChEIgNSpuwYQzur4-f7d6rXoARIdANBGMnOOMKNhbcrXWCIcz_w9w-j6e1IZhzf0SPU&random=3784301460&ipr=y
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 24 Dec 2024 22:09:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/938365917/?random=949655041&cv=11&fst=1735078179738&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9116245329z89104966401za201zb9104966401&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Famazon.hzp.co%2F&label=yixmCNykyoUYEN2nub8D&hn=www.googleadservices.com&frm=0&tiba=HZP%20Web&value=0&currency_code=USD&npa=1&pscdl=noapi&auid=427008522.1735078180&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI56PA9LXBigMVFKH9Bx3PNQbcMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2FtYXpvbi5oenAuY28vQldDaEFJZ05TcHV3WVFpZTJPOE5lbXA5RXFFaTBBcW9FLUY2WEFjQjU3QVgzSHIzRlZsYWNZTGZoVGNhSC1heTEtb1NfSG4zU2ZMV0tkYm9XMVZtTjNQLW8&is_vtc=1&cid=CAQSGwCa7L7dAVzEgE_nJDljd6tYm6PWWxKZJHpukg&eitems=ChEIgNSpuwYQzur4-f7d6rXoARIdANBGMnOOMKNhbcrXWCIcz_w9w-j6e1IZhzf0SPU&random=3784301460&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 24 Dec 2024 22:09:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
MU37O67ILRCCBASCSRKQ3S
d.adroll.com/consent/check/
562 B
655 B
Script
General
Full URL
https://d.adroll.com/consent/check/MU37O67ILRCCBASCSRKQ3S?flg=1&pv=98367517833.6209&arrfrr=https%3A%2F%2Famazon.hzp.co%2F&_s=4c7e27cbeefc2db828681f1784350c42&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:5754:7b50:f4ea:cdba Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
c5356cb31174977b44ca91e41106cd4b3e14357f222c1ad12649dc522af63bac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-length
562
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript
server
nginx/1.22.1
clarity.js
www.clarity.ms/s/0.7.59/
67 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/148002083
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

x-azure-ref
20241224T220939Z-16fbf75468cc42ljhC1FRAnkyg0000000pv000000000qbv7
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD202F1480E82A"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
1157a27f-a01e-0002-3ed4-529063000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 19 Dec 2024 13:14:33 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/
435 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3920435112123227&plah=amazon.hzp.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3920435112123227
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
4def7c2729e463a5b7e68190da5777ca69152653c093911f683aba64555e522b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
10799612500758303097
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 22:09:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 24 Dec 2024 22:09:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147913
x-xss-protection
0
server
cafe
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=230960378633380&ev=PageView&dl=https%3A%2F%2Famazon.hzp.co%2F&rl=&if=false&ts=1735078179986&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735078179985.169484219673516877&ler=empty&cdl=API_unavailable&it=1735078179718&coo=false&rqm=GET
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4514, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
195 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=230960378633380&ev=PageView&dl=https%3A%2F%2Famazon.hzp.co%2F&rl=&if=false&ts=1735078179986&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735078179985.169484219673516877&ler=empty&cdl=API_unavailable&it=1735078179718&coo=false&rqm=FGET
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7452104039609824415"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
5RFykjvOQmTmEbUOsATlw6SdAFiC/8462ER2B79Dd/AXBRN4u1CVtpQkfwKy4yQydiMeBsqE0pjPWfl7ySyW9A==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7452104039609824415", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4882, tp=13, tpl=0, uplat=136, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
consent_tcfv2.js
s.adroll.com/j/
419 KB
85 KB
Script
General
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d2b803a87bda2c6064214f81f0878c08642ab57aa744977cd45b93af7b70c2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
NkD8Kb6QJUQgyS_cbh5uEjNw4KOmW4t2
Etag
W/"d33c95496b44f5f21b0c399374728d4c"
Age
171
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
YRijs3dUhPSPTtRhVq9ke1uod598EN3Sbz-faxRla40j3HR-wRoQ3w==
Date
Tue, 24 Dec 2024 22:06:49 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Mon, 18 Nov 2024 23:38:38 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=300, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
nextroll-32x32.png
s.adroll.com/i/favicon/
2 KB
2 KB
Image
General
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
59640
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Ci320Ps5GtfbHCL8C2YtS_MG3heDKrAQ-SgEMHK4m-IABUHj91w5Cg==
Date
Tue, 24 Dec 2024 05:35:41 GMT
Content-Type
image/png
Vary
accept-encoding
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Access-Control-Allow-Headers
*
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1615
X-Amz-Cf-Pop
FRA60-P6
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
ca-pub-3920435112123227
fundingchoicesmessages.google.com/i/
197 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3920435112123227?href=https%3A%2F%2Famazon.hzp.co&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3920435112123227&plah=amazon.hzp.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6885fb27af6d1df477998a18908c06f336242e471948728f605075299fa0bd7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c0tHEeCJwXBjAWDyWL0FzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC3FzLHm0ZjebwIc1fY5KGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhkZ6BobxBQYATUxFOg"
content-security-policy
script-src 'report-sample' 'nonce-c0tHEeCJwXBjAWDyWL0FzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
s.clarity.ms/
0
277 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://amazon.hzp.co/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://amazon.hzp.co
Date
Tue, 24 Dec 2024 22:09:40 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
AGSKWxXP1GxCEjBeFxR_l-QujfwCl6zpIfIS-KVzSBqAHeiEAFvkRbk8ptLRKZbInIY8v17_AiAlz8TBpEHIV-xROvMDjv64ukxIY8LQGtD-fBy52LCyom-jX4zxF2rMtnof7p5QnsVtDA==
fundingchoicesmessages.google.com/f/
434 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXP1GxCEjBeFxR_l-QujfwCl6zpIfIS-KVzSBqAHeiEAFvkRbk8ptLRKZbInIY8v17_AiAlz8TBpEHIV-xROvMDjv64ukxIY8LQGtD-fBy52LCyom-jX4zxF2rMtnof7p5QnsVtDA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1MDc4MTgwLDE4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbWF6b24uaHpwLmNvLyIsbnVsbCxbWzgsIklNejU3eWM1aFZ3Il0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b933eb6c6f142ca9f0a61a3decae7e7e985af77ef8c52158f6c8be687caaafc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NLJdZ7lFaJx31x1mCIBYmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1ZBiOHHrNtMFIJb4-pJJA4id0mewBgFx681zrFOB2GjteVYnIE76d561CIgNFS6xOoJw0SVWTyBW7bnEagrE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrE1AzPD1CisHEAtxcyx5tGY3m8CHWQ-qlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAKbYSr0"
content-security-policy
script-src 'report-sample' 'nonce-NLJdZ7lFaJx31x1mCIBYmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
114 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyINW46jW7ouPN67RhawIvMEnwG5g/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 22:09:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 22:09:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://amazon.hzp.co
Referer
https://amazon.hzp.co/

Response headers

age
46523
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:14:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:14:17 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxXKpF9tN_cE6I9ubYBRB2QAIktU4iwKlfOFj2vRJM1p5SXVG4J66wDIaEhCwaLmkE_vwEgJQ--4ASxqFX35UvWtr6SDPIpwjM0uYifA65d52J8ei3hjLulkzSP3-BpaD6aa_zkkFg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXKpF9tN_cE6I9ubYBRB2QAIktU4iwKlfOFj2vRJM1p5SXVG4J66wDIaEhCwaLmkE_vwEgJQ--4ASxqFX35UvWtr6SDPIpwjM0uYifA65d52J8ei3hjLulkzSP3-BpaD6aa_zkkFg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-khkTcOU3kCrhpdQsnTR1kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://amazon.hzp.co/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdjyaM1u9kEGn5uXsKo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAP3HKuo"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-khkTcOU3kCrhpdQsnTR1kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://amazon.hzp.co
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXKpF9tN_cE6I9ubYBRB2QAIktU4iwKlfOFj2vRJM1p5SXVG4J66wDIaEhCwaLmkE_vwEgJQ--4ASxqFX35UvWtr6SDPIpwjM0uYifA65d52J8ei3hjLulkzSP3-BpaD6aa_zkkFg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXKpF9tN_cE6I9ubYBRB2QAIktU4iwKlfOFj2vRJM1p5SXVG4J66wDIaEhCwaLmkE_vwEgJQ--4ASxqFX35UvWtr6SDPIpwjM0uYifA65d52J8ei3hjLulkzSP3-BpaD6aa_zkkFg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1ihWSUn52pLbrt-UOOwgxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://amazon.hzp.co/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdjyaM1u9kEJiycspRRySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAADiqCqJ"
content-security-policy
script-src 'report-sample' 'nonce-1ihWSUn52pLbrt-UOOwgxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://amazon.hzp.co
content-length
0
x-xss-protection
0
server
ESF
favicon.png
amazon.hzp.co/
733 B
1 KB
Other
General
Full URL
https://amazon.hzp.co/favicon.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9541f8bc75844a7a98cf027a92424769c2a563ec1d05c6abac0ecba8e250ead
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
cache-control
max-age=3600
etag
"e01042f10106a160ab1f32b6875ea61ba9548f9b50bca3075ac938bb8b7a9dc1"
x-timer
S1735078180.386554,VS0,VE63
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
content-length
733
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
image/png
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-served-by
cache-fra-etou8220033-FRA
x-cache-hits
0
x-frame-options
SAMEORIGIN
main.dart.js
amazon.hzp.co/
3 MB
0
Script
General
Full URL
https://amazon.hzp.co/main.dart.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/flutter.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
089936edad446ed3a861e818a051967eae45813e2a39bb74ede9d1566ae73fa3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"a1aed20934a27a532b9a71d13521f342e4d5629d39a0f14131b6e23ad491ee58-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078180.463620,VS0,VE148
accept-ranges
bytes
content-length
661204
canvaskit.js
www.gstatic.com/flutter-canvaskit/edd8546116457bdf1c5bdfb13ecb9463d2bb5ed4/chromium/
91 KB
26 KB
Script
General
Full URL
https://www.gstatic.com/flutter-canvaskit/edd8546116457bdf1c5bdfb13ecb9463d2bb5ed4/chromium/canvaskit.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155cde139018d01b4ae16c67542595943ce4c118bde1e8799e01e03bfa1a4653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
age
1561
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 21:43:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 21:43:40 GMT
last-modified
Wed, 05 Jun 2024 04:13:43 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="flutter-team"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
accept-ranges
bytes
access-control-allow-origin
*
content-length
26059
x-xss-protection
0
server
sffe
FontManifest.json
amazon.hzp.co/assets/
860 B
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/FontManifest.json
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cade2d25ae4b9d31b0884c36e3d458a9cda15399965997fbda81cf64b02dff7a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"62183184e31cd054347d464a8b6a584eb7e6941b1a34df176743150f06f3f21d-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
application/json
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.579051,VS0,VE75
accept-ranges
bytes
content-length
199
collect
s.clarity.ms/
0
277 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://amazon.hzp.co/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://amazon.hzp.co
Date
Tue, 24 Dec 2024 22:09:41 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
MaterialIcons-Regular.otf
amazon.hzp.co/assets/fonts/
11 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/fonts/MaterialIcons-Regular.otf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f102204a0a91d277ea02df92b3a6ec1b01b0291e514412c18ee4aae49d6948b6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"7b1300c97118f8d3ba7c2dd9240e169b8630f63f1bb924e0d67934d2885007fe-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
font/otf
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.137599,VS0,VE73
accept-ranges
bytes
content-length
5712
FluentSystemIcons-Regular.ttf
amazon.hzp.co/assets/packages/fluentui_system_icons/fonts/
2 MB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/packages/fluentui_system_icons/fonts/FluentSystemIcons-Regular.ttf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb535dd6e8fa0d063030d8674b233e71e90d6079a8f0e1f6bb800d2e73d36834
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"7fd8df057f030b7d614372f1099466726d463182499a23d23f043bb9edacc5c8-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
font/ttf
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.138111,VS0,VE133
accept-ranges
bytes
content-length
713242
FluentSystemIcons-Filled.ttf
amazon.hzp.co/assets/packages/fluentui_system_icons/fonts/
2 MB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/packages/fluentui_system_icons/fonts/FluentSystemIcons-Filled.ttf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf52aafdac97f678a5d2b3cc922c00989ea5319af44f35cc285f315fabdb7fcf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"43d41c0c6a1e349357b10a665c8d2a0b27f110146a58b2c8dc002b45bfaff377-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
font/ttf
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.138218,VS0,VE109
accept-ranges
bytes
content-length
650044
fa-brands-400.ttf
amazon.hzp.co/assets/packages/font_awesome_flutter/lib/fonts/
203 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f29fff334747ec7d303bf58131ceddd28d1bfde973e981ce731e2d2bb93cc4e6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"168847377aba5f2b834724f058848f3f9d93ca9a50ac5dde831ad3ba37157012-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
font/ttf
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.139042,VS0,VE63
accept-ranges
bytes
content-length
109044
fa-regular-400.ttf
amazon.hzp.co/assets/packages/font_awesome_flutter/lib/fonts/
66 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079413b7606191e1a393b467c6a467f3c2ee9bedd8ae7e980a93134758c5f51c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"659176f6092d77dcf5925984c6bf8e9bd24ff2fbd98e106512fc40a4472e1760-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
font/ttf
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.138878,VS0,VE38
accept-ranges
bytes
content-length
24449
fa-solid-900.ttf
amazon.hzp.co/assets/packages/font_awesome_flutter/lib/fonts/
410 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1ce0da12a01f7ec15ae69c4ed54999ea875bd236e62fef58ac4ddbcb39b367a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"5efaa32034ec3254cc5616338301b3640413b78c3712721699f736c53fd9c8ed-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
font/ttf
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.138692,VS0,VE68
accept-ranges
bytes
content-length
145697
KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
fonts.gstatic.com/s/roboto/v20/
167 KB
89 KB
Fetch
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
age
104564
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 17:06:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 17:06:57 GMT
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
91230
x-xss-protection
0
server
sffe
canvaskit.wasm
www.gstatic.com/flutter-canvaskit/edd8546116457bdf1c5bdfb13ecb9463d2bb5ed4/chromium/
5 MB
1 MB
Fetch
General
Full URL
https://www.gstatic.com/flutter-canvaskit/edd8546116457bdf1c5bdfb13ecb9463d2bb5ed4/chromium/canvaskit.wasm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/edd8546116457bdf1c5bdfb13ecb9463d2bb5ed4/chromium/canvaskit.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
086c9d3823481d35f2c929703519707ea220ea16082f70178ccf9ba2b662df35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
age
47574
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 08:56:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 08:56:47 GMT
last-modified
Wed, 05 Jun 2024 04:14:03 GMT
content-type
application/wasm
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="flutter-team"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
accept-ranges
bytes
access-control-allow-origin
*
content-length
1528594
x-xss-protection
0
server
sffe
client
accounts.google.com/gsi/
227 KB
86 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c1a::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
92bbc149c46452921a27e0fd6f9af07561f50ba32a0725332d3f1a4d1cab661f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UUMnG2-NSbXPyYWQE9TVhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-security-policy
script-src 'report-sample' 'nonce-UUMnG2-NSbXPyYWQE9TVhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=1800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 22:09:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Tue, 24 Dec 2024 22:09:41 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
firebase-app.js
www.gstatic.com/firebasejs/10.11.1/
99 KB
22 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-app.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://amazon.hzp.co
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
age
85482
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 22:24:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 22:24:59 GMT
last-modified
Thu, 25 Apr 2024 15:11:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
22509
x-xss-protection
0
server
sffe
firebase-firestore.js
www.gstatic.com/firebasejs/10.11.1/
426 KB
109 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-firestore.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
5f379b66e553a2c6becce312f1f445ed4a436bec29b9823a337dc3f75c712ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://amazon.hzp.co
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
age
82387
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 23:16:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 23:16:34 GMT
last-modified
Thu, 25 Apr 2024 15:12:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
111667
x-xss-protection
0
server
sffe
firebase-functions.js
www.gstatic.com/firebasejs/10.11.1/
12 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-functions.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
b9ec5d97f053d2c34837547d077a2625140d8fa12bf16fa06dcf280604bff8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://amazon.hzp.co
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
age
541470
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:45:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:45:11 GMT
last-modified
Thu, 25 Apr 2024 15:12:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
4467
x-xss-protection
0
server
sffe
firebase-analytics.js
www.gstatic.com/firebasejs/10.11.1/
29 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-analytics.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
c75b37a48bfd99927dd587d1216f540bbe0d37d4bfe8d5cc31da7cdad720bd7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://amazon.hzp.co
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
age
46782
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:09:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:09:59 GMT
last-modified
Thu, 25 Apr 2024 15:11:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
9402
x-xss-protection
0
server
sffe
firebase-auth.js
www.gstatic.com/firebasejs/10.11.1/
147 KB
39 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-auth.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
0ae2ea9371912768623756128ebc290fb6252540d194aa33fdeda40d0f6548a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://amazon.hzp.co
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
age
540959
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:53:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:53:42 GMT
last-modified
Thu, 25 Apr 2024 15:11:49 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
40023
x-xss-protection
0
server
sffe
AssetManifest.json
amazon.hzp.co/assets/
4 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/AssetManifest.json
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6d8d3c36d7d1fe24fabc80f7e9166f97b594ba5e9364f934a7c116a34383fb7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"5a64fefd7d54f62c32c45dabedc9e31be8d1f6e17f3c552b60554e06293979c5-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
application/json
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078182.532180,VS0,VE78
accept-ranges
bytes
content-length
556
AssetManifest.bin.json
amazon.hzp.co/assets/
5 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/AssetManifest.bin.json
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b0fa6ce99ee41c246c4ef923e14c5d4fdd27c333502ecda7405c5786140ffe0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"1f696bdd9485283c929932e5bd59a6918f17a3ef72d7664e6c8f3518173aa17f-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
application/json
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078181.513729,VS0,VE91
accept-ranges
bytes
content-length
1357
logo_transparent.svg
amazon.hzp.co/assets/assets/images/
10 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/assets/images/logo_transparent.svg
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bec6d2534cf12516d7343d02340220b85631811b9e5885683c959bb0c2eec5e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
"b795f69974ce7087930213a411d7807cd5f78cfd601cf4f3352d772e44f8153b-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
image/svg+xml
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078182.552281,VS0,VE109
accept-ranges
bytes
content-length
4266
btnLWA_gold_390x92.png
images-na.ssl-images-amazon.com/images/G/01/lwa/
4 KB
4 KB
XHR
General
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/lwa/btnLWA_gold_390x92.png
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1792 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Server /
Resource Hash
89daa7a23fdd5eef710382b144a9325620de01fc56037b42c19069dea0a71470

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

x-amz-ir-id
092c7332-2157-412f-8ff7-a4c97e16baa3
surrogate-key
x-cache-997 /images/G/01/lwa/btnLWA_gold_390x92
expires
Wed, 25 Dec 2024 22:09:41 GMT
alt-svc
h3=":443"; ma=93600
x-cache
Miss from akamai
server-timing
provider;desc="ak"
date
Tue, 24 Dec 2024 22:09:41 GMT
last-modified
Fri, 05 Apr 2013 21:07:27 GMT
x-nginx-cache-status
HIT
content-type
image/png
akamai-cache-status
Miss from child, Hit from parent
cache-control
public, max-age=86400
peer-cache
Hit
timing-allow-origin
https://amazon.hzp.co/
accept-ranges
bytes
access-control-allow-origin
*
content-length
3665
akamai-grn
0.b6163017.1735078181.ea45159
server
Server
getAudiusData
us-central1-hzplayer.cloudfunctions.net/
214 KB
63 KB
Fetch
General
Full URL
https://us-central1-hzplayer.cloudfunctions.net/getAudiusData
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/10.11.1/firebase-functions.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
7251118053c9489a89df05a2a2a07424071d097163d161e2d0993b0185727879

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
etag
W/"358b7-4B9SOv5k8+VNEO+jIIqlR1/RE90"
access-control-allow-origin
https://amazon.hzp.co
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63905
function-execution-id
2s1oaic6a35l
date
Tue, 24 Dec 2024 22:09:42 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
87eb8c141c4b629b5e770f3dffa4ab0a
getAudiusData
us-central1-hzplayer.cloudfunctions.net/ Frame
0
0
Preflight
General
Full URL
https://us-central1-hzplayer.cloudfunctions.net/getAudiusData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://amazon.hzp.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://amazon.hzp.co
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 24 Dec 2024 22:09:41 GMT
function-execution-id
2s1ochhwpcy0
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
x-cloud-trace-context
21e08408dc9e5d63c78aaf61c94d617e;o=1
collect
s.clarity.ms/
0
277 B
Ping
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://amazon.hzp.co/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://amazon.hzp.co
Date
Tue, 24 Dec 2024 22:09:41 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=230960378633380&ev=PageView&dl=https%3A%2F%2Famazon.hzp.co%2Flogin&rl=&if=false&ts=1735078181598&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=12318&fbp=fb.1.1735078179985.169484219673516877&ler=empty&cdl=API_unavailable&it=1735078179718&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=26, mss=1232, tbw=8116, tp=21, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
191 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=230960378633380&ev=PageView&dl=https%3A%2F%2Famazon.hzp.co%2Flogin&rl=&if=false&ts=1735078181598&sw=1600&sh=1200&v=2.9.179&r=stable&ec=1&o=12318&fbp=fb.1.1735078179985.169484219673516877&ler=empty&cdl=API_unavailable&it=1735078179718&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7452104043875457625"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
q1YlD4/Es9XfOgYu2hSvAH9W3e4rjcZHXuPHr9CjArlmhSrc4ptnJA69kp8KlDIg8uuN9X/Eb5G7EdsdFnHXkQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7452104043875457625", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=26, mss=1232, tbw=8356, tp=24, tpl=0, uplat=100, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
KeyriQR.html
amazon.hzp.co/ Frame 241D
1 KB
0
Document
General
Full URL
https://amazon.hzp.co/KeyriQR.html
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f285ef5ba3f3e8b6eb54ba69d2bc47c58df7932d4102cd8f65be7e05ae3b8bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://amazon.hzp.co/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
352
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 22:09:41 GMT
etag
"18591e3b7f916dec16c46a25135a866d8522f384ee169c7d49555394d096a7b4-br"
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-frame-options
SAMEORIGIN
x-served-by
cache-fra-etou8220033-FRA
x-timer
S1735078182.626643,VS0,VE69
favicon.png
amazon.hzp.co/
733 B
0
Other
General
Full URL
https://amazon.hzp.co/favicon.png
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9541f8bc75844a7a98cf027a92424769c2a563ec1d05c6abac0ecba8e250ead
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/login

Response headers

x-served-by
cache-fra-etou8220033-FRA
cache-control
max-age=3600
etag
"e01042f10106a160ab1f32b6875ea61ba9548f9b50bca3075ac938bb8b7a9dc1"
x-timer
S1735078180.386554,VS0,VE63
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
content-length
733
date
Tue, 24 Dec 2024 22:09:40 GMT
content-type
image/png
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
vary
x-fh-requested-host, accept-encoding
x-cache-hits
0
x-frame-options
SAMEORIGIN
iframe.css
static.keyri.com/library-keyri-connect/ Frame 241D
1 KB
804 B
Stylesheet
General
Full URL
https://static.keyri.com/library-keyri-connect/iframe.css
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/KeyriQR.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.227.60 , United States, ASN (),
Reverse DNS
server-3-167-227-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc95d2efa4b41a3e35111a1e6c42a7801755678bf7702384fb6e8896fadb3dd
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
br
etag
W/"c6d4f058f49277e4e7600bd195c3d631"
x-amz-version-id
V1UpgN0BrwNzCAxl0aAJEduktwGMPzAO
age
33719
x-cache
Hit from cloudfront
x-amz-cf-id
oWWuX4JCDKUgtSHgXM81F1Ofe7mJ-vEo9r2bzDzuKQMasNuQ3JHwGQ==
date
Tue, 24 Dec 2024 12:47:43 GMT
content-type
text/css
vary
accept-encoding, Origin
last-modified
Thu, 18 Aug 2022 15:20:47 GMT
content-security-policy
frame-ancestors *
cache-control
public, max-age=2678400
via
1.1 adb85524b165725266f060aad450374e.cloudfront.net (CloudFront)
x-xss-protection
0
x-amz-cf-pop
FRA60-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
keyri-0.10.2.min.js
static.keyri.com/library-keyri-connect/ Frame 241D
137 KB
38 KB
Script
General
Full URL
https://static.keyri.com/library-keyri-connect/keyri-0.10.2.min.js
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/KeyriQR.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.227.60 , United States, ASN (),
Reverse DNS
server-3-167-227-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08465b562bb5efb74a7bca5e8322677b354a5f7b0df479a7df0038b0b764c61f
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/

Response headers

content-encoding
gzip
etag
W/"999be26376a6c03a7d66558a7a3fe919"
x-amz-version-id
E5K9KaYb.JD_jMloemYWivYG4rlN5VtS
age
42968
x-cache
Hit from cloudfront
x-amz-cf-id
vUSEqIzXwHX6AyVRlRAHDddGIuJUYCKGa5r6hn8du7Yz0ZBHQMMqBg==
date
Tue, 24 Dec 2024 10:13:34 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Sat, 15 Apr 2023 11:49:28 GMT
content-security-policy
frame-ancestors *
cache-control
public, max-age=2678400
via
1.1 adb85524b165725266f060aad450374e.cloudfront.net (CloudFront)
x-xss-protection
0
x-amz-cf-pop
FRA60-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
login_background.jpg
amazon.hzp.co/assets/assets/images/
423 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/assets/images/login_background.jpg
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72708f6b6cc64b32b4ec74413fab785b44909a5fe0fa9585b18f437743a5f60
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/login

Response headers

content-encoding
br
etag
"f74107cd81f72d6eef531933daaac5c9b309d82c918ac76ccc8143de682b3d3d-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
image/jpeg
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078182.763751,VS0,VE116
accept-ranges
bytes
content-length
422434
logo_hzp.png
amazon.hzp.co/assets/assets/images/
3 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/assets/images/logo_hzp.png
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6caf9c7b37eb04ac448bf8cb1d38bd0f087f0d3aeb5c3ca85e2396c1bd6c94f8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/login

Response headers

content-encoding
gzip
etag
"874bd64eb5093df41fb1ee01134f1cf8f53c57086ff5a714ffd7aeaf53e4155a"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
image/png
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078182.763848,VS0,VE105
accept-ranges
bytes
content-length
3109
Changa-Regular.ttf
amazon.hzp.co/assets/assets/fonts/
67 KB
0
Fetch
General
Full URL
https://amazon.hzp.co/assets/assets/fonts/Changa-Regular.ttf
Requested by
Host: amazon.hzp.co
URL: https://amazon.hzp.co/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5d5b93b40a4b3c8776aa5a0d69c73a292356a6e933605e63a49bebe471b5780
Security Headers
Name Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://amazon.hzp.co/login

Response headers

content-encoding
br
etag
"33e30b805f3a7a25e5f1e6e7adc546f00203b9cb7ff711a0ee0c3594bfbc594e-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 24 Dec 2024 22:09:41 GMT
content-type
font/ttf
x-served-by
cache-fra-etou8220033-FRA
vary
x-fh-requested-host, accept-encoding
last-modified
Tue, 09 Jul 2024 23:43:35 GMT
x-frame-options
SAMEORIGIN
x-cache-hits
0
strict-transport-security
max-age=31556926
cache-control
max-age=3600
x-timer
S1735078182.764533,VS0,VE71
accept-ranges
bytes
content-length
30326
collect
s.clarity.ms/
0
277 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://amazon.hzp.co/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://amazon.hzp.co
Date
Tue, 24 Dec 2024 22:09:42 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
s.clarity.ms/
0
277 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://amazon.hzp.co/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://amazon.hzp.co
Date
Tue, 24 Dec 2024 22:09:42 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| parcelRequire string| _rwq function| rewardful object| _AmazonPlatformUtils function| _AmazonEnum object| _AmazonLibraryLoaders function| _AmazonServices object| amzn_wa function| DocumentEventHandler string| sLoader function| _AmazonCallbackObserver function| _AmazonCache function| _AmazonInAppPurchasing function| _AmazonWebAppApiTester function| _MockAmazonJavascriptInAppPurchasingBindings function| _MockAmazonJavascriptGameCircleBindings object| amzn_wa_tester function| loginWithAmazon function| buyAmazonSubscription function| onPurchaseResponse function| handleReceipt function| notifyFulfillment function| onPurchaseUpdatesResponse function| onAmazonLoginReady object| _flutter boolean| _rewardful_loaded function| Rewardful object| amazon object| google_tag_manager object| google_tag_data string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded function| fbq function| _fbq function| isFacebookApp object| shaders number| shaderDuration function| initAudioContext function| play function| pause function| isPlaying function| playWithPath function| getAudioData function| getAnalyzer function| updateAudioData function| speed function| loop function| seek function| position function| setShaderDuration function| playAds function| delay function| setVolume function| pixelEvent function| adsNewUser function| referralCode object| GooglebQhCsO string| adroll_sid object| __adroll_consent_data object| adroll object| __adroll object| adroll_loaded object| adroll_callbacks function| adroll_tpc_callback function| UET function| UET_init function| UET_push object| ueto_46be4a645f object| uetq function| clarity object| clarityuetq object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Y2M4YThkYWNhMThkNjg3Y2xvYWRlcl9qcw== string| Y2M4YThkYWNhMThkNjg3Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| CanvasKitInit object| flutterCanvasKit function| onGoogleLibraryLoad object| firebase_core object| firebase_functions object| firebase_analytics object| firebase_auth object| firebase_firestore function| dartSongEnded function| dartAdsEnded function| dartUpdateSubscription function| dartValidateAmazonReceipt object| default_gsi object| google

3 Cookies

Domain/Path Name / Value
.hzp.co/ Name: _gcl_au
Value: 1.1.427008522.1735078180
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hzp.co/ Name: _fbp
Value: fb.1.1735078179985.169484219673516877

3 Console Messages

Source Level URL
Text
rendering warning URL: https://amazon.hzp.co/login
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A030B608E41F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://amazon.hzp.co/login
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000B608E41F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://amazon.hzp.co/login
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0402A10E41F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
amazon.hzp.co
app.kfactors.org
assets.loginwithamazon.com
bat.bing.com
bat.bing.net
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images-na.ssl-images-amazon.com
pagead2.googlesyndication.com
r.wdfl.co
resources.amazonwebapps.com
s.adroll.com
s.clarity.ms
static.keyri.com
unpkg.com
us-central1-hzplayer.cloudfunctions.net
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com

142.250.181.226
142.250.184.226
142.250.185.68
142.250.186.67
142.250.74.194
157.240.0.35
157.240.0.6
172.217.16.195
18.172.105.200
188.114.96.3
199.36.158.100
2001:4860:4802:36::36
216.58.206.35
216.58.206.46
23.96.124.68
2600:9000:225e:5400:1b:348c:b140:93a1
2600:9000:2644:3000:6:9280:1080:93a1
2600:9000:26e8:ba00:1f:5629:35c0:93a1
2606:4700::6811:f9cb
2620:0:890::100
2620:1ec:33::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200e
2a00:1450:4013:c1a::54
2a02:26f0:3500:12::1730:1792
2a05:d018:cc3:fe04:5754:7b50:f4ea:cdba
3.167.227.60
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
0297367040913757f64315bf9c83e952565ebc3c2bc71df430f6c27610c95d43
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
079413b7606191e1a393b467c6a467f3c2ee9bedd8ae7e980a93134758c5f51c
08465b562bb5efb74a7bca5e8322677b354a5f7b0df479a7df0038b0b764c61f
086c9d3823481d35f2c929703519707ea220ea16082f70178ccf9ba2b662df35
089936edad446ed3a861e818a051967eae45813e2a39bb74ede9d1566ae73fa3
0a72ce1c3f0abb545b169c70cfe0f17caf0d7b00ef398ce85cd29a8196a4694f
0ae2ea9371912768623756128ebc290fb6252540d194aa33fdeda40d0f6548a7
0cb0514adb905da471f57fba6b77a3768301f3ea4983debbaf8aa0904a66faf5
155cde139018d01b4ae16c67542595943ce4c118bde1e8799e01e03bfa1a4653
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
29206a261967b45618661eb1104bd7f0d046aaa4ea94a307b01655ce5b58c19a
37488bf715db8f474fe74765021b554149639e197d8762acb9bc839e7d47afe2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d2b803a87bda2c6064214f81f0878c08642ab57aa744977cd45b93af7b70c2c
3dd2b363c6877e162581fb5747e7540d01200ad8fe1b5ee682951f25cce0c4ce
40c55a261d328f76a13ac21d798b667fe12eac12dd4773f43ec870d8b9350aca
454e44ebdcd65d24497035c580672e164c38f60d1a7eeaafc529d0e6641ea957
4def7c2729e463a5b7e68190da5777ca69152653c093911f683aba64555e522b
51b71925a67df161f28a6c00ec873f2ca3e5da1f869881b83b9ba086bca90a25
58b75e30804d4a01e26d1f7238c49748b5f263af9a62caf8c880fe34e9ff9ed4
5e89bd8789a8f2ea7f00394fddb6c173e1661513e1c1c62fc31b6c4f89b7e74a
5f379b66e553a2c6becce312f1f445ed4a436bec29b9823a337dc3f75c712ce7
6caf9c7b37eb04ac448bf8cb1d38bd0f087f0d3aeb5c3ca85e2396c1bd6c94f8
7251118053c9489a89df05a2a2a07424071d097163d161e2d0993b0185727879
764f830a9dc5fc584b1998a90e016f99cf30d14f6d83d1e260eca0ec34f85b5f
7a96bb62819aec67bb25ef1998e5d7f3b9ecf4355e7c510056b442c162d097a9
7b0fa6ce99ee41c246c4ef923e14c5d4fdd27c333502ecda7405c5786140ffe0
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
89daa7a23fdd5eef710382b144a9325620de01fc56037b42c19069dea0a71470
8b933eb6c6f142ca9f0a61a3decae7e7e985af77ef8c52158f6c8be687caaafc
8d862533dbb99d2c9d1153157e63af5621dc2d14c62c870048892ee13d35d5fd
92bbc149c46452921a27e0fd6f9af07561f50ba32a0725332d3f1a4d1cab661f
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
a6d8d3c36d7d1fe24fabc80f7e9166f97b594ba5e9364f934a7c116a34383fb7
a72708f6b6cc64b32b4ec74413fab785b44909a5fe0fa9585b18f437743a5f60
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
afc95d2efa4b41a3e35111a1e6c42a7801755678bf7702384fb6e8896fadb3dd
b1b12b85729ff2fac7a1f75e3eab557fcddecdbe286129056bad728838b2fe3c
b9ec5d97f053d2c34837547d077a2625140d8fa12bf16fa06dcf280604bff8d4
bb535dd6e8fa0d063030d8674b233e71e90d6079a8f0e1f6bb800d2e73d36834
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bec6d2534cf12516d7343d02340220b85631811b9e5885683c959bb0c2eec5e0
bf52aafdac97f678a5d2b3cc922c00989ea5319af44f35cc285f315fabdb7fcf
c5356cb31174977b44ca91e41106cd4b3e14357f222c1ad12649dc522af63bac
c75b37a48bfd99927dd587d1216f540bbe0d37d4bfe8d5cc31da7cdad720bd7f
ca9ac92334497827c1775f89bd92666292063d4a62d03e923bea8995badd30da
cade2d25ae4b9d31b0884c36e3d458a9cda15399965997fbda81cf64b02dff7a
cb99ff76b4401615eedb6cf53b353dbbc80f1ebbd68d4692390d0fe4aa3e5cdf
ccde0f05f74be53ca39ef99744c80161558aef2504d80517eac9bb3b72c854bd
ced9dd364d3ce2301e270505138339b500ddb8548c940af8e642a4c0af58d8ed
cf139228944798f89d7f6405238acbd11268361aca122f4d03ac0a35a124db68
d6885fb27af6d1df477998a18908c06f336242e471948728f605075299fa0bd7
d68d8392b042c74823b4d0d2670bffcd41565ef6414ccc8ea649f5120be5f0c3
dc529a2509094454900b5eaf1b4022b27f2c4c704881104f6fd2ba2d9f8d28ca
e220ea5af5fefe02d576e61135178018d9d2598fdd4706b2d1d3b97bda5e2e95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49b5ee21855ec4829555f7b4e0fdf40bff0b694cf0d93c18012145c9f39835e
e5d5b93b40a4b3c8776aa5a0d69c73a292356a6e933605e63a49bebe471b5780
e9541f8bc75844a7a98cf027a92424769c2a563ec1d05c6abac0ecba8e250ead
e98c6a1c90c1fa8b92724822dc8424657e815a1e1657f764750d40ee3a23777c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f102204a0a91d277ea02df92b3a6ec1b01b0291e514412c18ee4aae49d6948b6
f1ce0da12a01f7ec15ae69c4ed54999ea875bd236e62fef58ac4ddbcb39b367a
f285ef5ba3f3e8b6eb54ba69d2bc47c58df7932d4102cd8f65be7e05ae3b8bc8
f29fff334747ec7d303bf58131ceddd28d1bfde973e981ce731e2d2bb93cc4e6