urlscan.io logo urlscan.io
SecurityTrails logo

form.promo Open in urlscan Pro
2606:4700:3035::6815:11dc  Public Scan

Go To Rescan Add Verdict Report
URL: https://form.promo/
Submission: On December 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3035::6815:11dc, located in United States and belongs to CLOUDFLARENET, US. The main domain is form.promo.
TLS certificate: Issued by GTS CA 1P5 on November 9th 2023. Valid for: 3 months.
This is the only time form.promo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    2606:4700:3035::6815:11dc (United States)

ASN13335 (CLOUDFLARENET, US)
form.promo
5    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
28 form.promo
form.promo
387 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
224 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
340 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
50 6
Domain Requested by
28 form.promo form.promo
6 pagead2.googlesyndication.com form.promo
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 www.googletagmanager.com form.promo
www.googletagmanager.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
50 7

This site contains no links.

Subject Issuer Validity Valid
form.promo
GTS CA 1P5		 2023-11-09 -
2024-02-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://form.promo/
Frame ID: DA356D3DA38405D233CF8EFA61879921
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: CA661BCC07D52169C66039582197FC0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7355078645502275&output=html&adk=1812271804&adf=3025194257&lmt=1699471704&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fform.promo%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701390400810&bpp=4&bdt=771&idt=220&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1181384617702&frm=20&pv=2&ga_vid=1549048375.1701390401&ga_sid=1701390401&ga_hid=630780222&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=2112760009586784&tmod=1017054751&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244
Frame ID: 4F622B843BA74F5CDBF3BECBBE14D2DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 102B52E060D0F0DD21CAB2DCDFB95198
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B098E6F828C7F11DCE749468443E55E3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

סאן ספארק מרכז הידע – עתיד גדול לגאונים קטניםכלי נגישותהגדל טקסטהקטן טקסטגווני אפורניגודיות גבוההניגודיות הפוכהרקע בהירהדגשת קישוריםפונט קריאאיפוס

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

98 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

978 kB
Transfer

2641 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
form.promo/ 		69 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa705aa1841028fdf620203bf81f78ee17222a7c58872a5db21c86fd2efca18c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82e7332d4cb40f39-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 00:26:40 GMT
last-modified
Wed, 08 Nov 2023 19:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5sJ9uhEWb5zHbQzhExsqmW8TiFPkFMek9rtkDjLSouSFj2eJpsC4Svm6dtugtIl7oVXE%2BCrePlRA6FuUoGw12hOeQB58EXZjckfaLmi5r7yP17W1pzwFyqliDEzuCyz31fl4GUotQWs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
flatpickr.min.css
form.promo/wp-content/plugins/e-addons-pro-form-extended/modules/extended/assets/lib/flatpickr/dist/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/plugins/e-addons-pro-form-extended/modules/extended/assets/lib/flatpickr/dist/flatpickr.min.css?ver=4.1.4
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4573c0cb11d5c8c2f16f44d808cd8e5b947819691c0ded368dd620c99a78d4e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 10:11:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654375d0-3ed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqv5BkBlVQ01GKRO7kEDpIFUCYzvROTT4nrkgO7aKQn%2F1YLMaWoDWBVtU1YaoYhVYmfvmtUD8Q%2Bwzj1PQHuXvmzHnuGBNB87mtb0iBdWHmKJoyJBjARgmWbMVmtHOuioHK2bLGYho9Mj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e7333078610f39-EWR
alt-svc
h3=":443"; ma=86400
style-rtl.min.css
form.promo/wp-includes/css/dist/block-library/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195e8477d09f2cb72a658301e339cc931b55ad134ed59d65f1ad7fea9aa0520e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 06:54:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654b309a-1ad24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LKy%2Fz1xsEdsTJbZriMC72XJXP%2B4upHBJpCtLZVy1%2BKV2jo2GjMl%2B0elDcXBrG%2Bb1ah4amm0xalA1U3lGHhT7uczFTHVpLr%2F453%2B%2FaKz2qGHtDpyfsRfuNCmbK4nALt3FADIs5Q76kcI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e7333078620f39-EWR
alt-svc
h3=":443"; ma=86400
all.min.css
form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/ 		59 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=1699471425
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb0230798f58b048cf2d27cc3111cb283c6c9e1bd92b7107b145ca3e6b42b6ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 19:23:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654be041-ec83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ3b0%2BXtac3KGRNCIiguFE3t%2BMqVAWzlyyjcYYZ6d5Kdhr2ZQvOrEPKZffEHTNBZox0t9z4OQY%2B5%2FKTjCUcuVNliDPmkQetvly4iDptLX25gyJFzzJKL%2B2OB2FFJInKqQlfIB6r7yrB5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e7333078630f39-EWR
alt-svc
h3=":443"; ma=86400
simple-line-icons.min.css
form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/css/third/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=1699471425
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6733e905ad5e9a670284577fa5c6c3999b223e46e569fd9f7e89a675067afc7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 19:23:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654be041-2ba3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dWJ5a3bh9aitvSqc7tx037JBqYFxpj%2BlOJfkKxg%2Fo7OzG6zpLL8epIB4Ff59wSAtL6hUkt9kaYU5DmYmtPEvCkJBlc6QlkWNGzukVzPREymuTkDAWcq9QmoS9IDhzuBSmctspdL%2BLGZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e7333078650f39-EWR
alt-svc
h3=":443"; ma=86400
style.min.css
form.promo/wp-content/themes/oceanwp/assets/css/ 		174 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6de76e7f73d039817a17dda8157e8371a55e93a07343ca6810138ec76dc1d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-2b8b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVQx8a0ObRUFAG6kEpvFrvL6RoMCroKX61Dk89pAxhwuqLaqGtZEM9DJZbk1kmb%2BXquEbSBlOsep%2BTq4CxQmex1VIGmKS8agOd5Ngh5WWtaJen07mZa5F%2FBf5dV3sN57MsRXA%2BuwIGId"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e7333078660f39-EWR
alt-svc
h3=":443"; ma=86400
style.min.css
form.promo/wp-content/plugins/pojo-accessibility/assets/css/ 		51 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/plugins/pojo-accessibility/assets/css/style.min.css?ver=1.0.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee52185d6a681a5d5b8a21ff5321901ce83e4ded11213a2e169d8be1e0417aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 10:24:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64bfa2c8-cc6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAOHu96qLohXdq3vJmd%2Bcis8ZN%2ByrTQlCCaReomGGCamXPuiT%2Fg5MP0k1dM0O%2B91QLd7xsi%2BVwCqe7u5eV4bfFDoItIJHJGRWkx3E4mTUDoO4zb9vk94EukkTCdbxwq9%2BkL9CqQecg4P"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e7333078670f39-EWR
alt-svc
h3=":443"; ma=86400
widgets.css
form.promo/wp-content/cache/min/1/wp-content/plugins/ocean-extra/assets/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/cache/min/1/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=1699471704
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db97ca07892f054c87699328a4b92e83714a5206bd0906c83f1f0b8395edfd61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 19:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654be158-c93a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4ABf49dn3F2zC3vFAvAmOXXvzYGd1iIz96%2B%2FGjZYhaTS1jTzpbcE%2BEs5t0enyPe1OpXquI6WF5LuMQd%2F5NpEprUubYP4JTM8ZOpQHl%2BvLvqE%2B1InpGpl7hYsP1wKxUGWgYXprFTehQS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e7333078690f39-EWR
alt-svc
h3=":443"; ma=86400
rtl.css
form.promo/wp-content/cache/min/1/wp-content/plugins/ocean-extra/assets/css/ 		1 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/cache/min/1/wp-content/plugins/ocean-extra/assets/css/rtl.css?ver=1699471704
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ca5af3a7797a2d52609bfe250093a60214c67695a18d81519f7c4abd433185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 19:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654be158-46b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FHfj2JhTxCgqWtyOkSu%2FxrQtWqI9AhO8dolpq5tOPz9u2SaKPhZFk32wzHZQmgvf5yn495ksgY6sf1dh0XEbA48H37gxrZ5t2vJ9vwgLi%2F7QLzuewhPIMKYHDHvy8QiWX84xP8htQtD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e73330786a0f39-EWR
alt-svc
h3=":443"; ma=86400
jquery.min.js
form.promo/wp-includes/js/jquery/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 06:54:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654b309a-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glBhODFeH9CPAgIQZelyr%2F7tnd0eHidbZZxOD4E1vZTC%2B7m7rDa9GxgSoxnoq6i9TzqSgg8M4xOzaESvXL4HE1ADhxUunR%2B%2BqN%2B6Xw6dyqRJnOqoSxUqBHhpVaQhCsVajrQ3Qye0BnEP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e73330786c0f39-EWR
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
form.promo/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 09 Aug 2023 07:21:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d33e80-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZDO2PgpBmEDoi8i1mm9VIsqnmmTMB2AFxVXsxvUjbFx9uhYdxZWu8MxB97JxsDyatjga6aQtXkzODw3BOXLNuo5KTS5xqMtmWpaur7wJsLESvbvQjeBfzFk8wcBBWeD7NvuLibkl%2FVP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e7333078720f39-EWR
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-9277647-29
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e1746e845cd181e67dbd46b402c2b586c793492d6c02b6c958fc29e372b8630
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68532
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 00:26:40 GMT
rtl.css
form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/rtl.css?ver=1699471704
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bf1be2d8eb05bae5ecdf45b80267af330419bf8831438666a35d2052709401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 19:28:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654be158-33fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tpxqrvfTxLxmxrUDAVFxFRsFUyWP6l%2BIjYnjSBY%2FSXBpPyAkIOSo15U1xAPuhupBHnrBqCW05YZIeocTHXazr8mrIg0JI%2Bj4jt8ZUBRQBNc%2FnXyXxspiLHQC4qSIi4R24%2BKRx52BsBz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
82e73330786b0f39-EWR
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7355078645502275&host=ca-host-pub-2644536267352236
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b26b4bed7e96121f96d464ff963becee105dc2df124003d953c2f268308b940f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://form.promo/
Origin
https://form.promo
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52599
x-xss-protection
0
server
cafe
etag
10435082888681379946
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 00:26:40 GMT
NEW-LOGO-SEMEL-SUNSPARK-white.jpg
form.promo/wp-content/uploads/2021/04/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://form.promo/wp-content/uploads/2021/04/NEW-LOGO-SEMEL-SUNSPARK-white.jpg
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fa474312a149112d6324ea36e5e9f70c2cd138ab6774fca9ec00f585f9bdd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Sun, 18 Apr 2021 11:40:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"607c1ab7-107b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2dSkPu9gR2IjcFSiaRSLatzreKH6ZptlXvjeI6nYEgFqh%2BKQC43S4XMUKVBEMw9nTk0ZzT0eGsgHxMnaRKhiViSDcVGf5MYPZVAqexLxgaZIMUeueofeLIgWv%2BpuXzJybOpIN%2BFBtM2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82e7333078750f39-EWR
alt-svc
h3=":443"; ma=86400
content-length
67513
imagesloaded.min.js
form.promo/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 06:54:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654b309a-1590"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJztIhw16%2FOomHm71lBtuW6E%2FdN87XQceQkCDNGFZv2zE2G7IrcbnHGlkVRt1Qr7qFsEOvrbvWGbP%2BWqyhAYN5WdqQHsKj3wPZ5znKb9IwuvEYnWT%2B1aAZTtkzMUYVhb%2FrRKdDjikJkT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e7333078760f39-EWR
alt-svc
h3=":443"; ma=86400
theme.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/theme.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5a9e7bcbc5af3b986767a8193c1d9dbb9c7bd2368ba33c25eff7bd7a76987a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-4d4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0%2BregVqWjBiqV6%2BWW3oac6CrfuJfZ6x9WpFDVf6ut9%2F3x0q8aL2uC%2BPdn4ShYjSdAYlI1rQJAsH8mbkoR%2FmWXZK5R5frwYNpsUgb%2Fua%2F2dt%2FdyjhkOSGuyNqLieMhwd%2BxLbss%2BEoi8B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e7333078780f39-EWR
alt-svc
h3=":443"; ma=86400
drop-down-mobile-menu.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/drop-down-mobile-menu.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c345ef59fb2b287237939e1cc8cc92028711602334db6d338990a01676f8e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-3707"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZeYtI0MQL%2BQDk26aD1Jq7IlkchFxyzlwtXvoNo7YkfIwmYQOTRbzqqE4qvgSmVICR0b%2F45GGqc4EsCHnFBM%2F%2FD4NbfWYwLbj4AFphqAprvkDfP%2FoqVIACroC54IBRllLANY6C7k%2BKHw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e73332d9ee42c9-EWR
alt-svc
h3=":443"; ma=86400
drop-down-search.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/drop-down-search.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca63a56d305249eb4cddeec8a6501010e206e110445f46572be1f2d56a1785fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-1d74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsrBW9Fc4B7Fh%2FnDS0lh9S52rkw88rIj3YrkTNxOYj9WVdi0aqhW6MvXQpLTuf%2FXuHHBxQ%2B3S6EBfihVFYGgK3zwbJVYqVxb3a8bd8uLj3nYJgMmI0Ckd%2FVI%2B74f5GlCMndMeE8mhJpO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e73332d9f142c9-EWR
alt-svc
h3=":443"; ma=86400
magnific-popup.min.js
form.promo/wp-content/themes/oceanwp/assets/js/vendors/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-4ef8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJW4S1DwBZ36QBfW1i3yZi6loB7xBeewXQ%2F0mQwayXk%2FMesmpMP11zy5LPpcXkAgN5jo5In5WrwhTD2hGnVrc4X0rqZxaPNGsjLhKZgXZtx0fs1Vk6WlbfcT0BHSYtLlTvh51WMEYPqw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339ae542c9-EWR
alt-svc
h3=":443"; ma=86400
ow-lightbox.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/ow-lightbox.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6678f5308a4fd9620f440c3e6433920f9a09a9d6465a13888d9638aa23d70191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-100f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gelAEti%2F4giMaJ0eEZUxt5Rnx5ucmYtH%2FQj%2B6T%2FWn2XbxDq08CibLVpDxW7gN2tKtxv7w2XNKONRyLnfEWiuJtJ3jzBlcUVtU%2F9IWsWkOi%2FovVUiiUimG2ckr%2FbFCPnDFUIpjYdZFvw4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339ae942c9-EWR
alt-svc
h3=":443"; ma=86400
flickity.pkgd.min.js
form.promo/wp-content/themes/oceanwp/assets/js/vendors/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/vendors/flickity.pkgd.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472c7748607b5b76986bb54ffe3fe79ea954f61705aabd2a0fa80d13b2eee46b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-e0a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWixj2PldY65owLUQDVFqjOYBTjZk%2FT%2Bs%2B7HHpYRaAfRir8hDP9Q2lW1l%2B1vCfIEODl4OW9ks%2BHTLX7qcMJVvgLzhs4yG2GWFcK1xNnnmSyDMcMMomSXwQkkqHkaEVWhnOShOjzNWmHz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339aeb42c9-EWR
alt-svc
h3=":443"; ma=86400
ow-slider.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/ow-slider.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b817c9b9bb557b34222c4598548f3569a7c8f2bb30b796a6c92d47dd740e4271
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-7d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKvVNn99JqK%2FEuwSCzxSCSEKNZcyttKpVMg1mLEAEJ7NGNsQA4Mu81FhRTmIOyCiCBWbH5rTdKC399U68vvCZp%2B6TzDFtX53sRhzHCyHTBEDi8g5gA7AHKo9G2siwQNrLIseZr6jXC3u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339aec42c9-EWR
alt-svc
h3=":443"; ma=86400
scroll-effect.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/scroll-effect.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10efa10637c7d5118a6140bf92bfc790edd4a9eae884eeb4ff0530e04154d8af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-2e6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2cKI%2BHs32UGg0h3osW8l6BzcvzMFtl0cz0JU3X2uRSORCBuM8ZS%2FRU2l%2FmH2ra%2BNQe%2FubcVAHABGbiaONSBHbDXFyHTrIxIfIg%2FXd1oeOUYbvAl5TJNEuiJaG%2FxCp0RqzoLfFyH%2F3BK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339aee42c9-EWR
alt-svc
h3=":443"; ma=86400
scroll-top.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/scroll-top.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27375090fa7a6b1b7953505ccce5ff008db3c23196579db5749f71f0f485304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-231d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kw1ePMTbMjbUL7OOHVr5Eoj3K6JP%2BYA2G2Ojstwk%2FdXWoS49JhjGg2BRTC3JjRRijMg%2B26N4uPVorVlUzwnSSijg4my34qvxWuV%2BmPxxHxvknRTo4kjt7WRVFyJWXCjgyiwBbWcc1S4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339aef42c9-EWR
alt-svc
h3=":443"; ma=86400
select.min.js
form.promo/wp-content/themes/oceanwp/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/js/select.min.js?ver=3.5.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d05f3a54518cd3ac3a4e9b4cf8c5f0deab037e659299f66a534d00fe10618b64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6543933e-143d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytD3NCkBTWHRpWf4V5%2BcDAyWSAUh8SgLwFPrFZyp%2FBwc1GrDGOP5UEH%2FGxPrcYlZTdxqwGohy2hmLkisNSdr7941wd%2BNnS89drSWOGylDNECSHyEwBkk1vubVsOqvCpR6xCBe2ucq1GQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339af042c9-EWR
alt-svc
h3=":443"; ma=86400
app.min.js
form.promo/wp-content/plugins/pojo-accessibility/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747ee080eb57ab3ca956da0c0779e4177492db9da1a7022c4979936c2fd872f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 10:24:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64bfa2c8-14c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFfeP6Jr1N7otvVZEp9dAYQid7Jc3E9Yc7xIpMVZnaRVxWaadiXz8bZqL61X6pVdAvPBhIn3%2Ba3y%2FueTvDN11A2Fw9G3n3bA6qq9F8o3z41CiiVR1jL8BvQPkpL9%2F%2BZcirkhTz%2BA1EJ1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e733339af142c9-EWR
alt-svc
h3=":443"; ma=86400
43163c89-1557-44fc-a4a4-d2c953bcdd84
https://form.promo/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://form.promo/43163c89-1557-44fc-a4a4-d2c953bcdd84
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJQFXJ4
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f30ba590b1b80c32fb98675e73b9b138a163c423c348be794d965d0e72bf77ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44270
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 00:26:40 GMT
Simple-Line-Icons.woff2
form.promo/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: form.promo
URL: https://form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=1699471425
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=1699471425
Origin
https://form.promo
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:41 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6543933e-7570"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38GZCuX3vwpIm0LY2032a9nbBddB3JrOdeiZvGfWMIbifbctVLXKCw%2BspCNSXfuJzSa2DGmrR%2Fd8AFDYE3of6dtiMb1gLjgeKd%2BpPjDxdhTiSrq5qGl37KNL8LURl5Smqaxm5l5YIAHn"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82e73333cb1b42c9-EWR
alt-svc
h3=":443"; ma=86400
content-length
30064
fa-solid-900.woff2
form.promo/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: form.promo
URL: https://form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=1699471425
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://form.promo/wp-content/cache/min/1/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=1699471425
Origin
https://form.promo
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:41 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 12:17:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6543933e-139ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77P5zbZhp0dxzFYrsRRoAn32UDlVqsXSGMxG1x2mf7RJAfIluM56IhrsShNebCZJQwnrejOCIXVWu6dzUaXozvewLD%2FmTK6DfBcO8xfQkorrxi%2BVr%2BVEqg7dlBtA9s15AP6Iw%2FaPe14d"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82e73333cb1c42c9-EWR
alt-svc
h3=":443"; ma=86400
content-length
80300
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-9277647-29&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJQFXJ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9463122c7baf33ba4a649f729737d0a321a210217941469e9df3038ed751fff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68571
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 00:26:40 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J3BJQ20D9G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJQFXJ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2bc3b055c1d22917fc21bbab6e4321077efbc26f8a6de116cfb8f87a347b017d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85003
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 00:26:40 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7355078645502275&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9abf5c66ab4755aa0eeec28134e31c89a92ed9d2a824a69cc2b07562cdcae680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137246
x-xss-protection
0
server
cafe
etag
2845442418029844221
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 00:26:40 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame CA66 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7355078645502275&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://form.promo/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
15199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:13:21 GMT
etag
12051592065903069241
expires
Thu, 14 Dec 2023 20:13:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PCW0C76VE1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9277647-29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23dff2989ff6348466330a0dcf816553b319312ef1bdf180c9d2dc4b259bc80e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80910
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 00:26:40 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9277647-29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 22:52:28 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5652
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 01 Dec 2023 00:52:28 GMT
collect
www.google-analytics.com/g/ 		0
167 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-J3BJQ20D9G&gtm=45je3b60v888875107&_p=1701390400571&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1549048375.1701390401&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701390400&sct=1&seg=0&dl=https%3A%2F%2Fform.promo%2F&dt=%D7%A1%D7%90%D7%9F%20%D7%A1%D7%A4%D7%90%D7%A8%D7%A7%20%D7%9E%D7%A8%D7%9B%D7%96%20%D7%94%D7%99%D7%93%D7%A2%20%E2%80%93%20%D7%A2%D7%AA%D7%99%D7%93%20%D7%92%D7%93%D7%95%D7%9C%20%D7%9C%D7%92%D7%90%D7%95%D7%A0%D7%99%D7%9D%20%D7%A7%D7%98%D7%A0%D7%99%D7%9D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1488
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J3BJQ20D9G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 00:26:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://form.promo
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PCW0C76VE1&gtm=45je3b60v9114987193&_p=1701390400571&gcd=11l1l1l1l1&dma=0&cid=1549048375.1701390401&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701390400&sct=1&seg=0&dl=https%3A%2F%2Fform.promo%2F&dt=%D7%A1%D7%90%D7%9F%20%D7%A1%D7%A4%D7%90%D7%A8%D7%A7%20%D7%9E%D7%A8%D7%9B%D7%96%20%D7%94%D7%99%D7%93%D7%A2%20%E2%80%93%20%D7%A2%D7%AA%D7%99%D7%93%20%D7%92%D7%93%D7%95%D7%9C%20%D7%9C%D7%92%D7%90%D7%95%D7%A0%D7%99%D7%9D%20%D7%A7%D7%98%D7%A0%D7%99%D7%9D&en=page_view&_fv=1&_ss=1&tfd=1553
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCW0C76VE1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 00:26:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://form.promo
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4F62 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7355078645502275&output=html&adk=1812271804&adf=3025194257&lmt=1699471704&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fform.promo%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701390400810&bpp=4&bdt=771&idt=220&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1181384617702&frm=20&pv=2&ga_vid=1549048375.1701390401&ga_sid=1701390401&ga_hid=630780222&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=2112760009586784&tmod=1017054751&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://form.promo/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 00:26:41 GMT
expires
Fri, 01 Dec 2023 00:26:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=630780222&t=pageview&_s=1&dl=https%3A%2F%2Fform.promo%2F&ul=en-us&de=UTF-8&dt=%D7%A1%D7%90%D7%9F%20%D7%A1%D7%A4%D7%90%D7%A8%D7%A7%20%D7%9E%D7%A8%D7%9B%D7%96%20%D7%94%D7%99%D7%93%D7%A2%20%E2%80%93%20%D7%A2%D7%AA%D7%99%D7%93%20%D7%92%D7%93%D7%95%D7%9C%20%D7%9C%D7%92%D7%90%D7%95%D7%A0%D7%99%D7%9D%20%D7%A7%D7%98%D7%A0%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1817639147&gjid=1160292269&cid=1549048375.1701390401&tid=UA-9277647-29&_gid=2105688424.1701390401&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=542447079
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://form.promo/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 00:26:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://form.promo
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
form.promo/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.promo/wp-includes/js/wp-emoji-release.min.js?ver=6.4
Requested by
Host: form.promo
URL: https://form.promo/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:11dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:41 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 29 Mar 2023 19:21:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64248fc2-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KukWgsT%2FsbhQqGuIpZFuzE4q2c1vAU5VhT6qNN%2FtSDwPlfQl2K3iBmVs%2Fg9KbJnq95Ggb%2Fp0Pku93EBv509Fig6ZFGB5L8kW9zvflSAv4nBQk%2FsyAvgkLQtsG3k72yVTpn19CsGinNEt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
82e73336ee8442c9-EWR
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a855da708f575d00c58ada0f8b6877356eaf39e9b93e8f7c226f03bc87b3c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12112
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 00:26:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 102B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://form.promo/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
212900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 13:18:22 GMT
expires
Wed, 27 Nov 2024 13:18:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B098 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
971a0b93105651d5fda66d32b1f1647a4d9d98086f86922bd8aa2b0240122510
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-en8LJtjk0NyLg6cNbWcIcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://form.promo/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-en8LJtjk0NyLg6cNbWcIcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 00:26:42 GMT
expires
Fri, 01 Dec 2023 00:26:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 102B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:07:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
15544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 20:07:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B098 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=2112760009586784&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 102B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5KS9HQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 00:26:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=2112760009586784&bg=!Dg2lDULNAAY3kmNgF5I7ADQBe5WfOEyPlYzW38MysVMqobbv-CxdGT-8difmifSogCSJWhGDkVA-AZPr4XQmq_VskZ1IAgAAAIJSAAAABGgBB5kCrb2E3cVXpybVG5zFxekg7FKksR5Ganij4RBd90KJCpPBJEv7zRR8zJ_bdl_RV72qnh5cAFIgJaTQDyy2GilFqFj45L6Qtq-Pe5urPa4yHHMR-aBaw3HxYVfniOBKGFqcWtTDFSSnolg_khLWJNuB1u3bheEzqVVN6Ah-ixIkzcfsso7RjNWjR7O8QAQzFv8sHzWP7pCqG1491hKVtzgEbTLOGH6_s_8ssgxvI6QSAex0Qbqwu56YrHOKZr4MUVjKNUKalyfyh5KycO8JCG2GkihyCfv25eaQhY9ZhSGeLDagz7oQc7wdDT0kFayvxDyxqyBCdzCaLmwF580QuYGKYMmQzL8n7Q9kMBuZxIEE63O51A2cg6XCO9HKB2zwE601VNoqxThJw928ROJ-260P3gRsPu94uiXwLxhSQmR1kImekUsy7AalgFGynXfkUt4Hvb694f8srHtjbfTLbfMf5-7F-bHY6JlkDip3vtySczgj5sghe65JiNBRb2tXqga7wqFfv8FTMttoysId4qBFYfHAo4XKTPwni5kN9Nml3pocmbqWgYBeBgqGOQwq0nYg6m0Vr6WteoeFA5vTbPkVA_P4KefXI7JtEiICY7DosRfSSZ-4mnmZy9ZGarZsVfBJMbi0xXvxy2ng57b4LpGLyYiyc_8pSIG6_cNX53cjR_F4FJ1VcdhoMY810C3qQiJi1bnSKZARp6Rd4VuvCUeYsOo_MC9suC5fzqNgq6Xcykv3yQpUaMVG9JYWTGwqiXuJVU33XzdgHAj8OjN-_-5yLcDNkc9n44oFBAHrJRPrv-52u4jqR_vpa1B4i7lGkq539noCj-_1_dozXW_jwYYnC-bqLwzSq94-9tk63F59yn1cHfgKfZKgF3yKubVPeao4-YAZOcJCcmDaYiqJnqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://form.promo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig function| EvEmitter function| imagesLoaded object| oceanwpLocalize object| oceanwp object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| PojoA11yOptions object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.form.promo/ Name: _ga_J3BJQ20D9G
Value: GS1.1.1701390400.1.0.1701390400.0.0.0
.form.promo/ Name: _ga_PCW0C76VE1
Value: GS1.1.1701390400.1.0.1701390400.0.0.0
.form.promo/ Name: _ga
Value: GA1.2.1549048375.1701390401
.form.promo/ Name: _gid
Value: GA1.2.2105688424.1701390401
.form.promo/ Name: _gat_gtag_UA_9277647_29
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

form.promo
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2606:4700:3035::6815:11dc
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4020:805::200e
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
10efa10637c7d5118a6140bf92bfc790edd4a9eae884eeb4ff0530e04154d8af
18fa474312a149112d6324ea36e5e9f70c2cd138ab6774fca9ec00f585f9bdd2
195e8477d09f2cb72a658301e339cc931b55ad134ed59d65f1ad7fea9aa0520e
23dff2989ff6348466330a0dcf816553b319312ef1bdf180c9d2dc4b259bc80e
2bc3b055c1d22917fc21bbab6e4321077efbc26f8a6de116cfb8f87a347b017d
3a855da708f575d00c58ada0f8b6877356eaf39e9b93e8f7c226f03bc87b3c2c
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4573c0cb11d5c8c2f16f44d808cd8e5b947819691c0ded368dd620c99a78d4e5
472c7748607b5b76986bb54ffe3fe79ea954f61705aabd2a0fa80d13b2eee46b
4e1746e845cd181e67dbd46b402c2b586c793492d6c02b6c958fc29e372b8630
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6678f5308a4fd9620f440c3e6433920f9a09a9d6465a13888d9638aa23d70191
6733e905ad5e9a670284577fa5c6c3999b223e46e569fd9f7e89a675067afc7f
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
747ee080eb57ab3ca956da0c0779e4177492db9da1a7022c4979936c2fd872f1
76ca5af3a7797a2d52609bfe250093a60214c67695a18d81519f7c4abd433185
7c345ef59fb2b287237939e1cc8cc92028711602334db6d338990a01676f8e45
88bf1be2d8eb05bae5ecdf45b80267af330419bf8831438666a35d2052709401
9463122c7baf33ba4a649f729737d0a321a210217941469e9df3038ed751fff3
971a0b93105651d5fda66d32b1f1647a4d9d98086f86922bd8aa2b0240122510
9abf5c66ab4755aa0eeec28134e31c89a92ed9d2a824a69cc2b07562cdcae680
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
b26b4bed7e96121f96d464ff963becee105dc2df124003d953c2f268308b940f
b27375090fa7a6b1b7953505ccce5ff008db3c23196579db5749f71f0f485304
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b817c9b9bb557b34222c4598548f3569a7c8f2bb30b796a6c92d47dd740e4271
be5a9e7bcbc5af3b986767a8193c1d9dbb9c7bd2368ba33c25eff7bd7a76987a
ca63a56d305249eb4cddeec8a6501010e206e110445f46572be1f2d56a1785fd
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d05f3a54518cd3ac3a4e9b4cf8c5f0deab037e659299f66a534d00fe10618b64
d6de76e7f73d039817a17dda8157e8371a55e93a07343ca6810138ec76dc1d6c
db97ca07892f054c87699328a4b92e83714a5206bd0906c83f1f0b8395edfd61
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee52185d6a681a5d5b8a21ff5321901ce83e4ded11213a2e169d8be1e0417aab
f30ba590b1b80c32fb98675e73b9b138a163c423c348be794d965d0e72bf77ac
fa705aa1841028fdf620203bf81f78ee17222a7c58872a5db21c86fd2efca18c
fb0230798f58b048cf2d27cc3111cb283c6c9e1bd92b7107b145ca3e6b42b6ec