urlscan.io logo urlscan.io
SecurityTrails logo

promoganhei.com Open in urlscan Pro
2606:4700:3032::ac43:a62c  Public Scan

Go To Rescan Add Verdict Report
URL: https://promoganhei.com/
Submission: On October 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 3 countries across 27 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3032::ac43:a62c, located in United States and belongs to CLOUDFLARENET, US. The main domain is promoganhei.com.
TLS certificate: Issued by GTS CA 1P5 on October 18th 2023. Valid for: 3 months.
This is the only time promoganhei.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.92.36.64 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.240.27.180 16509 (AMAZON-02)
1 2600:9000:250... 16509 (AMAZON-02)
1 18.165.98.98 16509 (AMAZON-02)
1 157.53.227.1 63911 (NETACTUAT...)
1 2600:1408:7::... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
1 18.165.83.21 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 52.48.37.130 16509 (AMAZON-02)
2 2600:1408:c40... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
4 151.101.129.44 54113 (FASTLY)
1 142.251.16.156 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
2 2620:1ec:48:1... 8075 (MICROSOFT...)
8 2a03:2880:f00... 32934 (FACEBOOK)
2 43.152.136.177 139341 (ACE-AS-AP...)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 20.231.53.73 8075 (MICROSOFT...)
7 2a03:2880:f10... 32934 (FACEBOOK)
1 141.226.224.32 200478 (TABOOLA-AS)
3 35.227.215.158 15169 (GOOGLE)
1 54.74.243.250 16509 (AMAZON-02)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 35.201.119.36 396982 (GOOGLE-CL...)
2 141.226.224.48 200478 (TABOOLA-AS)
87 37
1    2606:4700:3032::ac43:a62c (United States)

ASN13335 (CLOUDFLARENET, US)
promoganhei.com
2    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.92.36.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
3    2606:4700:3034::6815:500b (United States)

ASN13335 (CLOUDFLARENET, US)
styles.assets-landingi.com
old.assets-landingi.com
8    2606:4700:3031::ac43:ac92 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.assets-landingi.com
old.assets-landingi.com
1    34.240.27.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-27-180.eu-west-1.compute.amazonaws.com
popups.landingi.com
1    2600:9000:2501:e200:18:4b34:9880:93a1 (United States)

ASN16509 (AMAZON-02, US)
icons.assets-landingi.com
1    18.165.98.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-98.iad55.r.cloudfront.net
assetslp.link
1    157.53.227.1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 1.227.53.157.ptr.anycast.net
landingistats.com
1    2600:1408:7::170f:91a (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
3    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.165.83.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-21.iad55.r.cloudfront.net
tagmanager.landingi.io
3    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.48.37.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-37-130.eu-west-1.compute.amazonaws.com
stats.landingi.com
2    2600:1408:c400:68::17db:9a53 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.lugc.link
3    2607:f8b0:4004:c17::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
www.googleadservices.com
4    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:e4::ac40:a903 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.rubiconredirect.com
2    2620:1ec:48:1::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
8    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    43.152.136.177 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
s1.kwai.net
2    2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c08::99 (Ashburn, United States)

ASN15169 (GOOGLE, US)
gtm-mmj9wpr-mwfly.uc.r.appspot.com
5    2607:f8b0:4004:c09::69 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
7    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    35.227.215.158 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 158.215.227.35.bc.googleusercontent.com
api.mythad.com
1    54.74.243.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-243-250.eu-west-1.compute.amazonaws.com
lightboxes.landingi.com
2    20.125.209.212 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    35.201.119.36 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.119.201.35.bc.googleusercontent.com
logsdk.kwai-pro.com
2    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
12 assets-landingi.com
styles.assets-landingi.com — Cisco Umbrella Rank: 327589
scripts.assets-landingi.com — Cisco Umbrella Rank: 310730
icons.assets-landingi.com — Cisco Umbrella Rank: 573316
old.assets-landingi.com — Cisco Umbrella Rank: 374124
50 KB
8 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
295 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
trc.taboola.com — Cisco Umbrella Rank: 680
pips.taboola.com — Cisco Umbrella Rank: 1752
cds.taboola.com — Cisco Umbrella Rank: 2153
trc-events.taboola.com — Cisco Umbrella Rank: 2281
32 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
332 B
7 google.com
analytics.google.com — Cisco Umbrella Rank: 178
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 998
q.clarity.ms — Cisco Umbrella Rank: 7704
c.clarity.ms — Cisco Umbrella Rank: 1548
23 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
6 KB
4 landingi.com
popups.landingi.com — Cisco Umbrella Rank: 277017
stats.landingi.com — Cisco Umbrella Rank: 311350
lightboxes.landingi.com — Cisco Umbrella Rank: 437707
517 B
3 mythad.com
api.mythad.com — Cisco Umbrella Rank: 18566
489 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
3 gstatic.com
fonts.gstatic.com
64 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
269 KB
2 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 55958
381 B
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 13181
5 KB
2 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 44345
72 KB
2 lugc.link
cdn.lugc.link — Cisco Umbrella Rank: 345258
420 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 257
764 B
1 appspot.com
gtm-mmj9wpr-mwfly.uc.r.appspot.com
461 B
1 rubiconredirect.com
scripts.rubiconredirect.com — Cisco Umbrella Rank: 90110
37 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
2 KB
1 landingi.io
tagmanager.landingi.io — Cisco Umbrella Rank: 388913
451 B
1 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 18325
4 KB
1 landingistats.com
landingistats.com
8 KB
1 assetslp.link
assetslp.link — Cisco Umbrella Rank: 397731
31 KB
1 amazonaws.com
s3-eu-west-1.amazonaws.com
71 KB
1 promoganhei.com
promoganhei.com
4 KB
87 27
Domain Requested by
8 connect.facebook.net promoganhei.com
connect.facebook.net
7 www.facebook.com promoganhei.com
5 www.google.com promoganhei.com
5 scripts.assets-landingi.com promoganhei.com
4 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
4 old.assets-landingi.com promoganhei.com
3 api.mythad.com s1.kwai.net
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
promoganhei.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com promoganhei.com
www.googletagmanager.com
2 trc-events.taboola.com cdn.taboola.com
2 logsdk.kwai-pro.com s1.kwai.net
2 c.clarity.ms 1 redirects
2 q.clarity.ms www.clarity.ms
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 a.mgid.com promoganhei.com
2 s1.kwai.net promoganhei.com
s1.kwai.net
2 www.clarity.ms promoganhei.com
www.clarity.ms
2 cdn.lugc.link promoganhei.com
2 stats.landingi.com landingistats.com
2 styles.assets-landingi.com promoganhei.com
2 fonts.googleapis.com promoganhei.com
1 c.bing.com 1 redirects
1 lightboxes.landingi.com scripts.assets-landingi.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 trc.taboola.com cdn.taboola.com
1 gtm-mmj9wpr-mwfly.uc.r.appspot.com www.googletagmanager.com
1 scripts.rubiconredirect.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 tagmanager.landingi.io promoganhei.com
1 ucarecdn.com promoganhei.com
1 landingistats.com promoganhei.com
1 assetslp.link promoganhei.com
1 icons.assets-landingi.com promoganhei.com
1 popups.landingi.com promoganhei.com
1 s3-eu-west-1.amazonaws.com promoganhei.com
1 promoganhei.com
87 40

This site contains links to these domains. Also see Links.

Domain
www.landingiexport.com
Subject Issuer Validity Valid
promoganhei.com
GTS CA 1P5		 2023-10-18 -
2024-01-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-05-31		 a year crt.sh
assets-landingi.com
GTS CA 1P5		 2023-09-09 -
2023-12-08		 3 months crt.sh
*.landingi.com
Certum Domain Validation CA SHA2		 2023-08-16 -
2024-08-15		 a year crt.sh
assetslp.link
Amazon RSA 2048 M02		 2023-06-12 -
2024-07-10		 a year crt.sh
landingistats.com
R3		 2023-08-14 -
2023-11-12		 3 months crt.sh
cps3.ucarecdn.com
R3		 2023-09-04 -
2023-12-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tagmanager.landingi.io
Amazon RSA 2048 M02		 2023-07-31 -
2024-08-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cps7.ucarecdn.com
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
rubiconredirect.com
GTS CA 1P5		 2023-09-22 -
2023-12-21		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018		 2022-10-17 -
2023-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-09 -
2024-04-09		 a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020		 2022-12-19 -
2024-01-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://promoganhei.com/
Frame ID: 5DD5238D31C57A6A8319B29EB9A2AC2D
Requests: 85 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

98 %
HTTPS

58 %
IPv6

27
Domains

40
Subdomains

37
IPs

3
Countries

1418 kB
Transfer

3395 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11239751341/?random=1505995796&cv=11&fst=1697647400189&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&label=ET5cCO2s9csYEK39w-8p&hn=www.googleadservices.com&frm=0&value=0&auid=388274080.1697647400&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KAswZZ_gFYm9oPMPvKGNiA8&sscte=1&crd=&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5eQ2_0xkxUmnCSfTbwziQbPSSdj4YA0y2E&pscrd=Ek5DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUklsQUlnQXlIbjJYVUQ5RktkX3lveEw2bUFZTk1sbjVHbmdaX2p4OWRFaHFFNmNZcU0tSGcaWENoRUk4SVMtcVFZUWc2WFR2SVA5cE1ybkFSSXRBUEttWHg3TS0xd0h3ZVgwaXZUcG0xM1ItNE5EdEE2UmRGbkl1YWpkYUZpdFRZUlYxVzBIQ2tXQ0NxdFAiEwiflIKyhYCCAxWJHmgIHbxQA_E HTTP 302
  • https://www.google.com/pagead/1p-conversion/11239751341/?random=1505995796&cv=11&fst=1697647400189&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&label=ET5cCO2s9csYEK39w-8p&hn=www.googleadservices.com&frm=0&value=0&auid=388274080.1697647400&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUklsQUlnQXlIbjJYVUQ5RktkX3lveEw2bUFZTk1sbjVHbmdaX2p4OWRFaHFFNmNZcU0tSGcaWENoRUk4SVMtcVFZUWc2WFR2SVA5cE1ybkFSSXRBUEttWHg3TS0xd0h3ZVgwaXZUcG0xM1ItNE5EdEE2UmRGbkl1YWpkYUZpdFRZUlYxVzBIQ2tXQ0NxdFAiEwiflIKyhYCCAxWJHmgIHbxQA_E&is_vtc=1&ocp_id=KAswZZ_gFYm9oPMPvKGNiA8&cid=CAQSKQDICaaNwLNGDumKHxAlUVrsNO0UyAXG3mh5rLObaqfekklX78a9qhyb&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5cb4qG_FQw10Qv0zva1fiWk9ZiboPLNS_Q&random=1298211843
Request Chain 77
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5E5FCF8D32DF44EDB1B00E4818E62DBF&RedC=c.clarity.ms&MXFR=218889F6735A6FBE064E9A58775A615C HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E5FCF8D32DF44EDB1B00E4818E62DBF&MUID=0C976F13816369181CBA7CBD807F68BE

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promoganhei.com/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a62c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
9134e202892522bfe6fc4d0747a4bc1a48caa865af8fb537da118e7974b675c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81823d4f5d1721df-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 16:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNgmRpLHj1mAPbsJ4DFy3uR2dJUMsQeSAAMV071VqN93sxGGLghNWYBKUnvEuwBpwPAE4HG32BqPvcwEFDnC00aIJryzBX4hJE725KTsl0t6hnKCS4UQNoPtnIaNv14pbsbsYxqWigDXxNZ1AYw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
css
fonts.googleapis.com/ 		13 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext&display=swap
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25a2b2883e101f8092e78fba2f4fcc40cac3339957cb1bf95011895ae7db0fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 16:43:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 16:43:19 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700,300,300italic,400italic,700italic&subset=latin,latin-ext,cyrillic,cyrillic-ext&display=swap
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b245aac9bff42c13e51ee0c4f0316c10c85a6b5d66321216ba84e7cc355238d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 16:43:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 16:43:19 GMT
animate.css
s3-eu-west-1.amazonaws.com/landingi-ftp/script/wow/ 		71 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-eu-west-1.amazonaws.com/landingi-ftp/script/wow/animate.css
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.36.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0db128b7e942fcaa63af7dde5f31d2cd041936b0d2f48610457c63fcabc1ac97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Wed, 18 Oct 2023 16:43:20 GMT
Last-Modified
Mon, 04 Jan 2016 14:33:13 GMT
Server
AmazonS3
x-amz-request-id
5Y8NF12X10YD68DE
ETag
"c9aec60cc9e971541062957d5ab6bc80"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
72259
x-amz-id-2
TTSxo6UXZMQMYVG8aq2q27Z7yX1vQfXhj/RLfej0C1pIMtWqGOf7+ZRVmgPDcn7b8RiyzeM1T90=
2.14-landend-base.css
styles.assets-landingi.com/assets/css/ 		71 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/assets/css/2.14-landend-base.css
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:500b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a9478dc265e8889151ba37d3fa17b14d6bc5921d37c4b084179d0ede6ce9fee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WP8QJW7M4BMN85VP
age
5325
cf-polished
origSize=72731
alt-svc
h3=":443"; ma=86400
x-amz-id-2
s1uYRA7yfYeaqiotI/8uOpvh73mbmWlLAdIhdRooWupBBvtKL+Z5SZDzy9Pg9Zt/yuPlPIZJtaMhjRVTN9hxSQ==
cf-bgj
minify
last-modified
Wed, 20 Oct 2021 12:28:03 GMT
server
cloudflare
etag
W/"4bd6c0093cdc4a30726bdd4061b1b55c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMDhyXwssVtEa0Q13vfz5nGsWnM5ZpAjHoiNEBa359tvQmQzuGncRLhQtmeEHi5v5kjXjQJhHlTxf5ncHLJ7Q6v9IVMFQS4f%2Br8AzCVoIw4S5Le1m67TQDb44vMPyokSo%2FJjg8Rm2b6%2FdpWX%2FFPgly9nYExI7xbLew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
81823d54d80b3361-MIA
base.css
styles.assets-landingi.com/O6ej8Qrf/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/O6ej8Qrf/base.css
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:500b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa80bafabcae1df9ed0b26fc1741336f12e5292ccaaa942f68aab7a4e4b67d70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5Y8GFS5HNA99X0CN
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5Rk1ebMFSJqfoXxWCYbB6GHAgD2YoGFReIyFdMps7cQJlptaO4QKN6ljgR8aw31m0x/XRDgYp30=
last-modified
Fri, 13 Oct 2023 19:37:01 GMT
server
cloudflare
etag
W/"1e226c11ecd192c931b0c7bef92ca0f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2CMfGjK1ee6EM10mW9ZsxcgbUDu3rvsfyMUEjO5qzSSy3ZvSVdPqtL2jWWUTUIB5dZjJciCLhwfQO1PDju69YLZgOsh4Xv4wg0kg07s%2BDsusPxQHCGqPjpg1Ni%2BQAHs%2FaoFtvxvFtWLpDAMMP91W2bIs6P9suX32Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
81823d54d80e3361-MIA
lightbox-handler.min.js
scripts.assets-landingi.com/lightboxes/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/lightboxes/lightbox-handler.min.js?v=20200804
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6767fb67944614e4d1a3bea187aae4ebce51c437b982aee4a8eff1c831abdb78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
x-amz-version-id
dM6LPWa8tPf3i_JzZho15uaJtAP.k8HP
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z8EY6NGPQAZP85WQ
age
3073
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0XBzl3JFT1R/RJPOW19KPIbl0OWYAXBKZeU1iJZqvSlJV/YLt2r6e/Y3JkpPXUukX5rkp/9IvuA=
last-modified
Tue, 04 Aug 2020 10:21:31 GMT
server
cloudflare
etag
W/"0da80230472d5972b885b057cedb5ddb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tw%2Ffsdg0yp6azj34%2B%2F1B9Ne0pmGULM%2Bq5alFdIWrCULyfijDyA%2BhGgrFzaPQzI%2FaG3qOmhoPPesrVQRiGyJhpDLkxUCjUzRgiZAVBVcve6f4bRd4U9bXEVP5BZUII9k4ubD3cCkGLanKtZp0JV%2FwRe7qe3OeLoD2SHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d54cce7030a-MIA
install-code
popups.landingi.com/api/v3/landing/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://popups.landingi.com/api/v3/landing/install-code?apikey=5d579c7d-3546-43f3-8a29-29fb38747176&landing=b7b54b31e49d7907dbe7
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.240.27.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-27-180.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
cache-control
no-cache, private
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.3
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
lightbox-render.js
scripts.assets-landingi.com/lightboxes/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1697647398
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62a7337b2af077e515c4c7c5a391428720243dfdb77d64703f03f8e4a8672cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
x-amz-version-id
NATdxgybph4Nrnmil2Qo4bKGgPqvmN7B
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z10D3J50A849QDPD
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
RlvLKkoqB1E013uO4pfPrIEGYicl/XPm/mgACKYuCwYm+Sl1k68Nscf/zjGFDhFdwn+sofsFwHo=
last-modified
Tue, 07 Feb 2023 08:14:53 GMT
server
cloudflare
etag
W/"69ade48097846ea794898b2ff4c8001b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wos1%2BKNWMnJT1e9STt6fN4EUE5YVlIEfVQY30ULeMGmuOx0914sKUSQfs0lXMDn1ePnCzzrRdjueKxv7uMdaFTo%2FmKOHlRkqU%2Bk2I%2Fm4fDM0acp7OsUWFF%2FInsQLdQxZgHcbsz5mhEqeNwoQGgJe1oih%2F0MVLyRhf9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d58db595c66-MIA
icon_4c307182f273eae0e8dae568d57d947737107a04.svg
icons.assets-landingi.com/ 		765 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icons.assets-landingi.com/icon_4c307182f273eae0e8dae568d57d947737107a04.svg
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e200:18:4b34:9880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a80872774802456991954113ad0049ff5d1d77e53c52a7257bb59fd3ebecaefe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
via
1.1 01b8e3a9ba527e97cf26e596dffabb8e.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 00:26:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
etag
"ee2a7fa3dc21bc7b5879954f42e52edc"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
765
x-amz-cf-id
fGW-qTiQG_L7yQv4gTlTV9iMnlAADT5mUKqf9E1Eg5mG02l7UL5PLw==
jquery-3-6-0.min.js
assetslp.link/assets/js/landend/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetslp.link/assets/js/landend/jquery-3-6-0.min.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-98.iad55.r.cloudfront.net
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 10:40:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
IAD55-P4
age
8229755
via
1.1 5e85a7e9f75a591c64db206ef2e2a17c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 10 Jul 2023 07:22:58 GMT
etag
W/"15d9d-6001cda129880"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Authorization, apiKey
x-amz-cf-id
sxOW0TQTIyWVb2E8r6AmIm4eyk0C-W1kxro-ay4p2S4PNfsFkr_egA==
landend.bootstrap.min.js
old.assets-landingi.com/bootstrap/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://old.assets-landingi.com/bootstrap/js/landend.bootstrap.min.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4583cd757370087234ad06c45153007d939ab1da7032cc329b5b4b55681d61c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4SDHGQPDJ6HJPBX6
age
1260
alt-svc
h3=":443"; ma=86400
x-amz-id-2
680Q++A9aZYrkicosTFH6MRkkimFWC1+AqTVE6Mq0MJpGhGFHGRxeco+6GryzgpprYO+VbT5waY=
last-modified
Mon, 04 Jul 2016 09:10:55 GMT
server
cloudflare
etag
W/"caae3dfb363221461dc59ab8dca8497b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGGyiKZuxfVi%2F%2BBf6KDaHct%2BrTTi34LDuXWJsyaqSlshm2MKAA4y%2Bmpw9S39qAKMMxXMsd7t8dBEo4X1PuwdlWtHB0FopMCSMIXC8UTT6hlYgP3soxby9EgRtpuqGc%2FXfAKXdI3vhWrNuRJ0I7C3ygK2qDVgDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
81823d58eb615c66-MIA
webview.1.0.2.js
scripts.assets-landingi.com/webview/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/webview/webview.1.0.2.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6cc05b3c448c6ee5cf39cbe617f7de5e92a10e3368175d2e3728ba3f817fc11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
x-amz-version-id
lo5KVTpkoLFNCaf2.3GQigsR3ZeISRAx
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H3A3DB5SJNA58GT8
age
1232
cf-polished
origSize=1165
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PBc27sPxUEsiOgyqraAsbJY60oCHi9kM/8Yp5cUuPuwCrmNWKGKJQK2g5eYIgO9EXKuchyJeb2Q=
cf-bgj
minify
last-modified
Thu, 28 Sep 2023 11:29:50 GMT
server
cloudflare
etag
W/"fbaf9595c8a8597001ae91e065273844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQISebcgSoSfB64OILnUl5He7Wgo7%2FfANwKak1vioodnt6wTMDl1i6w0XWJccMadf9aTthU4Cj74tI%2FK3jdw6L1zI%2BXGt7uvffxjn8FJ%2BFg8BBWtsGkzrmn2JJxkwLT2U7U0ZLc8M2j3zZxfobFP6cpTti1w%2Fr%2Bh%2BWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d58eb685c66-MIA
landend.js
old.assets-landingi.com/assets/js/dist/landend/300123/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://old.assets-landingi.com/assets/js/dist/landend/300123/landend.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:500b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5409eb97b556b10006eb1156449a6b24171da07fee731176d8e4764e43febcf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XTV864S8V0RJD9RW
age
6323
alt-svc
h3=":443"; ma=86400
x-amz-id-2
szLUmVdh1At1cB6ycTrgxBS+qlnpVzaTTt+qbVLXEMtV96K2rOgK7NoIciG3SXtGsofmFzFNiASkq4KHY98PCg==
cf-bgj
minify
last-modified
Mon, 30 Jan 2023 13:28:57 GMT
server
cloudflare
etag
W/"097871546aae1cb5ff3acd53967ffe5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IMvgiCQEw2aTRwz2Db85Q00bIxuczVhw2ajPWamh4hRPASrTZQovMOa6dSrRo%2FANZLfDbbr9F38BbJfcYRSMFiD428rjAjUtt%2BFMwYg%2BgpJ6vLy%2FT8Du9W5lWhopwY6H7N6T380TuHcfg6P%2F88uPe485jXRMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d54ee8031d1-MIA
frodo.js
landingistats.com/assets/js/landend/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landingistats.com/assets/js/landend/frodo.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.53.227.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
1.227.53.157.ptr.anycast.net
Software
/
Resource Hash
c9b050c3a66e77d91f4dc5cf159aac31fdcb5147f055ce973d2392feadff8456
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=7776000; includeSubdomains; preload
last-modified
Tue, 17 Oct 2023 08:21:21 GMT
etag
W/"652e4401-5831"
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript
cache-control
public, max-age=43200
x-xss-protection
1; mode=block
files.js
scripts.assets-landingi.com/landend/160721/ 		784 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/landend/160721/files.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46bad547480f9d36f1fae5c9e78baa33c70341dbe827afca68a5202c2cb2f7f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
x-amz-version-id
5RfD6jWYtaqjAriJk5H8sq5paP.4RgmJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4ME72XKK664CV873
age
1385
alt-svc
h3=":443"; ma=86400
x-amz-id-2
7Cgbax4S4+ArepTPXW0Nf1ZS3Z+UkQzfQDkG5m5U/8M19Syq0uK1y1SeyIOkg0hjyusV52NcrvU=
cf-bgj
minify
last-modified
Fri, 16 Jul 2021 09:36:11 GMT
server
cloudflare
etag
W/"e48522cea4e18d818a7222d782aa9932"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMJyauQdYoaJ1OpfeXVpSoFmuCJZXPClJ3MRw%2BnM4zoEIgS%2B72K%2BQcuflh80lRM57K3GReECkeXn09bEN%2FMbHJ3%2B0%2BYiGa8wHTbvRgrXlVjgNS%2FreJHHr51CCfQjijKaIwhRIrBqzj%2Bsp8BxuUna0iEMnhro%2BbbVFNE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d58eb6e5c66-MIA
jquery.form.min.js
old.assets-landingi.com/assets/js/vendor/jquery-form/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://old.assets-landingi.com/assets/js/vendor/jquery-form/jquery.form.min.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1NZC126V2TZJS7AV
age
1249
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IPL16oVsfHFqRJ9IkvPN4apfKzzf7XAcLncvzJ6BXtdacTuj79SGY5nV4yboMnc8ik0t4Izo//Q=
last-modified
Tue, 19 Dec 2017 12:43:57 GMT
server
cloudflare
etag
W/"9e3333ab37cbd7849dc647669aa0ca12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akJyb6EoeNYpxdz8D794lii%2Feg8%2B13ZoCScoylWEsgpbBnR2szEZPYead93Q88r9sJDn3e4wcwn0ejulYT5Iz0n4augj3iNiaqX2eZ%2BNFDluFWTXeFbk6RUbjgFmcsaDhhXR9eoCCLWHFDWQ3TNtYn%2B7bp5eEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d58eb705c66-MIA
landend.min.js
scripts.assets-landingi.com/landend/250423/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/landend/250423/landend.min.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76471bf2d72c7add773294aa348dd9e6185e05adb1129936e15d460e79100130

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
x-amz-version-id
eBtQ90OxNqQpy6AhwSo5ssSLvWBdbrjv
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RKSRGZ8ZHKQQ4MSV
age
3308
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MmKK9PculuX+SFXovLYVzPq6aKhQ95T310j9kmexoWqblOXr7dflPx+VGpaYgLrDiGtewPp8Hko=
last-modified
Wed, 26 Apr 2023 07:49:01 GMT
server
cloudflare
etag
W/"2f549fbc642f1ae9f4d69ed73934a5c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuaKMZVPbHrJyrDekQG%2FFaAcZ9GNY4WgU8GOcRsoj%2BO%2BOIqwM4e3Qa9oPVAHGJSX1UnngVUfN72kwudmehA3dk0lOevnCn14JNvfL2gz8HJ0ES4mXNGSMutqaaAebW%2BarjU8FcNd7z06IMtruEeH15PW0hGXamRJpEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d566ed9030a-MIA
validation.js
old.assets-landingi.com/assets/js/landend/260820/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://old.assets-landingi.com/assets/js/landend/260820/validation.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ac92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222b64d1120f080670366757751a6e01b1a06c4e3b2f04c6fc21b0fd37b8007b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HDA3DBR5RJ4FEE6X
age
1249
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DPDCeIeSDcIcGAnRA9M2RYxLLEXxE95IFleLBvmiCL8wUvMNEStiX7aD8ErqlYFPzGEZkTJidc0=
cf-bgj
minify
last-modified
Wed, 26 Aug 2020 09:55:21 GMT
server
cloudflare
etag
W/"04525baaa773e84bc814af97fe0a0798"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbcEWZRojnFi4bD9mii%2FbSLPLfOu7A%2FwBAMlq1VRhOiFgAR13ce2VCp53qCwcjUX2txmHrUUOEuLYa2%2FxjhssyxfekpJ5yKFdLDKjpUDsQiSbnh%2FgJY8jxYgeC6tqa0kRY4VSnX3wIJURiek2mjJQyb0lVhR6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
81823d58eb735c66-MIA
blinkloader.min.js
ucarecdn.com/libs/blinkloader/3.x/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ucarecdn.com/libs/blinkloader/3.x/blinkloader.min.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:7::170f:91a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
46ef20c3bf16f3011c2c15cfd31558eedc534b0969264691d6ab0ca887f5303f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 14:31:31 GMT
server
Uploadcare
etag
W/"810637653b8b6681622cbbfa20307826"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=923
content-length
3371
gtm.js
www.googletagmanager.com/ 		311 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91d869e578f394e4d5aae6fcc4ef816b50ab3f2bc794d6ee4d4a54b059a4d06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103591
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 16:11:29 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 16:43:19 GMT
8aae0ef3-25e2-409b-ae91-0fe09a11ab57
tagmanager.landingi.io/account/ 		2 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagmanager.landingi.io/account/8aae0ef3-25e2-409b-ae91-0fe09a11ab57
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-21.iad55.r.cloudfront.net
Software
/
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 19:58:02 GMT
via
1.1 d4564d6809e10e731bfdfae814a717f8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
74717
x-amzn-requestid
0190737a-61eb-4f77-a58a-fc11b66833d0
x-amzn-trace-id
Root=1-652ee74a-0a1fb8b30251c582602ce03c
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-apigw-id
M9kToFKJjoEFiGA=
content-length
2
access-control-allow-headers
Content-Type
x-amz-cf-id
CLWTB4DzbaxD90kF_F-QKMAOfN4nDRxffk8Vs0XKVF9Z_tDoIEXqaw==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promoganhei.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:55:32 GMT
x-content-type-options
nosniff
age
442067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 13:55:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promoganhei.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 05:02:11 GMT
x-content-type-options
nosniff
age
474068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 05:02:11 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,300,300italic,400italic,700italic&subset=latin,latin-ext,cyrillic,cyrillic-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promoganhei.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:46:31 GMT
x-content-type-options
nosniff
age
442608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 13:46:31 GMT
1539676
stats.landingi.com/visit/ 		14 B
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats.landingi.com/visit/1539676
Requested by
Host: landingistats.com
URL: https://landingistats.com/assets/js/landend/frodo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.37.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-37-130.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.1.2-1ubuntu2.10
Resource Hash
bbdb35a828e64d246eb5a0f00e7e845c21c13cb93cfcbc4833572fcad96e5425

Request headers

Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://promoganhei.com
date
Wed, 18 Oct 2023 16:43:20 GMT
cache-control
no-cache, private
server
nginx
x-powered-by
PHP/8.1.2-1ubuntu2.10
content-type
application/json
/
cdn.lugc.link/912cdb28-2bb5-442c-bb60-b336c26c1d1f/-/preview/-/stretch/off/-/format/auto/-/quality/normal/-/resize/1600x/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lugc.link/912cdb28-2bb5-442c-bb60-b336c26c1d1f/-/preview/-/stretch/off/-/format/auto/-/quality/normal/-/resize/1600x/
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a53 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
d2916b04f392fe652172c29322d6097b1cc5e67d4570fcb3cd9ad2af20e6d9fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:21 GMT
x-image-width
1600
server
Uploadcare
etag
"9b86eb1111e595c614369e9887d46ea3"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556886
content-disposition
inline
x-image-height
900
x-robots-tag
noindex, nofollow, nosnippet, noarchive
content-length
214564
1539676
stats.landingi.com/visit/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stats.landingi.com/visit/1539676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.37.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-37-130.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.1.2-1ubuntu2.10
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promoganhei.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://promoganhei.com
access-control-max-age
3600
cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 16:43:20 GMT
server
nginx
vary
Origin
x-powered-by
PHP/8.1.2-1ubuntu2.10
js
www.googletagmanager.com/gtag/ 		272 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H1NR3LMMBX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60c92b64cb8d76bb2fead96f7de7f8e77b1de7f8f1bbd9824fee21912f99431a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91028
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 16:43:20 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 16:26:14 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1026
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 18 Oct 2023 18:26:14 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1569170/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1569170/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28c18eca3ce2b7e90f845c38079d68bcdc627f7043296d5ec19939a8eea41035

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
CfVsjg0pT_pVoM9WgxC4k958.Stq6_UZ
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 16:43:20 GMT
x-amz-request-id
Z107DSJQD208Y3S4
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
COMPLETED
content-length
19984
x-amz-id-2
Kna+azq9J5S28ZFeJOJBGf9tzE13kKH4mIbmQ1Sb2zTfURm0YahY/Fe8h0BjUjxyoAoRNCw6RQA=
x-served-by
cache-mia-kmia1760029-MIA
last-modified
Sun, 15 Oct 2023 11:07:35 GMT
server
AmazonS3
x-timer
S1697647400.262636,VS0,VE175
etag
"c821bb34c40e5b047fc3d1dd70c0cd64"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
4
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
/
www.googleadservices.com/pagead/conversion/11239751341/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11239751341/?random=1697647400189&cv=11&fst=1697647400189&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&label=ET5cCO2s9csYEK39w-8p&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&auid=388274080.1697647400&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
1b7e13d9535877463058a1a18c7082bc1ae7fcf643077f7963f09208a0305886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1592
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11334548253/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11334548253/?random=1697647400196&cv=11&fst=1697647400196&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&hn=www.googleadservices.com&frm=0&auid=388274080.1697647400&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef12742011d5bdb8d9c74868c9af3617aeb426e168e864d543bae638b0e86f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11310650527/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11310650527/?random=1697647400197&cv=11&fst=1697647400197&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&hn=www.googleadservices.com&frm=0&auid=388274080.1697647400&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28612edff0fa803a16b00775e26e48b4639a1b975ff368eed0f6d02a0b97b620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
k_betmais.js
scripts.rubiconredirect.com/scripts/ 		101 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.rubiconredirect.com/scripts/k_betmais.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7645e3c6b13efbe51b222b88c521eef2e3dd12bdfc2ce7781cf63aaeb7365f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
alt-svc
h3=":443"; ma=86400
x-request-id
ebf245d3-f35c-4f9b-9770-b0a83feb9e25
x-runtime
0.025085
server
cloudflare
etag
W/"3b7645e3c6b13efbe51b222b88c521ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3s5MoVtmDkixPb0yE9jarsO88Zs316F%2BGCbHzlx8z%2B9H772dHkJfQ%2B1usemiDLKTTSUpmgkyuFZ%2FiT9D1iu%2F8j5Orv97tAiGzhrbtbg%2BoPmINCuPwXNoEjI9lu9waPNvdoXrJFOsswSnaMxfpxN6jilg8znNXPFrF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
81823d5bed9c4960-MIA
b4k0azff80
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/b4k0azff80?ref=gtm2
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
95c1ce235fe252f004ef4470b3bd8917639b3754ea85fedd2deef5a0c7b4fde8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date
Wed, 18 Oct 2023 16:43:19 GMT
x-azure-ref
0KAswZQAAAAA6N9VbwJBrTqD31y3fRaACQk4xQUEyMDUxMDE4MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
1085
expires
-1
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
Cbvw93h7dwy9dAoZBS8WoBal+acRXtLLpMUecSpN/ww9xHcsms90OjeOsx7UGLRIPJ//Q7qgg1ZXC2tdz6B9XQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=505257488062357529&lib=kwaiq
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.177 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
d52670e600a9a622ecbf8771a736214bd2a1b4e0f93f3099daf549065fb399be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ks-client-ip
38.132.118.77
Date
Thu, 28 Sep 2023 01:43:34 GMT
Content-Encoding
gzip
X-Cache-Lookup
Cache Hit
x-cos-request-id
NjUxNGRhNDZfZjg4YzdjMWVfMWNlMWRfNGQyNTQ0Mg==
kwaisign
NULL
Connection
keep-alive
Content-Length
1497
X-Ks-Request-ID
4290808197445708945
X-Ks-Cache
Hit from 43.152.136.177
x-cos-hash-crc64ecma
4044651283785618082
Last-Modified
Mon, 18 Sep 2023 06:47:29 GMT
Server
tencent-cos
Etag
"fe5769af8a5bd39f3e267bd02d880e10"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
X-NWS-LOG-UUID
4290808197445708945
Accept-Ranges
bytes
mgsensor.js
a.mgid.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1697647400203
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5336d1cf6681700a554b1281809f75d823ce64e990ca6e8c42d628f69406d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
01330eb0-c2bc-4c12-801e-e1c8ca81cb04
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
81823d5dfa236dbf-MIA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11360616523&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6H3RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80f372d50bb9112d2cc608136338e70d8347ebd330405c197969927a366a57f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80137
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 16:11:29 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 16:43:20 GMT
collect
analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-H1NR3LMMBX&gtm=45je3ag0&_p=867922127&_gaz=1&cid=60041605.1697647400&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697647400&sct=1&seg=0&dl=https%3A%2F%2Fpromoganhei.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1NR3LMMBX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promoganhei.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H1NR3LMMBX&cid=60041605.1697647400&gtm=45je3ag0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1NR3LMMBX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promoganhei.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
gtm-mmj9wpr-mwfly.uc.r.appspot.com/g/ 		0
461 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtm-mmj9wpr-mwfly.uc.r.appspot.com/g/collect?v=2&tid=G-H1NR3LMMBX&gtm=45je3ag0&_p=867922127&cid=60041605.1697647400&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697647400&sct=1&seg=0&dl=https%3A%2F%2Fpromoganhei.com%2F&dt=&en=ViewContent&_et=14
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1NR3LMMBX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::99 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
server
Google Frontend
content-type
text/html
x-cloud-trace-context
5fa0ee2e56745d64c22a9502211ccdaf;o=1
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Wed, 18 Oct 2023 16:43:20 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11360616523/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11360616523/?random=1697647400485&cv=11&fst=1697647400485&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&hn=www.googleadservices.com&frm=0&auid=388274080.1697647400&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11360616523&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59671b49f9b5ed274898576967195ccce024e2ad23ed8983eb447d28f85cb255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/11239751341/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11239751341/?random=1505995796&cv=11&fst=1697647400189&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpr...
  • https://www.google.com/pagead/1p-conversion/11239751341/?random=1505995796&cv=11&fst=1697647400189&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&labe...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/11239751341/?random=1505995796&cv=11&fst=1697647400189&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&label=ET5cCO2s9csYEK39w-8p&hn=www.googleadservices.com&frm=0&value=0&auid=388274080.1697647400&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUklsQUlnQXlIbjJYVUQ5RktkX3lveEw2bUFZTk1sbjVHbmdaX2p4OWRFaHFFNmNZcU0tSGcaWENoRUk4SVMtcVFZUWc2WFR2SVA5cE1ybkFSSXRBUEttWHg3TS0xd0h3ZVgwaXZUcG0xM1ItNE5EdEE2UmRGbkl1YWpkYUZpdFRZUlYxVzBIQ2tXQ0NxdFAiEwiflIKyhYCCAxWJHmgIHbxQA_E&is_vtc=1&ocp_id=KAswZZ_gFYm9oPMPvKGNiA8&cid=CAQSKQDICaaNwLNGDumKHxAlUVrsNO0UyAXG3mh5rLObaqfekklX78a9qhyb&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5cb4qG_FQw10Qv0zva1fiWk9ZiboPLNS_Q&random=1298211843
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Server
2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/11239751341/?random=1505995796&cv=11&fst=1697647400189&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&label=ET5cCO2s9csYEK39w-8p&hn=www.googleadservices.com&frm=0&value=0&auid=388274080.1697647400&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUklsQUlnQXlIbjJYVUQ5RktkX3lveEw2bUFZTk1sbjVHbmdaX2p4OWRFaHFFNmNZcU0tSGcaWENoRUk4SVMtcVFZUWc2WFR2SVA5cE1ybkFSSXRBUEttWHg3TS0xd0h3ZVgwaXZUcG0xM1ItNE5EdEE2UmRGbkl1YWpkYUZpdFRZUlYxVzBIQ2tXQ0NxdFAiEwiflIKyhYCCAxWJHmgIHbxQA_E&is_vtc=1&ocp_id=KAswZZ_gFYm9oPMPvKGNiA8&cid=CAQSKQDICaaNwLNGDumKHxAlUVrsNO0UyAXG3mh5rLObaqfekklX78a9qhyb&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5cb4qG_FQw10Qv0zva1fiWk9ZiboPLNS_Q&random=1298211843
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11310650527/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11310650527/?random=1697647400197&cv=11&fst=1697644800000&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&frm=0&fmt=3&is_vtc=1&random=2627598188&rmt_tld=0&ipr=y
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11334548253/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11334548253/?random=1697647400196&cv=11&fst=1697644800000&bg=ffffff&guid=ON&async=1&gtm=45He3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&frm=0&fmt=3&is_vtc=1&random=1496855943&rmt_tld=0&ipr=y
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.12/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.12/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/b4k0azff80?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:19 GMT
content-encoding
br
last-modified
Thu, 12 Oct 2023 01:51:26 GMT
x-azure-ref-originshield
0+xMvZQAAAACmCV5hJGw6TaGlXRTMh3wYTU5aMjIxMDYwNjExMDExADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBCAC5BF4C06D9"
x-azure-ref
0KAswZQAAAAD+F/ftb3qfQ4TFn05aaFyYQk4xQUEyMDUxMDE4MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
bc898b66-901e-0019-7f0e-01ae60000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
json
trc.taboola.com/1569170/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1569170/trc/3/json?tim=1697647400538&data=%7B%22id%22%3A386%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1697647400532%2C%22cv%22%3A%2220231015-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpromoganhei.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-anunciotaboolaadshotmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1697647400537%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpromoganhei.com%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1569170/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00b9b2858d11160da0247a3b5bc5b681768e93be049b41ba4bb915c7bd17e398

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
48
date
Wed, 18 Oct 2023 16:43:20 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
30327
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mia-kmia1760029-MIA
x-log-content-encoding
gzip
server
nginx
x-timer
S1697647401.555347,VS0,VE48
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=867922127&t=pageview&_s=1&dl=https%3A%2F%2Fpromoganhei.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1704402077&gjid=1757159981&cid=60041605.1697647400&tid=UA-62426787-2&_gid=369363920.1697647401&_r=1&_slc=1&gtm=45He3ag0n81MT6H3RS&z=736895776
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promoganhei.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
763915048478510
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/763915048478510?v=2.9.134&r=stable&domain=promoganhei.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a2bbecb94132ec4964c82a4192a47acdc5db8bded650493233a70dd2e720562
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Nenkb+U/NtJUkx3HT3cKfgK3xOI1g8y32FgJyEDn+VmYBYMR5cbj0aQAnkLdTW4v4B1GFvI6ER7UseGfV1RHnQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11360616523/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11360616523/?random=1697647400485&cv=11&fst=1697644800000&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromoganhei.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3983291599&rmt_tld=0&ipr=y
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=867922127&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpromoganhei.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=5d2yjw&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=60041605.1697647400&tid=UA-62426787-2&_gid=369363920.1697647401&gtm=45He3ag0n81MT6H3RS&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fb4k0azff80%2F1jky1o4%2F5d2yjw&z=709981186
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:53:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6596
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62426787-2&cid=60041605.1697647400&jid=1704402077&gjid=1757159981&_gid=369363920.1697647401&_u=YADAAEAAAAAAACAAI~&z=1188391831
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 18 Oct 2023 16:43:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promoganhei.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1569170/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 16:43:20 GMT
x-amz-request-id
PGFRVJ6PFZK10CPE
age
1352
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
jq3bBrVxbK0kimCD8b1JS/0ZSCMoyxYNcY1kt1WRraGOq2pBrb9zZIKKUMz5SbEO2V3JjdFMEgs=
x-served-by
cache-mia-kmia1760029-MIA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1697647401.644415,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
65
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4894
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1569170/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 18 Oct 2023 16:43:20 GMT
x-amz-request-id
27BFPD4BVEPM50V3
age
10686
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
jk7kqQ0iwXlZWbn+f9WsIWRsoSP4TVG/ie3qS5IOTqYAHOARDY4wb1cNQGD1qJWTlYCitTEDZps=
x-served-by
cache-mia-kmia1760029-MIA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1697647401.644519,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
49
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
26006
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e849fc0d7ba7f5ea66a0118e30582ddbf7f2c5c00b02901575706e264478df21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760075-MIA
date
Wed, 18 Oct 2023 16:43:20 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://promoganhei.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
collect
q.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://promoganhei.com
Date
Wed, 18 Oct 2023 16:43:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-62426787-2&cid=60041605.1697647400&jid=1704402077&_u=YADAAEAAAAAAACAAI~&z=398834035
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1184451445539918
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1184451445539918?v=2.9.134&r=stable&domain=promoganhei.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bc6c7e12b2a8c98a62b21a5e6b9b2b046e797275541d570645b8ab6595da976
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Q2sBdmuZ2w2BlOtwQUfc94MElEphnqNT+BwFjY6LFoKLVSyteJoVwlkj17IE+RTmTPAsLB2gjXE7XiekqncrWQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=763915048478510&ev=PageView&dl=https%3A%2F%2Fpromoganhei.com%2F&rl=&if=false&ts=1697647400759&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697647400757.200476685&ler=empty&it=1697647400566&coo=false&rqm=GET
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 16:43:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1x1.gif
a.mgid.com/ 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=809932&type=c&tg=&r=https%3A%2F%2Fpromoganhei.com%2F&nv=1&clid=&clidv=0&d=1697647400872
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
81823d5f8be26dbf-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
601721308652706
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/601721308652706?v=2.9.134&r=stable&domain=promoganhei.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
951a4964d8b5c7523616ae842d6119afd5efe41d31657cf30114c874f124cc0f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
m+QbMIrpQupzGaaRv9DIbPn11yzPkypfwwkAsTY0p6uwvt31Sn94tWajw+wxpasTwIYe4dS2VWJCK7R+FObqMw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1184451445539918&ev=PageView&dl=https%3A%2F%2Fpromoganhei.com%2F&rl=&if=false&ts=1697647400920&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697647400757.200476685&ler=empty&it=1697647400566&coo=false&rqm=GET
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 16:43:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8&uad=4f4af3f7881c851f37c277855e5c056e794a0309c28882a6ef39be6607a8867d&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Oct 2023 16:43:22 GMT
cache-control
no-store
server
nginx
178881465111179
connect.facebook.net/signals/config/ 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/178881465111179?v=2.9.134&r=stable&domain=promoganhei.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f5c0ca92aa3793b7f18347ba17f4bf36db0c95c2ad6a9c095ff68dcdd690547
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
MrSJUCMsz8xdQRPx9rIeuHeV627OIubC7kvM/yAYMOzgOC7DMI/i1pflcvRxExOO0OOc/8DJxsPlsIrhy4uk+A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=601721308652706&ev=PageView&dl=https%3A%2F%2Fpromoganhei.com%2F&rl=&if=false&ts=1697647401028&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697647400757.200476685&ler=empty&it=1697647400566&coo=false&rqm=GET
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.215.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.215.227.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promoganhei.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://promoganhei.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Oct 2023 16:43:21 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ 		192 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=505257488062357529&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.215.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.215.227.35.bc.googleusercontent.com
Software
/
Resource Hash
dd7440eb8d2fc585e53ec3f53a9ff638cc20dc0e007f4d74a73a251a99a9ce25

Request headers

Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type
application/json

Response headers

date
Wed, 18 Oct 2023 16:43:21 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://promoganhei.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
740606434179776
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/740606434179776?v=2.9.134&r=stable&domain=promoganhei.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51eba2b825f0ded1c664a80f3bd6fda9c7c99976bb9e39837e55a0538ffdd17b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
erNupe93GVUtpYOHrIOxM0G7c7QOzv3AOgiXYo8iVz0BS76ewR3U9eAlpOPXCm8Ms8UzvjbOErgx+QRVWOanEw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=178881465111179&ev=PageView&dl=https%3A%2F%2Fpromoganhei.com%2F&rl=&if=false&ts=1697647401147&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697647400757.200476685&ler=empty&it=1697647400566&coo=false&rqm=GET
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
167163343011025
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/167163343011025?v=2.9.134&r=stable&domain=promoganhei.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d79923b40402adb76f542a51bb0ebac167b6a22ea1c1e8614bbd4c27893a4aa
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
smPIEvfvNiibuS85S8qNo7Tr9+Z6aprM0bn4Mg/I3VA4Yx7yzbdGP+i/UFFE8LeyN1BO8hO0PveG0uzOpU1vgg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=740606434179776&ev=PageView&dl=https%3A%2F%2Fpromoganhei.com%2F&rl=&if=false&ts=1697647401286&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697647400757.200476685&ler=empty&it=1697647400566&coo=false&rqm=GET
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
9501355023268620
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/9501355023268620?v=2.9.134&r=stable&domain=promoganhei.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c3f6852eede2cacc1ad447942e6e5851af7d3e337b71922600e010a85e8c8ba
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
qyJfPUgkMjbG0jMGz0QSr0k/eAGBD+oiG7l5ZTB95DVrlOlsbCtLBUZEGjzUPEl+L2XFqLJifzIe/gqjpIWz6w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=167163343011025&ev=PageView&dl=https%3A%2F%2Fpromoganhei.com%2F&rl=&if=false&ts=1697647401432&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697647400757.200476685&ler=empty&it=1697647400566&coo=false&rqm=GET
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
cdn.lugc.link/912cdb28-2bb5-442c-bb60-b336c26c1d1f/-/preview/-/stretch/off/-/format/auto/-/quality/normal/-/resize/1600x/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lugc.link/912cdb28-2bb5-442c-bb60-b336c26c1d1f/-/preview/-/stretch/off/-/format/auto/-/quality/normal/-/resize/1600x/
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:68::17db:9a53 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
d2916b04f392fe652172c29322d6097b1cc5e67d4570fcb3cd9ad2af20e6d9fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:21 GMT
x-image-width
1600
server
Uploadcare
etag
"9b86eb1111e595c614369e9887d46ea3"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556886
content-disposition
inline
x-image-height
900
x-robots-tag
noindex, nofollow, nosnippet, noarchive
content-length
214564
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=9501355023268620&ev=PageView&dl=https%3A%2F%2Fpromoganhei.com%2F&rl=&if=false&ts=1697647401584&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697647400757.200476685&ler=empty&it=1697647400566&coo=false&rqm=GET
Requested by
Host: promoganhei.com
URL: https://promoganhei.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 16:43:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
render
lightboxes.landingi.com/api/v1/ 		2 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lightboxes.landingi.com/api/v1/render?apikey=5d579c7d-3546-43f3-8a29-29fb38747176&landing_id=1539676&aaf=/
Requested by
Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1697647398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.74.243.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-243-250.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.3
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Oct 2023 16:43:22 GMT
cache-control
no-cache, private
server
nginx
x-powered-by
PHP/7.4.3
content-type
application/json
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5E5FCF8D32DF44EDB1B00E4818E62DBF&RedC=c.clarity.ms&MXFR=218889F6735A6FBE064E9A58775A615C
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E5FCF8D32DF44EDB1B00E4818E62DBF&MUID=0C976F13816369181CBA7CBD807F68BE
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E5FCF8D32DF44EDB1B00E4818E62DBF&MUID=0C976F13816369181CBA7CBD807F68BE
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:21 GMT
last-modified
Wed, 30 Aug 2023 19:01:59 GMT
server
Microsoft-IIS/10.0
etag
"3f4a4a7474dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 40E57852DD9A486E8E51F4A5FB712C70 Ref B: MIAEDGE2605 Ref C: 2023-10-18T16:43:21Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5E5FCF8D32DF44EDB1B00E4818E62DBF&MUID=0C976F13816369181CBA7CBD807F68BE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 		263 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=505257488062357529&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=505257488062357529&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.136.177 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
08de1641098a0a630eb19b1586b67f11d6539994eb31a913e14c816c1b1c71ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ks-client-ip
38.132.118.77
Date
Tue, 17 Oct 2023 02:48:05 GMT
Content-Encoding
gzip
X-Cache-Lookup
Cache Hit
x-cos-request-id
NjUyZGY1ZTRfZWU4YzdjMWVfNDg1Zl83YTRmZmVi
kwaisign
NULL
Connection
keep-alive
Content-Length
70932
X-Ks-Request-ID
11305923105804182305
X-Ks-Cache
Hit from 43.152.136.177
x-cos-hash-crc64ecma
15637584442252668198
Last-Modified
Tue, 17 Oct 2023 02:43:42 GMT
Server
tencent-cos
Etag
"b2da0fa3920647cd583059b64c9d74dd"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
X-NWS-LOG-UUID
11305923105804182305
Accept-Ranges
bytes
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		69 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=505257488062357529&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.119.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.119.201.35.bc.googleusercontent.com
Software
/
Resource Hash
8600e7640484d563c194c611249bd2aa9ded2750ba16463b1868c9ada9af7419

Request headers

Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://promoganhei.com
date
Wed, 18 Oct 2023 16:43:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69
content-type
text/plain;charset=UTF-8
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		70 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=505257488062357529&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.119.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.119.201.35.bc.googleusercontent.com
Software
/
Resource Hash
dc3e3cf56ae1ecedbd03bc12fea78a22bccc9bbc9c3f5c3e8dc9a8a2272660be

Request headers

Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://promoganhei.com
date
Wed, 18 Oct 2023 16:43:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
content-type
text/plain;charset=UTF-8
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ 		337 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=505257488062357529
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=505257488062357529&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.215.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.215.227.35.bc.googleusercontent.com
Software
/
Resource Hash
a872f6d03681877927827cc6191d27899506ba55c47d0aa028ff9a4dd06cd5ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:43:22 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://promoganhei.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
unip
trc-events.taboola.com/1569170/log/3/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1569170/log/3/unip?en=pre_d_eng_tb&tos=1557&scd=0&ssd=1&est=1697647400535&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1697647402093&vi=1697647400532&ri=66372261ea4e6e937437470f18b02eeb&sd=v2_f76b9033f8dc979db292dbf6bb30d025_b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8_1697647400_1697647400_CNawjgYQkuNfGNSsrp20MSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGigoJWr4_OFjDxwAQ&ui=b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8&ref=null&cv=20231015-3-RELEASE&item-url=https%3A%2F%2Fpromoganhei.com%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1569170/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://promoganhei.com
pragma
no-cache
date
Wed, 18 Oct 2023 16:43:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
q.clarity.ms/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://promoganhei.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://promoganhei.com
Date
Wed, 18 Oct 2023 16:43:22 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
unip
trc-events.taboola.com/1569170/log/3/ 		0
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1569170/log/3/unip?en=pre_d_eng_tb&tos=4561&scd=0&ssd=1&est=1697647400535&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1697647405097&vi=1697647400532&ri=66372261ea4e6e937437470f18b02eeb&sd=v2_f76b9033f8dc979db292dbf6bb30d025_b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8_1697647400_1697647400_CNawjgYQkuNfGNSsrp20MSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGigoJWr4_OFjDxwAQ&ui=b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8&ref=null&cv=20231015-3-RELEASE&item-url=https%3A%2F%2Fpromoganhei.com%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1569170/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://promoganhei.com
pragma
no-cache
date
Wed, 18 Oct 2023 16:43:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-H1NR3LMMBX&gtm=45je3ag0&_p=867922127&cid=60041605.1697647400&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697647400&sct=1&seg=0&dl=https%3A%2F%2Fpromoganhei.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H1NR3LMMBX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://promoganhei.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 16:43:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promoganhei.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Blinkloader object| landingiInternalDetails object| landingiExportDetails object| dataLayer function| $ function| jQuery object| frodo function| VideoBg function| addParamsToUrl function| createCookieForCreatio function| removeParamFromUrl function| getCookie function| saveUrlLeadIdToFormInput function| checkUrlForActionAfterSubmission function| getUrlVars object| validateCallbacks function| registerValidateCallback function| Cookies function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa object| GooglebQhCsO function| clarity function| fbq function| _fbq string| KwaiAnalyticsObject object| kwaiq object| install object| MgSensorData function| onYouTubeIframeAPIReady object| gaGlobal function| initializeNewCounter function| showRemaining function| calculateWidgetValue function| buildEndDate function| isLocalStorageAvailable function| getEndDateFromCookies function| getEndDateFromLocalStorage function| localStorageIsExpired function| saveEndDate function| getParsedAttribute object| youtubeVideos object| youtubePlayers function| positionValidationTooltips function| scrollToFirstTooltip function| P3jj function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| gaplugins object| gaData function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgr object| _mghl object| events function| Radar object| core object| _WEBLOGGER function| Weblog

27 Cookies

Domain/Path Name / Value
.taboola.com/taboolaaccount-anunciotaboolaadshotmailcom/ Name: taboola_session_id
Value: v2_f76b9033f8dc979db292dbf6bb30d025_b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8_1697647400_1697647400_CNawjgYQkuNfGNSsrp20MSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGigoJWr4_OFjDxwAQ
promoganhei.com/ Name: tid
Value: b7b54b31e49d7907dbe7
.promoganhei.com/ Name: _gcl_au
Value: 1.1.388274080.1697647400
www.clarity.ms/ Name: CLID
Value: 527f50574a1e47eab81defb48925bf33.20231018.20241017
.promoganhei.com/ Name: _ga_H1NR3LMMBX
Value: GS1.1.1697647400.1.0.1697647400.60.0.0
promoganhei.com/ Name: ls_sid_1539676
Value: b521b684-0708-4662-aabf-ff66a1e9c7aa
.promoganhei.com/ Name: _ga
Value: GA1.2.60041605.1697647400
.promoganhei.com/ Name: _gid
Value: GA1.2.369363920.1697647401
.promoganhei.com/ Name: _gat_UA-62426787-2
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlOEAqQ-3Fgky0nDIjRapoBAk_2Y5cRqy6ZRrcqq-ZwsxqVNHhiBhEJs7xB
.taboola.com/ Name: t_gid
Value: b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8
.taboola.com/ Name: t_pt_gid
Value: b2db6120-275d-4801-a97f-ae6ca861b3bf-tuctc2990a8
.promoganhei.com/ Name: _clck
Value: 1jky1o4|2|ffy|0|1386
.mgid.com/ Name: __cf_bm
Value: IqzmO_aMU.DXTymDM1Oosg5Xh8C7g5MmRaaZxjWYCbU-1697647400-0-AQYCSAxDILjz/TNIVVB28na/6SRwYa3ilJNAQUIDz5AV6L3e0Ybag2ShYxip77peedLpJ7dka1z3PYZ8Zx9jXUw=
.promoganhei.com/ Name: _fbp
Value: fb.1.1697647400757.200476685
promoganhei.com/ Name: MgidSensorNVis
Value: 1
promoganhei.com/ Name: MgidSensorHref
Value: https://promoganhei.com/
.mgid.com/ Name: muidn
Value: n9ikjxTj1rH9
.promoganhei.com/ Name: _clsk
Value: 5d2yjw|1697647400971|1|1|q.clarity.ms/collect
.bing.com/ Name: MUID
Value: 0C976F13816369181CBA7CBD807F68BE
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0C976F13816369181CBA7CBD807F68BE
promoganhei.com/ Name: _did
Value: web_343285450CF033B8
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0C976F13816369181CBA7CBD807F68BE
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
analytics.google.com
api.mythad.com
assetslp.link
c.bing.com
c.clarity.ms
cdn.lugc.link
cdn.taboola.com
cds.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-mmj9wpr-mwfly.uc.r.appspot.com
icons.assets-landingi.com
landingistats.com
lightboxes.landingi.com
logsdk.kwai-pro.com
old.assets-landingi.com
pips.taboola.com
popups.landingi.com
promoganhei.com
q.clarity.ms
s1.kwai.net
s3-eu-west-1.amazonaws.com
scripts.assets-landingi.com
scripts.rubiconredirect.com
stats.g.doubleclick.net
stats.landingi.com
styles.assets-landingi.com
tagmanager.landingi.io
trc-events.taboola.com
trc.taboola.com
ucarecdn.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
141.226.224.32
141.226.224.48
142.251.16.156
151.101.129.44
157.53.227.1
18.165.83.21
18.165.98.98
20.125.209.212
20.231.53.73
2001:4860:4802:34::181
2600:1408:7::170f:91a
2600:1408:c400:68::17db:9a53
2600:9000:2501:e200:18:4b34:9880:93a1
2606:4700:1::6813:824c
2606:4700:3031::ac43:ac92
2606:4700:3032::ac43:a62c
2606:4700:3034::6815:500b
2606:4700:e4::ac40:a903
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::99
2607:f8b0:4004:c09::69
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::8b
2620:1ec:48:1::38
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:600::300
34.240.27.180
35.201.119.36
35.227.215.158
43.152.136.177
52.48.37.130
52.92.36.64
54.74.243.250
00b9b2858d11160da0247a3b5bc5b681768e93be049b41ba4bb915c7bd17e398
08de1641098a0a630eb19b1586b67f11d6539994eb31a913e14c816c1b1c71ec
0c3f6852eede2cacc1ad447942e6e5851af7d3e337b71922600e010a85e8c8ba
0d79923b40402adb76f542a51bb0ebac167b6a22ea1c1e8614bbd4c27893a4aa
0db128b7e942fcaa63af7dde5f31d2cd041936b0d2f48610457c63fcabc1ac97
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1a9478dc265e8889151ba37d3fa17b14d6bc5921d37c4b084179d0ede6ce9fee
1b7e13d9535877463058a1a18c7082bc1ae7fcf643077f7963f09208a0305886
1f5c0ca92aa3793b7f18347ba17f4bf36db0c95c2ad6a9c095ff68dcdd690547
222b64d1120f080670366757751a6e01b1a06c4e3b2f04c6fc21b0fd37b8007b
25a2b2883e101f8092e78fba2f4fcc40cac3339957cb1bf95011895ae7db0fc6
28612edff0fa803a16b00775e26e48b4639a1b975ff368eed0f6d02a0b97b620
28c18eca3ce2b7e90f845c38079d68bcdc627f7043296d5ec19939a8eea41035
3b7645e3c6b13efbe51b222b88c521eef2e3dd12bdfc2ce7781cf63aaeb7365f
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
4583cd757370087234ad06c45153007d939ab1da7032cc329b5b4b55681d61c6
46bad547480f9d36f1fae5c9e78baa33c70341dbe827afca68a5202c2cb2f7f3
46ef20c3bf16f3011c2c15cfd31558eedc534b0969264691d6ab0ca887f5303f
4bc6c7e12b2a8c98a62b21a5e6b9b2b046e797275541d570645b8ab6595da976
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51eba2b825f0ded1c664a80f3bd6fda9c7c99976bb9e39837e55a0538ffdd17b
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
59671b49f9b5ed274898576967195ccce024e2ad23ed8983eb447d28f85cb255
5a2bbecb94132ec4964c82a4192a47acdc5db8bded650493233a70dd2e720562
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60c92b64cb8d76bb2fead96f7de7f8e77b1de7f8f1bbd9824fee21912f99431a
6767fb67944614e4d1a3bea187aae4ebce51c437b982aee4a8eff1c831abdb78
76471bf2d72c7add773294aa348dd9e6185e05adb1129936e15d460e79100130
80f372d50bb9112d2cc608136338e70d8347ebd330405c197969927a366a57f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8600e7640484d563c194c611249bd2aa9ded2750ba16463b1868c9ada9af7419
9134e202892522bfe6fc4d0747a4bc1a48caa865af8fb537da118e7974b675c0
91d869e578f394e4d5aae6fcc4ef816b50ab3f2bc794d6ee4d4a54b059a4d06b
951a4964d8b5c7523616ae842d6119afd5efe41d31657cf30114c874f124cc0f
95c1ce235fe252f004ef4470b3bd8917639b3754ea85fedd2deef5a0c7b4fde8
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a80872774802456991954113ad0049ff5d1d77e53c52a7257bb59fd3ebecaefe
a872f6d03681877927827cc6191d27899506ba55c47d0aa028ff9a4dd06cd5ee
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa80bafabcae1df9ed0b26fc1741336f12e5292ccaaa942f68aab7a4e4b67d70
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b245aac9bff42c13e51ee0c4f0316c10c85a6b5d66321216ba84e7cc355238d9
b6cc05b3c448c6ee5cf39cbe617f7de5e92a10e3368175d2e3728ba3f817fc11
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbdb35a828e64d246eb5a0f00e7e845c21c13cb93cfcbc4833572fcad96e5425
c5336d1cf6681700a554b1281809f75d823ce64e990ca6e8c42d628f69406d2a
c9b050c3a66e77d91f4dc5cf159aac31fdcb5147f055ce973d2392feadff8456
d2916b04f392fe652172c29322d6097b1cc5e67d4570fcb3cd9ad2af20e6d9fc
d52670e600a9a622ecbf8771a736214bd2a1b4e0f93f3099daf549065fb399be
d5409eb97b556b10006eb1156449a6b24171da07fee731176d8e4764e43febcf
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80
dc3e3cf56ae1ecedbd03bc12fea78a22bccc9bbc9c3f5c3e8dc9a8a2272660be
dd7440eb8d2fc585e53ec3f53a9ff638cc20dc0e007f4d74a73a251a99a9ce25
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e849fc0d7ba7f5ea66a0118e30582ddbf7f2c5c00b02901575706e264478df21
ef12742011d5bdb8d9c74868c9af3617aeb426e168e864d543bae638b0e86f33
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62a7337b2af077e515c4c7c5a391428720243dfdb77d64703f03f8e4a8672cc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e