urlscan.io logo urlscan.io
SecurityTrails logo

zoro-takes-bn-exam.pages.dev Open in urlscan Pro
172.66.47.85  Public Scan

Go To Rescan Add Verdict Report
URL: https://zoro-takes-bn-exam.pages.dev/
Submission: On December 30 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 27 HTTP transactions. The main IP is 172.66.47.85, located in United States and belongs to CLOUDFLARENET, US. The main domain is zoro-takes-bn-exam.pages.dev.
TLS certificate: Issued by WE1 on December 30th 2024. Valid for: 3 months.
This is the only time zoro-takes-bn-exam.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 172.66.47.85 13335 (CLOUDFLAR...)
2 142.250.186.34 15169 (GOOGLE)
1 192.243.61.227 39572 (ADVANCEDH...)
1 192.243.59.20 39572 (ADVANCEDH...)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 142.250.185.226 15169 (GOOGLE)
1 18.199.12.245 16509 (AMAZON-02)
3 172.240.253.132 7979 (SERVERS-COM)
1 2 172.240.108.84 7979 (SERVERS-COM)
1 142.250.185.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.132 15169 (GOOGLE)
2 2a02:b48:8301::1 39572 (ADVANCEDH...)
27 14
8    172.66.47.85 (United States)

ASN13335 (CLOUDFLARENET, US)
zoro-takes-bn-exam.pages.dev
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
pl25390805.profitablecpmrate.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
www.highperformanceformat.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
1    18.199.12.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-199-12-245.eu-central-1.compute.amazonaws.com
proftrafficcounter.com
3    172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)
atonementelectronics.com
2    172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)
unusuallypilgrim.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ep1.adtrafficquality.google
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
2    2a02:b48:8301::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
cdn.storageimagedisplay.com
Apex Domain
Subdomains		 Transfer
8 pages.dev
zoro-takes-bn-exam.pages.dev
36 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 atonementelectronics.com
atonementelectronics.com
7 KB
2 storageimagedisplay.com
cdn.storageimagedisplay.com — Cisco Umbrella Rank: 23247
119 KB
2 unusuallypilgrim.com
unusuallypilgrim.com
6 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
197 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15519
309 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
437 KB
1 highperformanceformat.com
www.highperformanceformat.com — Cisco Umbrella Rank: 100862
12 KB
1 profitablecpmrate.com
pl25390805.profitablecpmrate.com
10 KB
27 12
Domain Requested by
8 zoro-takes-bn-exam.pages.dev zoro-takes-bn-exam.pages.dev
3 atonementelectronics.com pl25390805.profitablecpmrate.com
2 cdn.storageimagedisplay.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 unusuallypilgrim.com 1 redirects
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 pagead2.googlesyndication.com zoro-takes-bn-exam.pages.dev
pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 proftrafficcounter.com pl25390805.profitablecpmrate.com
1 cdnjs.cloudflare.com zoro-takes-bn-exam.pages.dev
1 www.highperformanceformat.com zoro-takes-bn-exam.pages.dev
1 pl25390805.profitablecpmrate.com zoro-takes-bn-exam.pages.dev
27 13

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
zoro-takes-bn-exam.pages.dev
WE1		 2024-12-30 -
2025-03-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
profitablecpmrate.com
R10		 2024-12-14 -
2025-03-14		 3 months crt.sh
highperformanceformat.com
R11		 2024-12-14 -
2025-03-14		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02		 2024-10-21 -
2025-11-20		 a year crt.sh
atonementelectronics.com
R10		 2024-11-26 -
2025-02-24		 3 months crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
cdn.storageimagedisplay.com
R11		 2024-11-12 -
2025-02-10		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://zoro-takes-bn-exam.pages.dev/
Frame ID: ADD30D77F29725DD251A12FC4CCCFA87
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 25B3B55A00A0F7A36BD93D4F471ED96A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-YOUR_PUBLISHER_ID&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735595031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fzoro-takes-bn-exam.pages.dev%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735595031190&bpp=2&bdt=128&idt=58&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1339306931701&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089330%2C95345967&oid=2&pvsid=3058594816696577&tmod=1250531323&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=75
Frame ID: 81AA544BDC3E53AC02C5BBED50B1AF0A
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 450A974AAA950ECAF35B8C3C3A717A25
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63F435E84FC517A53212A3F3B90C73BF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.storageimagedisplay.com/cti/e8/60/b5/e860b59f5ec30bea9a5aa2370976aef7/1708270414.jpg
Frame ID: 5C8C58B710503D816069AF3CCC420599
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Medical MCQ Practice Dashboard

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

27
Requests

93 %
HTTPS

15 %
IPv6

12
Domains

13
Subdomains

14
IPs

4
Countries

841 kB
Transfer

2314 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://unusuallypilgrim.com/watch.1042025442249.js?key=8d639a00ff03340afd0bd49f5ad510c7&kw=%5B%22medical%22%2C%22mcq%22%2C%22practice%22%2C%22dashboard%22%5D&refer=https%3A%2F%2Fzoro-takes-bn-exam.pages.dev%2F&tz=1&dev=r&res=14.4127&rb=&uuid=312271c7-d2be-4abc-921d-d8ec1b7c620e%3A1%3A1 HTTP 307
  • https://unusuallypilgrim.com/watch.1042025442249.js?dev=r&key=8d639a00ff03340afd0bd49f5ad510c7&kw=%5B%22medical%22%2C%22mcq%22%2C%22practice%22%2C%22dashboard%22%5D&pst=1735595091&rb=&refer=https%3A%2F%2Fzoro-takes-bn-exam.pages.dev%2F&res=14.4127&rmtc=t&shu=af49d74ca7af1282d5f9a23be658788a105995bd2252bd0f182aafbc8d9685ba652e66058c99be78c563019f29492983e6c027269e4dcdfae2664a66b6464f84399c6e338751c1e333ed9e8a30b6298ea64d1fd968e6a9f1aa7fb1&tz=1&uuid=312271c7-d2be-4abc-921d-d8ec1b7c620e%3A1%3A1

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zoro-takes-bn-exam.pages.dev/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa069d87ca71909077585e5827375a61d45bef04d0c892eea71c1e2d683ab9b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8fa5352fce1bbe5c-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 30 Dec 2024 21:43:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMUaLQ2Dt1MT2BKlupyfFUnKe4%2FuWtckN7q2gQkTXPM5u%2FRy4qaErxmbTS8SoSkFZcQRAynWfzxnhHhC5XLRIhswPylwJ0G5ONv6mc4gq441wQKvW3YeCHS3NfCx5AwSt1IV1nREzxS7Uph1bnA3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=14261&min_rtt=14126&rtt_var=3212&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4494&delivery_rate=39748&cwnd=12000&unsent_bytes=0&cid=8230bf4041edf728&ts=154&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
index.css
zoro-takes-bn-exam.pages.dev/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zoro-takes-bn-exam.pages.dev/css/index.css
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea202c4078ab401136f7e57f53506b8a901d15f30c562ccb350eec24a96c8252
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
br
etag
W/"2188be0a82f3370015ea879c7d65456c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvwLhrLMgk0y6c8D4TgXa4w3H9T1LOOBRrUKoxXr8jy%2Fp0MJtXZEWISky6kDYOsPi97IKlUQY%2F65xKRgv8Z0%2BXzYJkxRyygU1NxPZmU2B5ysA3nZ1c6zRGYwrUxHCpaZMM6gkw0Iu%2FlqiLId2ldk"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14338&min_rtt=14126&rtt_var=1209&sent=19&recv=18&lost=0&retrans=0&sent_bytes=7924&recv_bytes=6266&delivery_rate=92497&cwnd=12000&unsent_bytes=0&cid=8230bf4041edf728&ts=337&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8fa535303eccbe5c-ZRH
access-control-allow-origin
*
server
cloudflare
set-modal.css
zoro-takes-bn-exam.pages.dev/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zoro-takes-bn-exam.pages.dev/css/set-modal.css
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c7c77b4d1c4386edb510faa7516df58c92f8cad17f763dfb6d7192f8407e95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
br
etag
W/"6de5b1f0feec173d1e8c72aa1707ed47"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTX3u3jjFmBnFOx7lpycBdaWw7uSYq0nPih2X8gGtMiGOaIdPePSOhTVYF7pM57%2FSjbh4NczQrYuBW8zRlxl4ID%2B06J5G4pSGPcUs6o9CO5Xar21ET8zXMu4NiIOuD4JcSXpz1o9eN73m2Gmc0rC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14338&min_rtt=14126&rtt_var=1209&sent=30&recv=18&lost=0&retrans=0&sent_bytes=19924&recv_bytes=6266&delivery_rate=92497&cwnd=12000&unsent_bytes=0&cid=8230bf4041edf728&ts=341&x=1", cfExtPri, cfHdrFlush;dur=9
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8fa535303ecebe5c-ZRH
access-control-allow-origin
*
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-YOUR_PUBLISHER_ID
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1ac04565ae97c59fbbeab7db394617ceb9babb709ec583d430b7421bf64c82af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
br
etag
1323834356468441869
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 21:43:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53321
x-xss-protection
0
server
cafe
invoke.js
pl25390805.profitablecpmrate.com/3a01aaa4bf68dace251af8b1dd380339/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pl25390805.profitablecpmrate.com/3a01aaa4bf68dace251af8b1dd380339/invoke.js
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
7e97451add00b8cfb47023e66f63354d42a3710354221ed6a7349c579313678a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
0e721d51829776508d74982b526496f0
Cache-Control
no-cache, max-age=0, private, no-cache
Content-Encoding
gzip
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 30 Dec 2024 21:43:51 GMT
Content-Type
application/javascript
Host
pl25390805.profitablecpmrate.com
Server
nginx/1.21.6
favicon-96x96.png
zoro-takes-bn-exam.pages.dev/assets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zoro-takes-bn-exam.pages.dev/assets/favicon-96x96.png
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dfe79ba9a4aefc04c1a74e8b070ae6d5f2bfd5d5936538c8684ece2a73af363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

etag
"4b131eb0cf0cfa671dd294eac075f58b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fvn1%2BXz4%2F8ZzgGpCXb9xXNGh%2BR0yJYeUIase68%2FPYAPraOjpJjP9lQqHyJevt82sORbqws0P%2BoQwJiajFf3HfMO5KLbbBRDrMhJaNjkvKn9V7%2FvuzQIH6cIDE%2F%2Fy9VkH7BP1j0dWGHceMs2zcpMz"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14338&min_rtt=14126&rtt_var=1209&sent=24&recv=18&lost=0&retrans=0&sent_bytes=12949&recv_bytes=6266&delivery_rate=92497&cwnd=12000&unsent_bytes=0&cid=8230bf4041edf728&ts=340&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8fa535303ed1be5c-ZRH
access-control-allow-origin
*
content-length
14229
server
cloudflare
invoke.js
www.highperformanceformat.com/8d639a00ff03340afd0bd49f5ad510c7/ 		25 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highperformanceformat.com/8d639a00ff03340afd0bd49f5ad510c7/invoke.js
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
606ee4e7048a125bc759fca859f20c0756bbcab6f1d9fc43d9a521f46a0a168a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
f6600bbd53f2c4655cab16c20ef831e5
Cache-Control
no-cache, max-age=0, private, no-cache
Content-Encoding
gzip
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 30 Dec 2024 21:43:51 GMT
Content-Type
application/javascript
Host
www.highperformanceformat.com
Server
nginx/1.19.5
blocking.js
zoro-takes-bn-exam.pages.dev/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zoro-takes-bn-exam.pages.dev/js/blocking.js
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebcfa2d187ad560776da5859e4188c00a75eb23400809df1942189d6a56db712
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
br
etag
W/"5188323f13ffe1005c2ef68be1883234"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRVE6KeQXRLtlonCLSB%2Bk%2Bvpv0uHWOAmiQ69rDK2s7GOCxr3hYC59gbraCVzvcGdEu6KCtIX1Ke%2BvpaDTkv7QXvoqoA5T4secUcvMO%2FKO9lcOb%2BTBmp9S3A7jBZvMKmkn72zo5cIe8qh2lX34O3b"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14293&min_rtt=14053&rtt_var=752&sent=39&recv=20&lost=0&retrans=0&sent_bytes=29524&recv_bytes=6352&delivery_rate=27649&cwnd=16800&unsent_bytes=0&cid=8230bf4041edf728&ts=354&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8fa535304eeebe5c-ZRH
access-control-allow-origin
*
server
cloudflare
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/js/ 		1 MB
437 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/js/all.min.js
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ca5d1ab7947e7c19b4914a8ebaf31f5ef8547fee7fe3c4b49125fa9159fee4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"620188b3-6d29b"
age
3552560
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4TSDWcRxZgQcjUGO205Zul1sHyfoDONzWtv5GnADR2dU6HRD00OXwO%2B1FPJ8Kni2U5rGeewDn%2BSt5UFsRhBhTm6utRIhiLqkBYsf1SySjb8Ktjg7WxMhXnw2O67Kpdn9oqb8eZg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:43:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Feb 2022 21:01:39 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fa5353068f1be77-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
447131
server
cloudflare
main.js
zoro-takes-bn-exam.pages.dev/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zoro-takes-bn-exam.pages.dev/js/main.js
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd28dca27e6911de08f41fe564102f27ef01cbe1596f092c9018009649d0b1a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
br
etag
W/"7a08329ea9397b99fc678175ccb27704"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VENP9hiMpGTVrW%2F%2BrK9xxd9w43NegbMg8SF%2FSCcC9Jojhv76dZ2kGLdZ0r7zjbNUc50gRcUVAZmK9uRK6TMHPNt%2BeqSkxufXrmP1K1yDGiKod0wW7mUIqkKMeb%2B%2FUcbLlPvTlga2cp4sCXuybTdD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14293&min_rtt=14053&rtt_var=752&sent=39&recv=20&lost=0&retrans=0&sent_bytes=29524&recv_bytes=6352&delivery_rate=27649&cwnd=16800&unsent_bytes=0&cid=8230bf4041edf728&ts=354&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8fa535304ef1be5c-ZRH
access-control-allow-origin
*
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		435 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-YOUR_PUBLISHER_ID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
br
etag
4174761130244020438
age
11717
x-content-type-options
nosniff
expires
Mon, 13 Jan 2025 18:28:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Dec 2024 18:28:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147831
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 25B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoro-takes-bn-exam.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
27669
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 14:02:42 GMT
etag
17661348622971093804
expires
Mon, 13 Jan 2025 14:02:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 81AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-YOUR_PUBLISHER_ID&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735595031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fzoro-takes-bn-exam.pages.dev%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735595031190&bpp=2&bdt=128&idt=58&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1339306931701&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089330%2C95345967&oid=2&pvsid=3058594816696577&tmod=1250531323&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoro-takes-bn-exam.pages.dev/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 21:43:51 GMT
expires
Mon, 30 Dec 2024 21:43:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
stats
proftrafficcounter.com/ 		40 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: pl25390805.profitablecpmrate.com
URL: https://pl25390805.profitablecpmrate.com/3a01aaa4bf68dace251af8b1dd380339/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.199.12.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-199-12-245.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
18220495ae05d83fa67b56a15958202c182f3f44b9c5f41edc0001e9da4d45fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

access-control-allow-origin
https://zoro-takes-bn-exam.pages.dev
content-length
40
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
text/html; charset=UTF-8
vary
Origin
server
fasthttp
access-control-allow-credentials
true
ntv.json
atonementelectronics.com/ 		4 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://atonementelectronics.com/ntv.json?key=3a01aaa4bf68dace251af8b1dd380339&vstc=1
Requested by
Host: pl25390805.profitablecpmrate.com
URL: https://pl25390805.profitablecpmrate.com/3a01aaa4bf68dace251af8b1dd380339/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
bc8def4108a22322d54d4dd22be9da4c606cbf4d020fc161b6b5b7980135992e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

X-Request-ID
0db85c4a1415605d04bae601ccdc388b
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 30 Dec 2024 21:43:51 GMT
Content-Type
application/json
Host
atonementelectronics.com
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://zoro-takes-bn-exam.pages.dev
Access-Control-Allow-Origin
https://zoro-takes-bn-exam.pages.dev
Content-Length
4257
Server
nginx/1.21.6
watch.1042025442249.js
unusuallypilgrim.com/
Redirect Chain
  • https://unusuallypilgrim.com/watch.1042025442249.js?key=8d639a00ff03340afd0bd49f5ad510c7&kw=%5B%22medical%22%2C%22mcq%22%2C%22practice%22%2C%22dashboard%22%5D&refer=https%3A%2F%2Fzoro-takes-bn-exam...
  • https://unusuallypilgrim.com/watch.1042025442249.js?dev=r&key=8d639a00ff03340afd0bd49f5ad510c7&kw=%5B%22medical%22%2C%22mcq%22%2C%22practice%22%2C%22dashboard%22%5D&pst=1735595091&rb=&refer=https%3...
3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unusuallypilgrim.com/watch.1042025442249.js?dev=r&key=8d639a00ff03340afd0bd49f5ad510c7&kw=%5B%22medical%22%2C%22mcq%22%2C%22practice%22%2C%22dashboard%22%5D&pst=1735595091&rb=&refer=https%3A%2F%2Fzoro-takes-bn-exam.pages.dev%2F&res=14.4127&rmtc=t&shu=af49d74ca7af1282d5f9a23be658788a105995bd2252bd0f182aafbc8d9685ba652e66058c99be78c563019f29492983e6c027269e4dcdfae2664a66b6464f84399c6e338751c1e333ed9e8a30b6298ea64d1fd968e6a9f1aa7fb1&tz=1&uuid=312271c7-d2be-4abc-921d-d8ec1b7c620e%3A1%3A1
Protocol
HTTP/1.1
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
92341b311f0fe29f9e1262db3017f59b74adbefe14ac852bead3be16bd2ffcb6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

X-Request-ID
8ef7e4e593f88cf5c230e720602fc636
Content-Encoding
gzip
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 30 Dec 2024 21:43:51 GMT
Content-Type
text/html
Host
unusuallypilgrim.com
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://zoro-takes-bn-exam.pages.dev
Access-Control-Allow-Origin
https://zoro-takes-bn-exam.pages.dev
Server
nginx/1.21.6

Redirect headers

X-Request-ID
e1087b3d96c1e889c4d9548bcb7692bc
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 30 Dec 2024 21:43:51 GMT
Content-Type
text/html
Host
unusuallypilgrim.com
Strict-Transport-Security
max-age=0; includeSubdomains
Cache-Control
no-cache, max-age=0, private, no-cache
Location
https://unusuallypilgrim.com/watch.1042025442249.js?dev=r&key=8d639a00ff03340afd0bd49f5ad510c7&kw=%5B%22medical%22%2C%22mcq%22%2C%22practice%22%2C%22dashboard%22%5D&pst=1735595091&rb=&refer=https%3A%2F%2Fzoro-takes-bn-exam.pages.dev%2F&res=14.4127&rmtc=t&shu=af49d74ca7af1282d5f9a23be658788a105995bd2252bd0f182aafbc8d9685ba652e66058c99be78c563019f29492983e6c027269e4dcdfae2664a66b6464f84399c6e338751c1e333ed9e8a30b6298ea64d1fd968e6a9f1aa7fb1&tz=1&uuid=312271c7-d2be-4abc-921d-d8ec1b7c620e%3A1%3A1
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Custom-Referer
https://zoro-takes-bn-exam.pages.dev
Access-Control-Allow-Origin
https://zoro-takes-bn-exam.pages.dev
Content-Length
0
Server
nginx/1.21.6
exams.json
zoro-takes-bn-exam.pages.dev/data/ 		20 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zoro-takes-bn-exam.pages.dev/data/exams.json
Requested by
Host: zoro-takes-bn-exam.pages.dev
URL: https://zoro-takes-bn-exam.pages.dev/js/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99b79de4ef89d386891a103232c3893d2cff731f460dab62e10fba5bb456a00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
br
etag
W/"c5db330136d0e504b29f10e7a51590ca"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSTVb%2Byt4lD4Z95E0OKxz%2Fw8sUw%2B7rB7e1PoVc3PxKT0t90qP%2B%2B190hOBU2IpcPnUd%2F8%2BlMa1EvyVHj0bYxpWvac9edcFJqYEbvHIaEC6C0i4UfEbAHV8PUJQC73l4sLqpCiQAOFrDs8K9gq%2FhWb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15995&min_rtt=14053&rtt_var=1895&sent=48&recv=34&lost=0&retrans=0&sent_bytes=36669&recv_bytes=7668&delivery_rate=101601&cwnd=22800&unsent_bytes=0&cid=8230bf4041edf728&ts=808&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8fa535332b8ebe5c-ZRH
access-control-allow-origin
*
server
cloudflare
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a8aab53c7517a98f9647cfe940d5add545a70b83722b1685b394ca08146721e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13087
date
Mon, 30 Dec 2024 21:43:51 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon-32x32.png
zoro-takes-bn-exam.pages.dev/assets/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zoro-takes-bn-exam.pages.dev/assets/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a6f32e97c11a09df1bb9463445a5a7372ef5461693d105c2e59b38e571bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

etag
"081d8f39c3addd2ce52651163855ca34"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FF6JgwwKVFmGxLNVOTGgvfer08Xb%2BSMjYvG9p%2BXGd68Hk9x2vtgLsOVfiFy9mHHk9TELKf2T8Hm7laCgbg6UzitPVLTFPBD9cl2GL4QNJZNh%2FkCVgYa2GH%2FccVh5h5LgYF6gkbSp51blskRc0O%2FX"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15995&min_rtt=14053&rtt_var=1895&sent=51&recv=34&lost=0&retrans=0&sent_bytes=38590&recv_bytes=7668&delivery_rate=101601&cwnd=22800&unsent_bytes=0&cid=8230bf4041edf728&ts=816&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8fa535332b95be5c-ZRH
access-control-allow-origin
*
content-length
2877
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 21:43:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Dec 2024 21:43:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 450A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoro-takes-bn-exam.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2437
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 21:03:14 GMT
expires
Mon, 30 Dec 2024 21:53:14 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 63F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PPIibGsOkSs0j5MQE7FFYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoro-takes-bn-exam.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PPIibGsOkSs0j5MQE7FFYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 21:43:51 GMT
expires
Mon, 30 Dec 2024 21:43:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
2384f878c9209d8169f2c30312c3a4967ac0f209ab4c93f828d2e3436a305ead.png
cdn.storageimagedisplay.com/si/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.storageimagedisplay.com/si/2384f878c9209d8169f2c30312c3a4967ac0f209ab4c93f828d2e3436a305ead.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
79566bdd8c3444d86acf59e2cf918dc2a25d3af8d2d5cfd56e2921894990ce21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

cache-control
max-age=172800
etag
"671038ba-14433"
expires
Wed, 01 Jan 2025 21:43:52 GMT
x-proxy-cache
HIT
accept-ranges
bytes
content-length
82995
date
Mon, 30 Dec 2024 21:43:52 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 22:05:46 GMT
server
nginx/1.21.6
x-cdn-host-id
ds7961
ren.gif
atonementelectronics.com/ 		7 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atonementelectronics.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSz2skRRSuzopKLsuq4GEvfRDJQpxMT096ZvCwbJKNG5Jlf2SX9SBIdVX1pJzqH1Z1TSfDHqIB2eMoeFA8dL5JdnF3EcWzIhMvElhwDkIuOcmKV%2F8CmSQ4sq9p3vu%2B%2Bh6891V9tmuPiQ9Lj8T1tCeVonPzlao7877nveuuycRuupvN4MOgfsm9kmVK3BPhqszn5v1GxQ%2FcmdVrd66vzbpKdoT7nmCd9JK7uKHTWMx5vlepjj93nUZUy7MWyOw7rxFUvGrFqzYqNb%2BBTf0iY6wDQx3w7jF5DZKPzn%2Fp34dkQyTx90vCdPI0m70aW0XzVKPLH91NOklaJIgnZaQdRMmjMzVS8%2Fvyz0iT%2FZOdkHb%2FE4ZyRKZef4YweXg6OsLuwPM9hApcIOTnUXSHEGoISYdg6Q4knwXjWLyGJH6yXsi8J7SiCT8V0LFgRF7GLchiRF754ghJ%2FHiJ5tSkVjOBzaiE3BxCtofI7AHyngNZHIDln0LyZ2Tmmz%2BRxPsL1AgFycuTzaUcQkZDKNEHNQ7s%2BJcObDQFm00h5kduq8V4rRFW67VaPawGrBE0m61GrR4IVmU04rBsPFsfedYHU30wvY1Mb6Mj%2B9D2F5iNEoY7MPmIOLe20eUlCkFQGIKCEhSSoMgJim65z5WpmfIhV8aG3lmunWW%2FHKR5e5fup3lbJARU96F5uSezj80OWH5u0IsMGaSR4bvZMbkwNsz55PkCOuLI9WnVo5TWwyhocspEbd6jUTP0OPebVd9vwcgS0kyd2NCTI3J1%2Bh9kckTe%2BuM5QnoAow7A5EVQ64EWJehGiV7yo01iYTbeCXklo21hKlx0wdMSWf4S8i1nVx2Tiyc3d%2FevGQh2ePn%2B01e9t%2F%2FeAtMlMl3iI%2FkrQVs9GNxOC7J3Oy0M%2BeFGlstY9mgu02Q9p7k493hVbBWp5itLpv%2FtFTY%2BGJdP7wiTr9GEy6RtyJMFybnQy6lmgvy0Yu6J8KY1GwtWJzZbu7m4vBJnWhgj02QIKkdk%2BgMLJkfkwhZOXmz1xghSD6FtidgekrOATA%2FAsm2YbMKZlECrCQ4zB4UtB7oWTkglCZSYYBqWMP%2FD4aQeaDruprLcNQ%2FQ1g5ovoMkLtHVJbqqBFV9GDs9yDN9ePm3r8bxNULlDEKlnb1QafX5qc1GHrmt%2BTBo1TwaNUS97rHAj2q%2BN1%2BlfsCCZiBC5GbUNm%2B8%2BW8AAAD%2F%2F3oAm66rBAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
f60311398f0356f51b1567f8b3005bb5
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Content-Length
7
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 30 Dec 2024 21:43:51 GMT
Content-Type
image/gif
Host
atonementelectronics.com
Server
nginx/1.21.6
impr.gif
atonementelectronics.com/ 		7 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atonementelectronics.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSzWtc1Rs%2BN%2F3xU7opVcFFN3chkkKdzp07n7goTdvYkJR%2BpKUuBDn3nHMnxzn3w%2FMxNxm6iAaky1Fwobi4eSZpsS2iuFZk4kYCBWchZJOVVNz6F8gkwRHfy%2BV9n%2Bc8L7zvc84n2%2B6QhHD0QNzIBlIperFRqfrz7wbB2%2F6KTN26v95uvt%2Bsn%2Fcv57kS90W0LO3FRtiqhE1%2Ffvn63RsrF3wle8J%2FR7Bedt6%2FsqazRFwMwqBSnX7%2BKo2plictkPk3QatZCaqVoNqq1MIW1vV%2FGeM8GOqB9w%2FJK5B8cubz8AEkGyNNvr0qTM9m%2BYVriVPUZhp9%2Fvhe2kuzIkUyK2PtIU4fn6iRmV8Xf0SW7h7thKz%2FjzCSEzL36nNE6aPj0RH1R0EYIFLgAhE%2Fg6I%2FhlBjSDoGy7Yg%2BQUwjivXkSZPVwtpB0IrmvJjAZ0KJuT%2FuA1ZTMhLnx0gTZ5cpZaazGkmsB6XkOtjyO4YuduDHXiQxR6Y%2FRiSPyfzX%2F2ONNldoEYoSF4ebS7lGDIeQ4khqPHgpr%2F04OI5uHwOCT%2FwOx3Ga62oWq%2FV6lG1yVrNdrvTqtWbglUZjTkcm842hM2HYGoIpjeR60305BDa%2FQSzVsJwD8ZOiHd7E31eohAEhSEoKEEhCQpLUPTLXa5MzZSPuDIuCk5y7SSH5Siz3W26m9muSAmoHkLzckfmH5otMHtqNIgNGWWx4dv5ITk7Ncz76MUCeuLAD2k1oJTWo7jZ5pSJWiOgcTsKOA%2Fb1TDswMgS0swd2TCQE3Lt9F%2FI5YS88dsLRHQPRu2ByXOgLgAtStC1EoP0e5cmwqy9FfFKTrvCVLjog2clcvs%2F2A1vWx2Sc0c3d%2B%2BPeQi2f%2BnBs5eDN%2F%2FcANMlcl3iA%2FkzQVc9HN3JCrJzJysM%2Be5mbmUiB9TKLF211IpTT5bFRpFpvnTVDL%2B%2BzKYH0%2FLZXWHsCk25TLuGPF2QnAu9mGkmyA9L5r6IbjmztuB06vKVW1cWl5JcC2Nklo5B5YScfs%2BByQk5u4GjF1u9OYHUY2hXInH75CQgsz2wfBMmn3EmI9BqhqPcQ%2BHKka5FM1JJAiVmmEYlzL9wNKtHmk67qSy3zUN0tQdqt5AmJfq6RF%2BVoGoI406PbK73L%2F3yxTS%2BRKS8UaS0txMprT49ttnIAz%2BitaDTbDHaasTVRoMKGgYxa9RbjUanWa%2B3YM2ka157%2Fe8AAAD%2F%2F3%2F%2B8amrBAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://zoro-takes-bn-exam.pages.dev/

Response headers

Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
30ce92babac6b2923e8bfe6202c42194
Cache-Control
no-cache, max-age=0, private, no-cache
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Content-Length
7
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 30 Dec 2024 21:43:51 GMT
Content-Type
image/gif
Host
atonementelectronics.com
Server
nginx/1.21.6
1708270414.jpg
cdn.storageimagedisplay.com/cti/e8/60/b5/e860b59f5ec30bea9a5aa2370976aef7/ Frame 5C8C 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.storageimagedisplay.com/cti/e8/60/b5/e860b59f5ec30bea9a5aa2370976aef7/1708270414.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
c5ef711e169b533fb727e0f67dbb47b732ee25927babb68cfaf4fa353f6b0026

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=172800
etag
"65d22356-94e2"
expires
Wed, 01 Jan 2025 21:43:52 GMT
x-proxy-cache
HIT
accept-ranges
bytes
content-length
38114
date
Mon, 30 Dec 2024 21:43:52 GMT
content-type
image/jpeg
last-modified
Sun, 18 Feb 2024 15:33:42 GMT
server
nginx/1.21.6
x-cdn-host-id
ds7961
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=3058594816696577&bg=!pqWlperNAAbtGp3CzRo7ADQBe5WfOJm3q9V-mRZW8nWwX0LBsPJDBsg4785ox_MQ0Cs7BLpCTpfGvoiHptUT79WEQNg-AgAAACdSAAAAAmgBB34ANjUzVVUSdeN_5VkxgzZzg1Eq-Urs03NFqzbPGvFEHpkVHcXfK0XG6RiCZSf4SNcW02fe9kwJTAoAlKj-dfr7eNBlwLnM1zAgIyTEjvsMIin3nkUKqDgMLRXkpaSA4oaIXsBATbx74i0Bi9-B54Ofhv2tVS1yz0rD7M3yjhAPnavIF0ISu_fOwGp32l1ataEEjG6g9cTyjC4_bRyo1yH6UGPUnHNZ0is8dNL-CAK66_keYpQnOdU-KVnFz3T8S3iR8fYoc8rYCv3rdmrCf_2ZAq7rmod4j17oFLIJhlT_DiXggikD36zg9hc7RMHfOo6qFBU5yWsgMPhlMyfJ2knGgy0jQz7u1EhVIjw2YEAKkZFhdFV5RC23gA6CLOREjoiB7_fBAZWHdQT12eVHhS45aX8u1hGdIqct9oG6w3qRn9bx8Gjg3ohCHTNMDmaLv3NTQ4dXbBbHHY67RoVEzCuJj6iPJRCh8f1j0Y5P6WkQXDxk22s0KYlwpDPKGMa_y6xEPmIygBbQhug-azcSEmJjk0nFvyyBDElFBtc8PK0DIQfGHQrea3azpp8Zwxqt1b42LJsxmDFE_Duj_ChKpGJtJxbFLpc6yqf2EIQV11YxLSkzv6N-BL5MNEW_Db_ptDXU41bzuRfTL_65rx1XN9xVi08WRqlw0vVPbNiF_JH5jd3s5y5b05ixer59qX7jyFkxq0swljHdzTlnLo6tq1w5zvCni7cy2cezWk_m4VM61jCAUZ2XZjnKN3kkYfrYq6AuQJJ-yEvKjAjnTtZ9_n0gdQeG3di5-ElhlyVjAQKCtP3DEPyXazt03tDYTxl2k9upImvWqZkODKX9T4aWfXoQTpLv5tv7l2GFeP-4pEt9nZo-LU0KVOqgrmaPylxiFmmq2S5zVAagGZVcq_xJ0GEih-yqZtXCf7L6eDJafrtMYhN8gabuiE48xvTxo2dNk65N710bn0UYwNjNj6BsGdizq3N0U1QlwlRZRAkYBIiVM5XZ1T7ydVSZ6HGrB9h6y83u05l9Sedxt8Cuea5qhrcHOj38B0Z0BMKYHh1YL0A2FeP5X8yacStk98BDle-XSYcqIsGhE5wS1wTV9KyTTXuT5uA44MSOYlGIGIYS1fsJphWdEaXsh83TVH10_FuAopywhmsoNoFvClt6kfg617W8qhxAXy-E8oCA_FXaFkfxKg

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| a0O function| a0J object| _0x196a1559e34586fdb function| a0c function| a0F object| LieDetector object| atAsyncContainers function| _0x184e function| _0x4223 object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| _0x3590 function| _0x1baa function| acceptCookies object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
proftrafficcounter.com/ Name: uid_id2
Value: 312271c7-d2be-4abc-921d-d8ec1b7c620e:1:1
zoro-takes-bn-exam.pages.dev/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 312271c7-d2be-4abc-921d-d8ec1b7c620e%3A1%3A1
atonementelectronics.com/ Name: u_pl25290306
Value: 1
atonementelectronics.com/ Name: pdhtkv
Value: true
atonementelectronics.com/ Name: uncs
Value: 1
atonementelectronics.com/ Name: pdhtkv49
Value: true
atonementelectronics.com/ Name: uncs49
Value: 1
atonementelectronics.com/ Name: nlec3a01aaa4bf68dace251af8b1dd380339
Value: [5629736]
zoro-takes-bn-exam.pages.dev/ Name: m5a4xojbcp2nx3gptmm633qal3gzmadn
Value: atonementelectronics.com
unusuallypilgrim.com/ Name: u_pl25288993
Value: 1
unusuallypilgrim.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNTI4ODk5MywiayI6IjhkNjM5YTAwZmYwMzM0MGFmZDBiZDQ5ZjVhZDUxMGM3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NTI0Nzg2LCJwaWQiOjI0MTQzMTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6MzIsInB0Ijo0LCJwayI6InUwZTdiZmNxdyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjE0MzYyODQsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTM2MTQyLCJibiI6IkNocm9tZSIsImJ2IjoiMTMxIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NDQsImMiOiJDSCIsIm4iOiJTd2l0emVybGFuZCJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkRhdGFzb3VyY2UifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3pvcm8tdGFrZXMtYm4tZXhhbS5wYWdlcy5kZXYvIiwiYXIiOltdfX0.oCkz8KD8VOV6kM-C2MdkLIv0Eh4Yb8P3o-l0ecfNrBk
unusuallypilgrim.com/ Name: uid_id2
Value: 312271c7-d2be-4abc-921d-d8ec1b7c620e:1:1
unusuallypilgrim.com/ Name: pdhtkv
Value: true
unusuallypilgrim.com/ Name: uncs
Value: 1
unusuallypilgrim.com/ Name: pdhtkv32
Value: true
unusuallypilgrim.com/ Name: uncs32
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atonementelectronics.com
cdn.storageimagedisplay.com
cdnjs.cloudflare.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pl25390805.profitablecpmrate.com
proftrafficcounter.com
unusuallypilgrim.com
www.google.com
www.highperformanceformat.com
zoro-takes-bn-exam.pages.dev
ep1.adtrafficquality.google
104.17.24.14
142.250.185.130
142.250.185.226
142.250.186.132
142.250.186.34
172.240.108.84
172.240.253.132
172.66.47.85
18.199.12.245
192.243.59.20
192.243.61.227
2a00:1450:4001:827::2001
2a02:b48:8301::1
18220495ae05d83fa67b56a15958202c182f3f44b9c5f41edc0001e9da4d45fe
1ac04565ae97c59fbbeab7db394617ceb9babb709ec583d430b7421bf64c82af
33a6f32e97c11a09df1bb9463445a5a7372ef5461693d105c2e59b38e571bd3c
606ee4e7048a125bc759fca859f20c0756bbcab6f1d9fc43d9a521f46a0a168a
6dfe79ba9a4aefc04c1a74e8b070ae6d5f2bfd5d5936538c8684ece2a73af363
75ca5d1ab7947e7c19b4914a8ebaf31f5ef8547fee7fe3c4b49125fa9159fee4
79566bdd8c3444d86acf59e2cf918dc2a25d3af8d2d5cfd56e2921894990ce21
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
7e97451add00b8cfb47023e66f63354d42a3710354221ed6a7349c579313678a
92341b311f0fe29f9e1262db3017f59b74adbefe14ac852bead3be16bd2ffcb6
a8aab53c7517a98f9647cfe940d5add545a70b83722b1685b394ca08146721e7
a99b79de4ef89d386891a103232c3893d2cff731f460dab62e10fba5bb456a00
bc8def4108a22322d54d4dd22be9da4c606cbf4d020fc161b6b5b7980135992e
bd28dca27e6911de08f41fe564102f27ef01cbe1596f092c9018009649d0b1a3
c5ef711e169b533fb727e0f67dbb47b732ee25927babb68cfaf4fa353f6b0026
d9c7c77b4d1c4386edb510faa7516df58c92f8cad17f763dfb6d7192f8407e95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea202c4078ab401136f7e57f53506b8a901d15f30c562ccb350eec24a96c8252
ebcfa2d187ad560776da5859e4188c00a75eb23400809df1942189d6a56db712
fa069d87ca71909077585e5827375a61d45bef04d0c892eea71c1e2d683ab9b0
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99