Submitted URL: https://zipnews.xyz/
Effective URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&...
Submission: On November 06 via manual from SG — Scanned from SG

Summary

This website contacted 27 IPs in 6 countries across 27 domains to perform 80 HTTP transactions. The main IP is 172.64.173.37, located in United States and belongs to CLOUDFLARENET, US. The main domain is totalniceposts.com.
TLS certificate: Issued by GTS CA 1P5 on October 29th 2023. Valid for: 3 months.
This is the only time totalniceposts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 173.208.96.116 396362 (LEASEWEB-...)
1 2404:6800:400... 15169 (GOOGLE)
4 139.45.197.242 9002 (RETN-AS)
1 192.243.59.13 39572 (ADVANCEDH...)
1 3.162.38.129 16509 (AMAZON-02)
1 2600:1417:3f:... 20940 (AKAMAI-ASN1)
1 2a04:4e42:400... 54113 (FASTLY)
2 192.0.76.3 2635 (AUTOMATTIC)
2 173.233.137.36 7979 (SERVERS-COM)
1 173.233.137.44 7979 (SERVERS-COM)
1 206.189.138.50 14061 (DIGITALOC...)
1 104.89.123.90 16625 (AKAMAI-AS)
3 2600:1417:3f:... 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:23d... 16509 (AMAZON-02)
1 2600:1413:a00... 20940 (AKAMAI-ASN1)
5 139.45.195.8 9002 (RETN-AS)
1 52.84.251.82 16509 (AMAZON-02)
1 104.17.188.237 13335 (CLOUDFLAR...)
1 192.0.66.24 2635 (AUTOMATTIC)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 3 139.45.197.244 9002 (RETN-AS)
1 37.48.68.71 60781 (LEASEWEB-...)
16 172.64.173.37 13335 (CLOUDFLAR...)
80 27
Apex Domain
Subdomains
Transfer
23 zipnews.xyz
zipnews.xyz
260 KB
16 totalniceposts.com
totalniceposts.com
62 KB
5 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11206
3 KB
4 ophoacit.com
ophoacit.com — Cisco Umbrella Rank: 85156
147 KB
3 psuftoum.com
psuftoum.com — Cisco Umbrella Rank: 545601
14 KB
3 dailymail.co.uk
i.dailymail.co.uk — Cisco Umbrella Rank: 10287
201 KB
2 profitablecreativeformat.com
www.profitablecreativeformat.com — Cisco Umbrella Rank: 80992
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2855
pixel.wp.com — Cisco Umbrella Rank: 2799
3 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
fonts.googleapis.com — Cisco Umbrella Rank: 31
7 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 34587
465 B
1 gstatic.com
fonts.gstatic.com
33 KB
1 metro.co.uk
metro.co.uk — Cisco Umbrella Rank: 54330
18 KB
1 thenews.com.pk
www.thenews.com.pk — Cisco Umbrella Rank: 78885
17 KB
1 thesun.co.uk
www.thesun.co.uk — Cisco Umbrella Rank: 28079
16 KB
1 bbci.co.uk
ichef.bbci.co.uk — Cisco Umbrella Rank: 8761
46 KB
1 cloudfront.net
d21y75miwcfqoq.cloudfront.net
456 B
1 crictracker.com
media.crictracker.com
251 KB
1 icccricketschedule.com
www.icccricketschedule.com — Cisco Umbrella Rank: 905276
16 KB
1 cnbcfm.com
image.cnbcfm.com — Cisco Umbrella Rank: 13332
36 KB
1 cricketaddictor.com
cricketaddictor.com
247 KB
1 husbandnights.com
husbandnights.com
1 independent.co.uk
static.independent.co.uk — Cisco Umbrella Rank: 35052
106 KB
1 cloudinary.com
onecms-res.cloudinary.com — Cisco Umbrella Rank: 84820
16 KB
1 mirror.co.uk
i2-prod.mirror.co.uk — Cisco Umbrella Rank: 32851
30 KB
1 eighthpowerfully.com
eighthpowerfully.com
0 pixelsee.app Failed
promo.pixelsee.app Failed
0 interstitial-08.com Failed
interstitial-08.com Failed
80 27
Domain Requested by
23 zipnews.xyz zipnews.xyz
16 totalniceposts.com totalniceposts.com
5 my.rtmark.net ophoacit.com
psuftoum.com
totalniceposts.com
4 ophoacit.com zipnews.xyz
ophoacit.com
3 psuftoum.com 1 redirects psuftoum.com
3 i.dailymail.co.uk zipnews.xyz
2 www.profitablecreativeformat.com zipnews.xyz
1 datatechone.com psuftoum.com
1 fonts.gstatic.com fonts.googleapis.com
1 pixel.wp.com zipnews.xyz
1 fonts.googleapis.com ajax.googleapis.com
1 metro.co.uk zipnews.xyz
1 www.thenews.com.pk zipnews.xyz
1 www.thesun.co.uk zipnews.xyz
1 ichef.bbci.co.uk zipnews.xyz
1 d21y75miwcfqoq.cloudfront.net zipnews.xyz
1 media.crictracker.com zipnews.xyz
1 www.icccricketschedule.com zipnews.xyz
1 image.cnbcfm.com zipnews.xyz
1 cricketaddictor.com zipnews.xyz
1 husbandnights.com zipnews.xyz
1 stats.wp.com zipnews.xyz
1 static.independent.co.uk zipnews.xyz
1 onecms-res.cloudinary.com zipnews.xyz
1 i2-prod.mirror.co.uk zipnews.xyz
1 eighthpowerfully.com zipnews.xyz
1 ajax.googleapis.com zipnews.xyz
0 promo.pixelsee.app Failed totalniceposts.com
0 interstitial-08.com Failed ophoacit.com
80 29

This site contains no links.

Subject Issuer Validity Valid
www.zipnews.xyz
R3
2023-09-12 -
2023-12-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
ophoacit.com
R3
2023-08-16 -
2023-11-14
3 months crt.sh
eighthpowerfully.com
R3
2023-10-30 -
2024-01-28
3 months crt.sh
mirror.co.uk
Amazon RSA 2048 M01
2023-09-17 -
2024-10-16
a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2022-12-05 -
2023-12-30
a year crt.sh
*.independent.co.uk
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-12 -
2024-09-12
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
profitablecreativeformat.com
R3
2023-09-29 -
2023-12-28
3 months crt.sh
husbandnights.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.cricketaddictor.com
R3
2023-10-14 -
2024-01-12
3 months crt.sh
*.cnbcfm.com
DigiCert TLS RSA SHA256 2020 CA1
2023-06-08 -
2024-06-08
a year crt.sh
*.dailymail.co.uk
DigiCert TLS RSA SHA256 2020 CA1
2023-09-14 -
2024-09-14
a year crt.sh
icccricketschedule.com
GTS CA 1P5
2023-10-30 -
2024-01-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-13 -
2024-05-12
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
www.bbc.co.uk
GlobalSign ECC OV SSL CA 2018
2023-10-25 -
2024-11-25
a year crt.sh
rtmark.net
R3
2023-10-07 -
2024-01-05
3 months crt.sh
*.nukcdn.com
Amazon RSA 2048 M01
2023-03-18 -
2024-04-15
a year crt.sh
metro.co.uk
R3
2023-10-14 -
2024-01-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
psuftoum.com
R3
2023-09-19 -
2023-12-18
3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-18 -
2023-12-24
a year crt.sh
totalniceposts.com
GTS CA 1P5
2023-10-29 -
2024-01-27
3 months crt.sh

This page contains 2 frames:

Frame: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_24_10_2023&sub2=propeller&sub6=745231389619925132&oaid=265550cab39097cb846065d75deff8d7
Frame ID: 45AA68156F0A8983A9F0DF6D02255D0A
Requests: 80 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D3260923959%26z%3D6145229%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DW064WKgz8J0vWf1HLzLmywLwcUSyS0R2OwCUwl86tL7LfXJCefVNenPYGDxVSPW2LDtkH4XOAQ8J2VrwFP1lP-BamzgkvNMSLLruzhD67CnWBtmE1AwuA1jWKUzGZH0wGSloTr9l_eKbHPw_rm6wTpQcTo8Rf1CBMcyaoNQqNLwr05_ekRy_AU0XlmADIZL7NX6_wESaDeKKKltQaGUu0YeDgekZxd5XohJVAMBGutDtnQp5U1SAio5d24WLE_HnmGOXY2Z1vZ_gW5IJzdImmdVrqjkQwfKagZhGo7WHBWNrsHXifI92FMbiqh1HxbeU%26bag%3DydU9kaAfa6I%3D%26ruid%3D317f0e0c-8604-43f0-bca7-15cbf9e20b27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fzipnews.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: 559CFD654970894C643678744EA27F50
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

按下允许

Page URL History Show full URLs

  1. https://zipnews.xyz/ Page URL
  2. https://psuftoum.com/4/6463517/xsx3eszh?key=8735ce00f2fb7ea4f73e7aab0eb04625 Page URL
  3. https://psuftoum.com/?z=6463517&syncedCookie=true&rhd=false HTTP 302
    https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z... Page URL
  4. https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

94 %
HTTPS

38 %
IPv6

27
Domains

29
Subdomains

27
IPs

6
Countries

1530 kB
Transfer

2669 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zipnews.xyz/ Page URL
  2. https://psuftoum.com/4/6463517/xsx3eszh?key=8735ce00f2fb7ea4f73e7aab0eb04625 Page URL
  3. https://psuftoum.com/?z=6463517&syncedCookie=true&rhd=false HTTP 302
    https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL
  4. https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://psuftoum.com/?z=6463517&syncedCookie=true&rhd=false HTTP 302
  • https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
zipnews.xyz/
168 KB
42 KB
Document
General
Full URL
https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
cee5f5e56de6c6c040859a72f19fdc383b2f627b6cf9f393892151c61f605fe5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 03:15:20 GMT
link
<https://zipnews.xyz/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding,User-Agent
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 05:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 05:56:37 GMT
mediaelementplayer-legacy.min.css
zipnews.xyz/wp-includes/js/mediaelement/
11 KB
2 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 11:53:06 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2394
expires
Mon, 13 Nov 2023 03:15:22 GMT
wp-mediaelement.min.css
zipnews.xyz/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.3.2
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 16:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
982
expires
Mon, 13 Nov 2023 03:15:22 GMT
style.css
zipnews.xyz/wp-content/plugins/taqyeem-buttons/assets/
4 KB
1 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/plugins/taqyeem-buttons/assets/style.css?ver=6.3.2
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:45:34 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
971
expires
Mon, 13 Nov 2023 03:15:22 GMT
base.min.css
zipnews.xyz/wp-content/themes/jannah/assets/css/
41 KB
8 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/css/base.min.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
1b48190f6b5b95ba8b42c901a7cfe7f786d19ceb89332eb68a00fd0d74e80134

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8167
expires
Mon, 13 Nov 2023 03:15:22 GMT
style.min.css
zipnews.xyz/wp-content/themes/jannah/assets/css/
150 KB
24 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/css/style.min.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
bd014a3e437ac3dfd36c28293f32d3179b093b564b6b2e80eadf30a5dfe7a0a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
24347
expires
Mon, 13 Nov 2023 03:15:22 GMT
widgets.min.css
zipnews.xyz/wp-content/themes/jannah/assets/css/
47 KB
8 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/css/widgets.min.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
3f295206eda7b6fcf3e4ddb59fd71bb078467c268ee5f2a214f1f9928c109f3d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8280
expires
Mon, 13 Nov 2023 03:15:22 GMT
helpers.min.css
zipnews.xyz/wp-content/themes/jannah/assets/css/
39 KB
7 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
fcee59682cffa6913f1d8cdbb0bd1f5632f8e8533c518bec64c88e4d18dadd52

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7414
expires
Mon, 13 Nov 2023 03:15:22 GMT
fontawesome.css
zipnews.xyz/wp-content/themes/jannah/assets/css/
57 KB
12 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/css/fontawesome.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12050
expires
Mon, 13 Nov 2023 03:15:22 GMT
skin.css
zipnews.xyz/wp-content/themes/jannah/assets/ilightbox/dark-skin/
12 KB
2 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2048
expires
Mon, 13 Nov 2023 03:15:22 GMT
shortcodes.min.css
zipnews.xyz/wp-content/themes/jannah/assets/css/plugins/
13 KB
3 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
83cd632bd100d02ccec1ff53c299bdb3a9c5ab01082e7f6d38f5ac2c76d5b818

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2951
expires
Mon, 13 Nov 2023 03:15:22 GMT
taqyeem.min.css
zipnews.xyz/wp-content/themes/jannah/assets/css/plugins/
7 KB
2 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/css/plugins/taqyeem.min.css?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
b9d67e17e9c993aa3e996d9d14c9405ff64a93e1c60cdd4761a498a5498635d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1634
expires
Mon, 13 Nov 2023 03:15:22 GMT
jetpack.css
zipnews.xyz/wp-content/plugins/jetpack/css/
98 KB
17 KB
Stylesheet
General
Full URL
https://zipnews.xyz/wp-content/plugins/jetpack/css/jetpack.css?ver=12.7.1
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
e3e284f113e4bcac5dff1505966a91a128687b12fae8d9c14e83d334a1f4afe6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Wed, 25 Oct 2023 11:45:57 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17368
expires
Mon, 13 Nov 2023 03:15:22 GMT
jquery.min.js
zipnews.xyz/wp-includes/js/jquery/
85 KB
29 KB
Script
General
Full URL
https://zipnews.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Wed, 09 Aug 2023 07:10:28 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29712
expires
Mon, 13 Nov 2023 03:15:22 GMT
jquery-migrate.min.js
zipnews.xyz/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://zipnews.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Wed, 09 Aug 2023 07:10:28 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4678
expires
Mon, 13 Nov 2023 03:15:22 GMT
1
ophoacit.com/
42 KB
16 KB
Script
General
Full URL
https://ophoacit.com/1?z=6145229
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3ce540bb1b86b579f9720602d4c417a31172885a70f0738d28c0c77eebbac83a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-trace-id
e98ce2b353560760bfe055670401925a
pragma
no-cache
date
Mon, 06 Nov 2023 03:15:23 GMT
content-encoding
gzip
x-sc
8zg8bsROa7upcdsnhCZmqn5j3hLuPL-APzdFSWU33yqXTElo1uP-TWc_xrnVm41TMGMS4zyzN7_G0YoVDVr9WUcmqYM=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
77245603ae919cd5a00f8976ab955670.js
eighthpowerfully.com/77/24/56/
0
0
Script
General
Full URL
https://eighthpowerfully.com/77/24/56/77245603ae919cd5a00f8976ab955670.js
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 03:15:22 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
0_Screenshot-3730.jpg
i2-prod.mirror.co.uk/incoming/article31365706.ece/ALTERNATES/s615/
29 KB
30 KB
Image
General
Full URL
https://i2-prod.mirror.co.uk/incoming/article31365706.ece/ALTERNATES/s615/0_Screenshot-3730.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-129.cdg52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e95e1c57b0f954d05ce99955b68c8b3c52e6ffd647e5c3cb30e6c547bb1eba23
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 13:44:58 GMT
content-security-policy
frame-ancestors 'self';
via
1.1 varnish, 1.1 1555ca1a6d04e6573864aa2ce73e3f86.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P6
age
48624
x-cache
Hit from cloudfront
x-removedcookies
YES
content-length
29854
x-served-by
nat-cache-plus302.tm-aws.com
last-modified
Sun, 05 Nov 2023 13:05:41 GMT
server
Apache-Coyote/1.1
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
261013477 263030429
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Y6CaSDVV9orRcjVDZJDU846P_uVte4uBVyUic62MOWscV3weLrvA-A==
x-cache-hits
14
607f99bec9fa00c8ca80e4d777df88c59ab8e03f.jpg
onecms-res.cloudinary.com/image/upload/s--nd0PQyIV--/fl_relative,g_south_east,l_one-cms:core:watermark:afp_watermark,w_0.1/f_auto,q_auto/c_fill,g_auto,h_676,w_1200/v1/one-cms/core/
16 KB
16 KB
Image
General
Full URL
https://onecms-res.cloudinary.com/image/upload/s--nd0PQyIV--/fl_relative,g_south_east,l_one-cms:core:watermark:afp_watermark,w_0.1/f_auto,q_auto/c_fill,g_auto,h_676,w_1200/v1/one-cms/core/607f99bec9fa00c8ca80e4d777df88c59ab8e03f.jpg?itok=VajcFVID
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1417:3f:789::523 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
15c42aba74df8c4a0e59b061d2cf61456bf8c07addce4173529148cf7381a73c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 06 Nov 2023 02:34:37 GMT
server
Cloudinary
etag
"de72f870217ae51d4a4fe76a0baa23f3"
vary
Accept,User-Agent,Save-Data
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
server-timing
cld-akam;dur=40;cpu=17;start=2023-11-06T03:15:22.155Z;desc=miss,rtt;dur=2,content-info;desc="width=1200,height=676,bytes=16166,owidth=768,oheight=512,obytes=90164",cloudinary;dur=17;start=2023-11-06T03:15:22.174Z
accept-ranges
bytes
timing-allow-origin
*
content-length
16166
f8e79b6eb792b8c320b18f6894001f36Y29udGVudHNlYXJjaGFwaSwxNjk5MzI0Nzg5-2.74466183.jpg
static.independent.co.uk/2023/11/06/03/
106 KB
106 KB
Image
General
Full URL
https://static.independent.co.uk/2023/11/06/03/f8e79b6eb792b8c320b18f6894001f36Y29udGVudHNlYXJjaGFwaSwxNjk5MzI0Nzg5-2.74466183.jpg?width=1200&auto=webp
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae04004032ce6953c6bd07a115905991fd0eedfa4919506361182c881a2d9e40

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img02-europe-west2
x-amz-request-id
KJTY1V7H7KC78PNQ
x-amz-server-side-encryption
AES256
age
798
x-cache
HIT, MISS
fastly-io-info
ifsz=529139 idim=2531x1687 ifmt=jpeg ofsz=108047 odim=1200x800 ofmt=avif
xbe
shield_london_city_uk
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
108047
x-amz-id-2
P869z9yUQ24wgAzrxXisBtSawiLbihdXkMpUC4HBvH/7DXT8AbUgpx/pbDpsJdgfkvX9PCPLCXQqTL7WOBa5yA==
x-served-by
cache-lcy-eglc8600039-LCY, cache-maa10250-MAA
server
AmazonS3
x-timer
S1699240523.656280,VS0,VE174
etag
"NrRdkzWC0BPmw8XIl7fmBCTut2HFsrSRG8F095B2jrk"
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
5, 0
scripts.min.js
zipnews.xyz/wp-content/themes/jannah/assets/js/
23 KB
7 KB
Script
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/js/scripts.min.js?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
f52ec3f4d0b043a36683a54caef45ae1158780aede5f886a6a1b63b61668e0d3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6908
expires
Mon, 13 Nov 2023 03:15:22 GMT
lightbox.js
zipnews.xyz/wp-content/themes/jannah/assets/ilightbox/
80 KB
24 KB
Script
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
24345
expires
Mon, 13 Nov 2023 03:15:22 GMT
sliders.min.js
zipnews.xyz/wp-content/themes/jannah/assets/js/
48 KB
11 KB
Script
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/js/sliders.min.js?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11214
expires
Mon, 13 Nov 2023 03:15:23 GMT
shortcodes.js
zipnews.xyz/wp-content/themes/jannah/assets/js/
11 KB
4 KB
Script
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/js/shortcodes.js?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
b965ff50c9592406d6214cebdbb0776084d3e44283fcb6448efb75be4762d68f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3737
expires
Mon, 13 Nov 2023 03:15:23 GMT
desktop.min.js
zipnews.xyz/wp-content/themes/jannah/assets/js/
18 KB
5 KB
Script
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/js/desktop.min.js?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
b66fc18fef504d695b9c3dd1596d4fce5f282ac0fa71709302ed647c76292a15

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5588
expires
Mon, 13 Nov 2023 03:15:23 GMT
e-202345.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202345.js
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT sin
date
Mon, 06 Nov 2023 03:15:22 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684464930779.0781
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 04 Nov 2024 01:54:38 GMT
br-news.js
zipnews.xyz/wp-content/themes/jannah/assets/js/
5 KB
2 KB
Script
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/js/br-news.js?ver=6.3.0
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
content-encoding
br
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1790
expires
Mon, 13 Nov 2023 03:15:23 GMT
702d0c36-4921-4e98-a702-e1142c89440b
https://zipnews.xyz/
1 KB
0
Other
General
Full URL
blob:https://zipnews.xyz/702d0c36-4921-4e98-a702-e1142c89440b
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
invoke.js
www.profitablecreativeformat.com/5ae986ec874d7b3091ea68a2d32076d4/
0
0
Script
General
Full URL
https://www.profitablecreativeformat.com/5ae986ec874d7b3091ea68a2d32076d4/invoke.js
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://zipnews.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 06 Nov 2023 03:15:23 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
husbandnights.com/0ce8f05835508839ac34defd2ef6b3c6/
0
0
Script
General
Full URL
https://husbandnights.com/0ce8f05835508839ac34defd2ef6b3c6/invoke.js
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://zipnews.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 06 Nov 2023 03:15:24 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
tielabs-fonticon.woff
zipnews.xyz/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/
40 KB
40 KB
Font
General
Full URL
https://zipnews.xyz/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.3.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a

Request headers

Referer
https://zipnews.xyz/wp-content/themes/jannah/assets/css/helpers.min.css?ver=6.3.0
Origin
https://zipnews.xyz
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
last-modified
Thu, 13 Jul 2023 09:39:47 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
40812
expires
Mon, 13 Nov 2023 03:15:23 GMT
Virat-Kohli.jpeg
cricketaddictor.com/wp-content/uploads/2023/11/
247 KB
247 KB
Image
General
Full URL
https://cricketaddictor.com/wp-content/uploads/2023/11/Virat-Kohli.jpeg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.189.138.50 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1143844.cloudwaysapps.com
Software
nginx /
Resource Hash
678a2cced765025b5e5812c4bc40421dc71956f97803756981ec96940e49f092

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
last-modified
Fri, 03 Nov 2023 07:54:25 GMT
server
nginx
etag
"6544a731-3db16"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
252694
107277898-Thumbnail_Digital_Originals_SG_Political_Scandal_Clean.jpg
image.cnbcfm.com/api/v1/image/
36 KB
36 KB
Image
General
Full URL
https://image.cnbcfm.com/api/v1/image/107277898-Thumbnail_Digital_Originals_SG_Political_Scandal_Clean.jpg?v=1690507349&w=750&h=422&vtcrop=y
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.123.90 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-123-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1691caa33ab98d65c3aefe0f50cd1a53972e86b3a1fe288bc5a67b7ccfbb09fa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-aicache-os
xxx.xx.5.114:18089
date
Mon, 06 Nov 2023 03:15:23 GMT
imageservice-application-version
v1
imageservice-revision
c1a8a89529ee421fc42b922163fec3878653a4d1
imageservice-requestid
H-1697602055755-64642176
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
access-control-allow-credentials
*
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699240523977_387980556_1994595709_16_4330_4_17_146";dur=1
imageservice-release-version
2.0.14
content-length
36860
x-application-context
application:prod:18089
expires
Wed, 06 Dec 2023 03:15:23 GMT
77410591-12713297-These_shocking_revelations_are_from_a_veteran_Tory_politician_I_-m-9_1699218684802.jpg
i.dailymail.co.uk/1s/2023/11/05/21/
22 KB
22 KB
Image
General
Full URL
https://i.dailymail.co.uk/1s/2023/11/05/21/77410591-12713297-These_shocking_revelations_are_from_a_veteran_Tory_politician_I_-m-9_1699218684802.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1417:3f:bb5::16c2 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e2759a04f115bf0f650b0af934687c31ff420ab02c89bb3b010f02e0e798b2d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
0zsRKzBK4EBmoZmpld3JB0UvVYg5hkLx
date
Mon, 06 Nov 2023 03:15:23 GMT
x-origin
cloudfront
x-amz-cf-pop
SFO53-P2
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-length
22631
x-mol-img
avif
last-modified
Sun, 05 Nov 2023 21:11:29 GMT
server
AmazonS3
etag
"8eb257bde13c7104a73fbc4c62981f08"
content-type
image/avif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EnkKuBXE16ll9qcEGcBz12jP2_cmQKqrsDyOW1N8yiDzo56VNiwg4w==
expires
Wed, 06 Dec 2023 03:15:23 GMT
World-Cup-2023-Points-Table-Updated-November-6-640x250.jpg
www.icccricketschedule.com/wp-content/uploads/2023/11/
16 KB
16 KB
Image
General
Full URL
https://www.icccricketschedule.com/wp-content/uploads/2023/11/World-Cup-2023-Points-Table-Updated-November-6-640x250.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa43c49c0bd10316ea615e9aa2ef21193a00a1e6d94c3d446d7a668a2d192c18

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Nov 2023 02:44:26 GMT
server
cloudflare
cf-polished
origSize=19039
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
821a2bf8ff2fa048-SIN
alt-svc
h3=":443"; ma=86400
content-length
16423
1698681932988_Sri-Lankan-Cricket-Team.jpeg
media.crictracker.com/media/attachments/
250 KB
251 KB
Image
General
Full URL
https://media.crictracker.com/media/attachments/1698681932988_Sri-Lankan-Cricket-Team.jpeg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f500213aaf6ff768c43c84b75fc614c5c5db26829178a6953817d4061a6566
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
x-amz-version-id
null
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-request-id
9YWRBF11JCY1CD64
age
1084
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
255615
x-amz-id-2
H8uSa2bOq9zjQm8BjALYVhoIcmfR2jcM7OKBP5yC1GnweSA2gdu14Do5ucVIbJHeMKW0BdeyDcc=
cf-bgj
h2pri
last-modified
Mon, 30 Oct 2023 16:05:39 GMT
server
cloudflare
etag
"06091a0db0049f2bf4675c0c7ae06171"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FepUVWKDl2PHHnwRcdAAwrWNiQUKaiMlU4Z31oYf2OhAX4Fix0tLW0CROCTHpe8kNsCEXGaXArNvKMp2rb140FOwPYD2F8I%2B99FUrzpGw2579F9qrPSdFDtpFOBgpXYAX0yH1kSNogZ30B2M1ftP0YU7eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=120
accept-ranges
bytes
cf-ray
821a2bf8ff05892c-SIN
70c8fc80
d21y75miwcfqoq.cloudfront.net/
68 B
456 B
Image
General
Full URL
https://d21y75miwcfqoq.cloudfront.net/70c8fc80
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:8400:1b:ef38:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:24 GMT
x-amz-version-id
null
via
1.1 4cad8a97cc16b078d964f8e158a1b4ae.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 18:06:55 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
etag
"91e42db1c66c0b276abf6234dc50b2eb"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
68
x-amz-cf-id
O8CXz6-oQ5TCwnTIal2sUVAIvd7t8cAv6odHWkNd3_-ZN5K-j6Jerg==
_131625892_p0gqx5zh.jpg
ichef.bbci.co.uk/news/1024/branded_news/749C/production/
46 KB
46 KB
Image
General
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/749C/production/_131625892_p0gqx5zh.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:a000:49e::f33 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27ef365c9391d758421572cbc3b7228bbf7f554ded3617434920cb90900d49af

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:23 GMT
x-amz-server-side-encryption
AES256
content-length
46875
last-modified
Sun, 05 Nov 2023 23:24:56 GMT
server
AmazonS3
etag
"8f14a51b34bb67b3b8ff7084e37f2cfa"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Mon, 04 Nov 2024 23:25:20 GMT
16252007f3b3918d0da1ccd482c4cb4d
ophoacit.com/27/
403 KB
128 KB
Script
General
Full URL
https://ophoacit.com/27/16252007f3b3918d0da1ccd482c4cb4d
Requested by
Host: ophoacit.com
URL: https://ophoacit.com/1?z=6145229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
db0b413c92eef041a6dda8e7279a8cbee06755eab7b751c88bdbc22781e7e78a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-trace-id
d202e1dc78cda481504447d5474a2b04
date
Mon, 06 Nov 2023 03:15:23 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
last-modified
Tue, 31 Oct 2023 09:15:51 GMT
server
nginx
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Tue, 30 Nov 2083 09:15:51 GMT
gid.js
my.rtmark.net/
65 B
542 B
XHR
General
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: ophoacit.com
URL: https://ophoacit.com/27/16252007f3b3918d0da1ccd482c4cb4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d508a4615eac0ecd6fadb07f90555a74c089fb823ae0a9e48a1ebaf060256356
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://zipnews.xyz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
invoke.js
www.profitablecreativeformat.com/f4ac1c9e15492816c39437a447dea174/
0
0
Script
General
Full URL
https://www.profitablecreativeformat.com/f4ac1c9e15492816c39437a447dea174/invoke.js
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://zipnews.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 06 Nov 2023 03:15:24 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
newlyweds-outside-church-wedding-ruined-855278465.jpg
www.thesun.co.uk/wp-content/uploads/2023/10/
16 KB
16 KB
Image
General
Full URL
https://www.thesun.co.uk/wp-content/uploads/2023/10/newlyweds-outside-church-wedding-ruined-855278465.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-82.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
f8b9ebd631207b76cebf4b4095d50ad4adb0d7dd9ac5fada2ae4c896ebaf5e80
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 12:17:03 GMT
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
831501
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16152
x-rq
lhr4 109 195 443
last-modified
Fri, 27 Oct 2023 12:05:22 GMT
server
nginx
etag
"9d748c9dcc138f36"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bHDst27y_aFwOEOwDec9M5mGEe74SHiQfzMcTeOmVWbVM1q7AiqAuw==
l_1123053_083106_updates.jpg
www.thenews.com.pk/assets/uploads/updates/2023-10-26/
17 KB
17 KB
Image
General
Full URL
https://www.thenews.com.pk/assets/uploads/updates/2023-10-26/l_1123053_083106_updates.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.188.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9080c40e73f14b0fa70d5a08c2cdc666e7cce1bf6272a827f86ad57ec7e48

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:24 GMT
via
1.1 varnish (Varnish/6.0)
cf-cache-status
HIT
age
405775
cf-polished
qual=85, origFmt=jpeg, origSize=24425
x-cache
MISS
content-disposition
inline; filename="l_1123053_083106_updates.webp"
alt-svc
h3=":443"; ma=86400
content-length
17422
cf-bgj
imgq:85,h2pri
last-modified
Thu, 26 Oct 2023 15:31:06 GMT
server
cloudflare
vary
Accept
content-type
image/webp
access-control-allow-origin
*
x-varnish
19602084
cache-control
public, max-age=5184000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
821a2bfd8ee36bcd-SIN
expires
Fri, 05 Jan 2024 03:15:24 GMT
76932785-12665303-image-a-17_1698146213999.jpg
i.dailymail.co.uk/1s/2023/10/24/12/
63 KB
63 KB
Image
General
Full URL
https://i.dailymail.co.uk/1s/2023/10/24/12/76932785-12665303-image-a-17_1698146213999.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1417:3f:bb5::16c2 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93095baa239c5add6d9838d402e414ee3d58135d55cde292ad0f31746b789940

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
5KnzynM1abk.0.1vzQeHBfPCqYYHggoG
date
Mon, 06 Nov 2023 03:15:24 GMT
x-origin
cloudfront
x-amz-cf-pop
SFO5-C1
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-length
64278
x-mol-img
avif
last-modified
Tue, 24 Oct 2023 11:16:56 GMT
server
AmazonS3
etag
"adcf0ad59cf466535ae8f9f18f8ab281"
content-type
image/avif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
bPJk3J_nxuHH-8lMtqqiFaNYBzyiSL4x628XRzICdNrN_v6LoLjQXQ==
expires
Wed, 06 Dec 2023 03:15:24 GMT
GettyImages-1762174836-825c.jpg
metro.co.uk/wp-content/uploads/2023/10/
18 KB
18 KB
Image
General
Full URL
https://metro.co.uk/wp-content/uploads/2023/10/GettyImages-1762174836-825c.jpg?quality=90&strip=all&zoom=1&resize=644,429
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
156a886cb1617a72f469822037d11e4adf9af98634e254df228da3dc99dd91ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:24 GMT
strict-transport-security
max-age=31536000
x-rq
sin1 115 147 443
last-modified
Sun, 29 Oct 2023 21:14:11 GMT
server
nginx
etag
"09d627e38a1ed2e9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18146
77043405-12674719-image-a-1_1698340721511.jpg
i.dailymail.co.uk/1s/2023/10/26/18/
115 KB
115 KB
Image
General
Full URL
https://i.dailymail.co.uk/1s/2023/10/26/18/77043405-12674719-image-a-1_1698340721511.jpg
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1417:3f:bb5::16c2 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66d5fffa6409eb61bafbad3b717016337ee72290902caab46ef2c55c285d73db

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
2wsOMcyNvc_VVBzxph4Aw2iWtey2Zr13
date
Mon, 06 Nov 2023 03:15:24 GMT
x-origin
cloudfront
x-amz-cf-pop
SFO5-C1
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-length
117648
x-mol-img
avif
last-modified
Thu, 26 Oct 2023 17:18:45 GMT
server
AmazonS3
etag
"7abeac8b8ac5a62b5a0d425af9e5b7c2"
content-type
image/avif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
OUfcyvqqSzjGhgi7y7pPDXAk1xY65Kd1MSFLYHj0CrWtYdOMMYpPbw==
expires
Wed, 06 Dec 2023 03:15:24 GMT
css
fonts.googleapis.com/
4 KB
1003 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600,regular&subset=latin&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a0a7bbb6080642db26b792d41d2cb6bf7123ecee3247e2fbcde39e5498851f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 03:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:11:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 03:15:24 GMT
g.gif
pixel.wp.com/
50 B
153 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=221467135&post=0&tz=-5.5&srv=zipnews.xyz&j=1%3A12.7.1&host=zipnews.xyz&ref=&fcp=6069&rand=0.004049762101066001
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Nov 2023 03:15:24 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
wp-emoji-release.min.js
zipnews.xyz/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://zipnews.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: zipnews.xyz
URL: https://zipnews.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.208.96.116 Chantilly, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
s516.nyc8.mysecurecloudhost.com
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://zipnews.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:24 GMT
content-encoding
br
last-modified
Wed, 01 Feb 2023 19:53:26 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Mon, 13 Nov 2023 03:15:24 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600,regular&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zipnews.xyz
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 05:47:38 GMT
x-content-type-options
nosniff
age
422866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 05:47:38 GMT
9
ophoacit.com/ Frame
0
0
Preflight
General
Full URL
https://ophoacit.com/9?z=6145229&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fzipnews.xyz%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=557297fa31324511b2106bd80070f19c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://zipnews.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://zipnews.xyz
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Mon, 06 Nov 2023 03:15:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
9
ophoacit.com/
6 KB
3 KB
XHR
General
Full URL
https://ophoacit.com/9?z=6145229&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fzipnews.xyz%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=557297fa31324511b2106bd80070f19c
Requested by
Host: ophoacit.com
URL: https://ophoacit.com/27/16252007f3b3918d0da1ccd482c4cb4d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://zipnews.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
9da40d6d3c109aaf416cc00b4dcaf88e
pragma
no-cache
date
Mon, 06 Nov 2023 03:15:25 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://zipnews.xyz
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
xsx3eszh
psuftoum.com/4/6463517/
29 KB
13 KB
Document
General
Full URL
https://psuftoum.com/4/6463517/xsx3eszh?key=8735ce00f2fb7ea4f73e7aab0eb04625
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://zipnews.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 06 Nov 2023 03:15:25 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
c4ff649b685bbb97c68b2eb1e07778d6
11
ophoacit.com/
0
0

/
interstitial-08.com/ Frame 559C
0
0

sftouch
psuftoum.com/
2 B
609 B
Ping
General
Full URL
https://psuftoum.com/sftouch?userId=6b9e4527d4de4447860bb3e92e2f7293&z=6463517&p_rid=62b5eb32-9592-44bd-ab4b-e93af2dc197d&p_src=sf
Requested by
Host: psuftoum.com
URL: https://psuftoum.com/4/6463517/xsx3eszh?key=8735ce00f2fb7ea4f73e7aab0eb04625
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://psuftoum.com/4/6463517/xsx3eszh?key=8735ce00f2fb7ea4f73e7aab0eb04625
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
198444de102ddbfc65c245a975915a69
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://psuftoum.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/
43 B
490 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=6b9e4527d4de4447860bb3e92e2f7293&z=6463517&p_rid=62b5eb32-9592-44bd-ab4b-e93af2dc197d&p_src=sf
Requested by
Host: psuftoum.com
URL: https://psuftoum.com/4/6463517/xsx3eszh?key=8735ce00f2fb7ea4f73e7aab0eb04625
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://psuftoum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/
2 B
465 B
XHR
General
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: psuftoum.com
URL: https://psuftoum.com/4/6463517/xsx3eszh?key=8735ce00f2fb7ea4f73e7aab0eb04625
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://psuftoum.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 06 Nov 2023 03:15:26 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://psuftoum.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
/
totalniceposts.com/
Redirect Chain
  • https://psuftoum.com/?z=6463517&syncedCookie=true&rhd=false
  • https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
40 KB
13 KB
Document
General
Full URL
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
c96de6e3cbecfe1f06c2f7403c736b9a594a2d4b6d38c78299c8e5279e993334

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://psuftoum.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
821a2c081be44dd4-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 03:15:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOuHaUpsIrIsNN%2BYGONpm6YPPPhc1DziTxh6neN9Zcx5fw93Tv6%2B7k8ClGSWElhdTJSAgtED1MZdr0f6tkigXev1TEgQ1gb2DACIXMvLuE1AUT4XGQSveOASshhdxL0Y1pg7Fas%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://psuftoum.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Mon, 06 Nov 2023 03:15:25 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://totalniceposts.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
b1294e3173be09a66ff525552a531644
gid.js
my.rtmark.net/
65 B
544 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?userId=265550cab39097cb846065d75deff8d7
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d508a4615eac0ecd6fadb07f90555a74c089fb823ae0a9e48a1ebaf060256356
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:26 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalniceposts.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
totalniceposts.com/pfe/current/
26 KB
10 KB
Script
General
Full URL
https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 03:15:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 08:40:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65436083-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UK3yGnTLU%2FjnCMYsx31N7E0y1csnLHe7bcD9nSK5%2FFrnUCLgbdOuZ9JHagwwTkcvcTU9iVu3kyo%2Fu7LgjKl10oVYnByyGr8uN7mZPPHAp48EblnGTStW8%2F7Miazz7wDYyBAz9OA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
821a2c0a3e6e4dd4-SIN
alt-svc
h3=":443"; ma=86400
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalniceposts.com/19/4662728/
3 KB
2 KB
XHR
General
Full URL
https://totalniceposts.com/19/4662728/?abt_opts=1&var=6463517&var3=745231380430197543&ymid=&rhd=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02638b2e9813017f4ab12bb1b0b1d6643ac7de9b85299ddfb046ee934fc1cf60
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:26 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
7ffa136ac1852c87361c73fa1e2fe5e1
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuCd1iiDnNiE8%2F0ZMOb37J0iFvLHCrmJIEx0T%2BfwC9XZX7VQarfOwkT6%2B0PMnhBT4xIE8eOqe%2FNJ1nTu6ukw624HQ2%2FJbH5q7mVMB70lZ29%2F0PsDuLM6pfyBfMJqy3OZxaOm%2B9M%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
821a2c0a4e974dd4-SIN
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
totalniceposts.com/
2 B
416 B
XHR
General
Full URL
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsfZM7pbAQmtWt6J1oZV7SzBpSGooMmFbzBp4jCsWuZLfu%2FnLYc4QIncByvr58lLflASJcXTAIbEw7%2F%2BqPUMsgn%2BXrynErD8kt0%2Bh8DsddeiVSx8on2YC7VOh4H0npw%2BEnHrLTw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
821a2c0a4e984dd4-SIN
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
4662709
totalniceposts.com/sw-check-permissions/
0
953 B
Other
General
Full URL
https://totalniceposts.com/sw-check-permissions/4662709?var=6463517&ymid=745231380430197543&uhd=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhyE0XSOoxFmM7sd0buDPUXEuxKHTeWW4kz3x%2Bt4SQ2e%2FXJmr%2B2L90X2FbTVeIylib53gZcQCXb9fqP1K6pgF4pUzPnfqIzdo207JeS%2FzmivTyKmlBD3H22QoCZOoLtPwgi0whI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
821a2c0beb4d6009-SIN
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalniceposts.com/
0
532 B
Ping
General
Full URL
https://totalniceposts.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalniceposts.com&var=6463517&ymid=745231380430197543&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-trace-id
4a6ee0b7a0cafb88e3bce8769713a63e
date
Mon, 06 Nov 2023 03:15:26 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9UXGvyJ85lm%2Fv669Y6ltG8V3cY71%2BYjXub8DWFEzdFY96%2BmP1ESs6oVurtjYKeIJEpMJ2ksXyKjLA6I4qvqgxm0FMO%2F76tlwJC4kPcGs%2B3sIS%2BAouPpgt3z0M4WkCcAYKEjvEA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalniceposts.com
access-control-allow-credentials
true
cf-ray
821a2c0beb4f6009-SIN
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
rhd
totalniceposts.com/
0
0

gid.js
my.rtmark.net/
65 B
544 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=745231380430197543&var=6463517
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d508a4615eac0ecd6fadb07f90555a74c089fb823ae0a9e48a1ebaf060256356
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:26 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalniceposts.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
totalniceposts.com/
797 B
981 B
Fetch
General
Full URL
https://totalniceposts.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalniceposts.com&var=6463517&ymid=745231380430197543&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
2d88750f95c4d6fdab4a18a2a61039ad
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XeCMVUoTZR03TTKQdMi85ASPtST0C77LDxYUjodZztxqolz7hOl4iQnfLzz46P2B4VZGQaXiqYJpwH0VGgnqpIDKIEPeUj9MQU1BbymRF5IsgjrJ124Yxu3vOhaa3S5Y%2Bv7vyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
821a2c0c1b6f6009-SIN
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
Primary Request /
totalniceposts.com/
40 KB
13 KB
Document
General
Full URL
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
f0684816570b2b762c15aad36da9646f02223695a7aabdefa914bf1fc294334d

Request headers

Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
821a2c0d3d326009-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 03:15:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ylv6a3de6M3qUukjHkx348oeF%2Fc4OTzGWYqvbJhgVcEwVfdfhZ2J4lZ2rpgK2N8B6SYTnQCGB7daCAMDk671AvZrA%2BJMjS4JRnPKMkdhEMCN7xyVSW6z2gS5C74LkkYN9nA3p08%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
micro.tag.min.js
totalniceposts.com/pfe/current/
26 KB
11 KB
Script
General
Full URL
https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 03:15:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 08:40:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65436083-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmsQhvAPyROIlv0JQ%2Fgb0MOFnQ2z1R49qUr5NlIrdsEcR07T5S0WIiXHmL9i3AwOii3dv4u%2FEzzxSAs1pFbVutb%2BP5VS6g6uTEds3XDARqU%2BPo%2FeYG%2BB%2BsFZ1xT1rpmfV%2FfhNao%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
821a2c0fa9426009-SIN
alt-svc
h3=":443"; ma=86400
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
totalniceposts.com/19/4662728/
3 KB
3 KB
XHR
General
Full URL
https://totalniceposts.com/19/4662728/?abt_opts=1&var=6463517&var3=745231380430197543&ymid=&rhd=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0d9c413417847e2c37120a99fef20e2d449dffd1a0dc4ad99103c62bd2957a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
2717be15b71b85c4249d7c2656011569
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJUlWde5uFw79%2Bp5GMH9WHvGQ4oyvFWF4qxs3qzdrRPhQWbL7pGEotfrcmQghB09HQb4PgbpkPs9ZQHwlyyG3%2BsXbfdON0ZsV0ib%2F1wP1z1NjJlXEvpHaIN0R10s4GggHA7y9lg%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
821a2c0fb9746009-SIN
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
totalniceposts.com/
2 B
532 B
XHR
General
Full URL
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2&mprtr=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wlmo5ULai%2B6Bf4fLZGt9Fj9P34%2FL2OgeKnQNwBt7FZIk5Y10njJL5Fek1ZuWMUKKdNh4FtnjVByt1TqfRqBNleELVQJELF1ipKe8PW9jdOijyjZ7qgexOpN4X3%2FCq9UT3%2FNv6Xk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
821a2c0fc9876009-SIN
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
totalniceposts.com/
3 KB
3 KB
Fetch
General
Full URL
https://totalniceposts.com/rhd?rb=JLejnQ5eXSks8v9Xxyxe6pr8mdh3vYectNKncq32rlB2jgmmWl9X4W_UnXCuPzs-tUwQ_8lViystCARrTQdm7eLWI6zIDCy7drrfrFMd8o-8B20029DL4P6C7BxBSc8Yb_uNbPmmxkjDUKRB1-TzpyUHyAhNcpC4kxq7wH5zYuSPGrRB-V7hheyJLLcZwSMIMnPgprL57cu6Xfv3a-sFRK3PNarSqi6wNozbuG7_ChOsqiceAW29n6uF0FsjP3IWgZwlOUW7-iX0YdRbEDrel3rIUc1IuAwn8gReqRWDZYcPcu5IwXelC4pdKSZgrhok8QqVPYYX6oy5oFnI89xlb_-kYY2uxPChL7YpAU1GDDh-uWjYaoShSvxNN_XM7MFvStJmxr4NiHF_qD4dUbN8z4xVxgOZL0KzrZIgYo2iWeCiXkCQBeVHk6B_-Ev4ClFrfqfO2iX022cSlzHY-4Ubrc-K6aKshySjduOJhaKFTvrasFa6qOsSng%3D%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotalniceposts.com%2F%3Fs%3D745231380430197543%26ssk%3D4a4326d79d25aec918de30ec3d11e32a%26svar%3D1699240525%26z%3D6463517%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26rdc%3D2&drf=https%3A%2F%2Ftotalniceposts.com%2F%3Fs%3D745231380430197543%26ssk%3D4a4326d79d25aec918de30ec3d11e32a%26svar%3D1699240525%26z%3D6463517%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6463517&var3=745231380430197543&ymid=&rhd=1&m=link
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3d540cdca09aab1cab921f348157315f64239dae36a7d207e16c9c0e1a452f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
b84916a4f5b9a971fdb6ef55b811c9e8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi2Ctj6KOvurjFQ2rBw2trwNbpEYBoft0qfBNr96d4cU5fky7Z4YoY9sXVbQ9vHxz2PSzy09nCF%2BDg7qGozdSqNWqooAK8bG%2BKVcaMXwhiqkmyFf2F8j2V%2FD2wqTYvqAB66kRoo%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
821a2c115b776009-SIN
expires
Tue, 11 Jan 1994 10:00:00 GMT
4662709
totalniceposts.com/sw-check-permissions/
0
955 B
Other
General
Full URL
https://totalniceposts.com/sw-check-permissions/4662709?var=6463517&ymid=745231380430197543&uhd=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35zZJ29yzJbzscaHfhalpOlab01NjGf9aLzo9%2BvKUJgNygNIkoRNg3XAV%2BoyPXRNJg8Fq4ur97GFbBpKo3HzPuSvDMKTlS%2FlIs%2Bvr86xbrZUjYdOmEv73Z%2BeUUCbDIuwknMT988%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
821a2c12adca6009-SIN
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
zone
totalniceposts.com/
0
489 B
Ping
General
Full URL
https://totalniceposts.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalniceposts.com&var=6463517&ymid=745231380430197543&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-trace-id
6c88bc11a00493697890fa037937ca9d
date
Mon, 06 Nov 2023 03:15:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mdxy743JV4owdfhKBKs2DpicI8pdAdnWPLwUKkz7DnQtehaqkYLKUZrGbja7vYyEUKu4QZfihc5VsND91CFRQ0Jcop3NFGlipf9wFAoQsUPRQ3YafHZFP%2BO0NB3%2FK3EJQKik66k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalniceposts.com
access-control-allow-credentials
true
cf-ray
821a2c12adcd6009-SIN
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/
65 B
544 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=745231380430197543&var=6463517
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d508a4615eac0ecd6fadb07f90555a74c089fb823ae0a9e48a1ebaf060256356
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://totalniceposts.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
totalniceposts.com/
797 B
983 B
Fetch
General
Full URL
https://totalniceposts.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totalniceposts.com&var=6463517&ymid=745231380430197543&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=settings
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/pfe/current/micro.tag.min.js?z=4662709&ymid=745231380430197543&var=6463517&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0c535830f956e3d4f9521144bbbf5b283a50a2c1cc8e82808383533426a6d63
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 03:15:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
9b6a2bd11e0ee273929bb6aa756c58fe
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLSuf8AYvn%2BkM95m6FD9M5mx5WLrjAemFVCqLupREuXVtQN2tqaDsltmVJh%2FWBlxz3LeDyqiWu8kfmOWSEz3IGzjOBSBniIEiOwTuRjjUmy8JRFzsxQ%2FA3JTRLaxdkT5SAnXnkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
821a2c12cdda6009-SIN
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
/
promo.pixelsee.app/
0
0

cat.php
totalniceposts.com/
0
761 B
Ping
General
Full URL
https://totalniceposts.com/cat.php?userId=265550cab39097cb846065d75deff8d7&zoneid=4662728&rb=JLejnQ5eXSks8v9Xxyxe6pr8mdh3vYectNKncq32rlB2jgmmWl9X4W_UnXCuPzs-tUwQ_8lViystCARrTQdm7eLWI6zIDCy7drrfrFMd8o-8B20029DL4P6C7BxBSc8Yb_uNbPmmxkjDUKRB1-TzpyUHyAhNcpC4kxq7wH5zYuSPGrRB-V7hheyJLLcZwSMIMnPgprL57cu6Xfv3a-sFRK3PNarSqi6wNozbuG7_ChOsqiceAW29n6uF0FsjP3IWgZwlOUW7-iX0YdRbEDrel3rIUc1IuAwn8gReqRWDZYcPcu5IwXelC4pdKSZgrhok8QqVPYYX6oy5oFnI89xlb_-kYY2uxPChL7YpAU1GDDh-uWjYaoShSvxNN_XM7MFvStJmxr4NiHF_qD4dUbN8z4xVxgOZL0KzrZIgYo2iWeCiXkCQBeVHk6B_-Ev4ClFrfqfO2iX022cSlzHY-4Ubrc-K6aKshySjduOJhaKFTvrasFa6qOsSng==&var=6463517&var3=745231380430197543&ymid=&rhd=1
Requested by
Host: totalniceposts.com
URL: https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://totalniceposts.com/?s=745231380430197543&ssk=4a4326d79d25aec918de30ec3d11e32a&svar=1699240525&z=6463517&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&rdc=2
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 Nov 2023 03:15:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-trace-id
889fdcf3924aa9d242206b205af19418
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VO7wv2XsgUrchPafCFH8Gs%2BFkSboeMwapfJ%2FbEX53WJXxKnS4KJKLKjsKnxX98sVvvsFkddsEizSUTWq0PN4TNHcvK7i3skE62HFu9iWrOZ3p25eSBQM%2BcIK%2FOJZJna4ve3n%2FXs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://totalniceposts.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
821a2c170c186009-SIN
expires
Tue, 11 Jan 1994 10:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ophoacit.com
URL
https://ophoacit.com/11?rnd=47169563&z=6145229&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=W064WKgz8J0vWf1HLzLmywLwcUSyS0R2OwCUwl86tL7LfXJCefVNenPYGDxVSPW2LDtkH4XOAQ8J2VrwFP1lP-BamzgkvNMSLLruzhD67CnWBtmE1AwuA1jWKUzGZH0wGSloTr9l_eKbHPw_rm6wTpQcTo8Rf1CBMcyaoNQqNLwr05_ekRy_AU0XlmADIZL7NX6_wESaDeKKKltQaGUu0YeDgekZxd5XohJVAMBGutDtnQp5U1SAio5d24WLE_HnmGOXY2Z1vZ_gW5IJzdImmdVrqjkQwfKagZhGo7WHBWNrsHXifI92FMbiqh1HxbeU&ruid=317f0e0c-8604-43f0-bca7-15cbf9e20b27&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fzipnews.xyz%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=717
Domain
interstitial-08.com
URL
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fophoacit.com%2F12%3Frnd%3D3260923959%26z%3D6145229%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DW064WKgz8J0vWf1HLzLmywLwcUSyS0R2OwCUwl86tL7LfXJCefVNenPYGDxVSPW2LDtkH4XOAQ8J2VrwFP1lP-BamzgkvNMSLLruzhD67CnWBtmE1AwuA1jWKUzGZH0wGSloTr9l_eKbHPw_rm6wTpQcTo8Rf1CBMcyaoNQqNLwr05_ekRy_AU0XlmADIZL7NX6_wESaDeKKKltQaGUu0YeDgekZxd5XohJVAMBGutDtnQp5U1SAio5d24WLE_HnmGOXY2Z1vZ_gW5IJzdImmdVrqjkQwfKagZhGo7WHBWNrsHXifI92FMbiqh1HxbeU%26bag%3DydU9kaAfa6I%3D%26ruid%3D317f0e0c-8604-43f0-bca7-15cbf9e20b27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fzipnews.xyz%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Domain
totalniceposts.com
URL
https://totalniceposts.com/rhd?rb=lIHJbRlW8JX2In4ns_qUlwHvaXYBjtuAJymAFgP6EDZkLS2w00D_kC26AwP8qXSdQ5KDrUdXS5tJxWuqUwC3kTE3P7-AJRpj6VgHW_zMgMsWse7OBCW655y3L0KzNjPTc96VdB8acqFNj9ApmfMuJWEFGejQCPvJUArfVBSelLka6lyVCl2Ohrh47TPeoPoXnmOftbtPxrzEX3f2r10zyKLZRN6IBpbzVQDEk2O_e4iIRUEtE47QQ80cKuCjqMHYL_6Hyj_t_mgsMnRTG555RwXX12771Cf-d3KtonPwhHauy_JvTzeuTHz_2FLMlTrD6ORDjUyE78E4HzNSmedkmq-_yMnLTbPMwS0-Ud38DEWhRrPiQOyvR4NQAGtHXie2qmqnjfdOLNvL7ZfqkjNCqcgaQdq89yDr3N_2Na4tyjUxFec9gHdrojzpCFnv-quRdlhD2QwymfnooCCmtXVerub9eW9eiaunUsqpvddNdrw%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftotalniceposts.com%2F%3Fs%3D745231380430197543%26ssk%3D4a4326d79d25aec918de30ec3d11e32a%26svar%3D1699240525%26z%3D6463517%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6463517&var3=745231380430197543&ymid=&rhd=1&m=link
Domain
promo.pixelsee.app
URL
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ALL_24_10_2023&sub2=propeller&sub6=745231389619925132&oaid=265550cab39097cb846065d75deff8d7

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| getCookie function| rtrDebugLog function| getGid function| addURLParams string| osVerUrlParam string| osVerNum object| osVerPromise string| alphabet string| subdomain function| randomInt function| Prefetcher string| tbPrefLog function| openHiddenLink string| mtPushZone string| mtS string| mtZ string| tbZone string| tbADZone string| mtTargetUrl string| mtDebug string| mtRDC string| mtSameDomain string| pushTagDomain string| pushTagMicroName string| wvrdParam function| redirect object| mtScript function| updateURLParameter object| _0xd6c1 object| reverseConfig object| zfgformats

13 Cookies

Domain/Path Name / Value
ophoacit.com/ Name: scm
Value: 1
ophoacit.com/ Name: oaidts
Value: 1699240523
www.thesun.co.uk/ Name: nuk_customer_country_code
Value: SG
my.rtmark.net/ Name: ID
Value: 557297fa31324511b2106bd80070f19c
ophoacit.com/ Name: OAID
Value: 557297fa31324511b2106bd80070f19c
psuftoum.com/ Name: oaidts
Value: 1699240525
psuftoum.com/ Name: OAID
Value: 557297fa31324511b2106bd80070f19c
psuftoum.com/ Name: syncedCookie
Value: true
totalniceposts.com/ Name: oaidts
Value: 1699240526
totalniceposts.com/ Name: syncedCookie
Value: true
totalniceposts.com/ Name: OAID
Value: 265550cab39097cb846065d75deff8d7
totalniceposts.com/ Name: prefetchAd_4662728
Value: true
totalniceposts.com/ Name: reverse
Value: JahOWysfwuo1kbbkT3pgUjYBo2T6SfH5i_LZV7t1RQk

10 Console Messages

Source Level URL
Text
network error URL: https://eighthpowerfully.com/77/24/56/77245603ae919cd5a00f8976ab955670.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://zipnews.xyz/(Line 154)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/5ae986ec874d7b3091ea68a2d32076d4/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://zipnews.xyz/(Line 154)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/5ae986ec874d7b3091ea68a2d32076d4/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.profitablecreativeformat.com/5ae986ec874d7b3091ea68a2d32076d4/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://zipnews.xyz/(Line 440)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://husbandnights.com/0ce8f05835508839ac34defd2ef6b3c6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://zipnews.xyz/(Line 440)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://husbandnights.com/0ce8f05835508839ac34defd2ef6b3c6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://husbandnights.com/0ce8f05835508839ac34defd2ef6b3c6/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://zipnews.xyz/(Line 821)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/f4ac1c9e15492816c39437a447dea174/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://zipnews.xyz/(Line 821)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.profitablecreativeformat.com/f4ac1c9e15492816c39437a447dea174/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.profitablecreativeformat.com/f4ac1c9e15492816c39437a447dea174/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cricketaddictor.com
d21y75miwcfqoq.cloudfront.net
datatechone.com
eighthpowerfully.com
fonts.googleapis.com
fonts.gstatic.com
husbandnights.com
i.dailymail.co.uk
i2-prod.mirror.co.uk
ichef.bbci.co.uk
image.cnbcfm.com
interstitial-08.com
media.crictracker.com
metro.co.uk
my.rtmark.net
onecms-res.cloudinary.com
ophoacit.com
pixel.wp.com
promo.pixelsee.app
psuftoum.com
static.independent.co.uk
stats.wp.com
totalniceposts.com
www.icccricketschedule.com
www.profitablecreativeformat.com
www.thenews.com.pk
www.thesun.co.uk
zipnews.xyz
interstitial-08.com
ophoacit.com
promo.pixelsee.app
totalniceposts.com
104.17.188.237
104.89.123.90
139.45.195.8
139.45.197.242
139.45.197.244
172.64.173.37
173.208.96.116
173.233.137.36
173.233.137.44
192.0.66.24
192.0.76.3
192.243.59.13
206.189.138.50
2404:6800:4003:c01::5e
2404:6800:4003:c05::5f
2404:6800:4003:c06::5f
2600:1413:a000:49e::f33
2600:1417:3f:789::523
2600:1417:3f:bb5::16c2
2600:9000:23d2:8400:1b:ef38:3680:21
2606:4700:10::6816:1ed9
2606:4700:20::ac43:4473
2a04:4e42:400::347
3.162.38.129
37.48.68.71
52.84.251.82
02638b2e9813017f4ab12bb1b0b1d6643ac7de9b85299ddfb046ee934fc1cf60
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
156a886cb1617a72f469822037d11e4adf9af98634e254df228da3dc99dd91ae
15c42aba74df8c4a0e59b061d2cf61456bf8c07addce4173529148cf7381a73c
1691caa33ab98d65c3aefe0f50cd1a53972e86b3a1fe288bc5a67b7ccfbb09fa
1b48190f6b5b95ba8b42c901a7cfe7f786d19ceb89332eb68a00fd0d74e80134
27ef365c9391d758421572cbc3b7228bbf7f554ded3617434920cb90900d49af
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3a0a7bbb6080642db26b792d41d2cb6bf7123ecee3247e2fbcde39e5498851f9
3ce540bb1b86b579f9720602d4c417a31172885a70f0738d28c0c77eebbac83a
3dd9080c40e73f14b0fa70d5a08c2cdc666e7cce1bf6272a827f86ad57ec7e48
3e2759a04f115bf0f650b0af934687c31ff420ab02c89bb3b010f02e0e798b2d
3f295206eda7b6fcf3e4ddb59fd71bb078467c268ee5f2a214f1f9928c109f3d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66d5fffa6409eb61bafbad3b717016337ee72290902caab46ef2c55c285d73db
678a2cced765025b5e5812c4bc40421dc71956f97803756981ec96940e49f092
6e0d9c413417847e2c37120a99fef20e2d449dffd1a0dc4ad99103c62bd2957a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83cd632bd100d02ccec1ff53c299bdb3a9c5ab01082e7f6d38f5ac2c76d5b818
93095baa239c5add6d9838d402e414ee3d58135d55cde292ad0f31746b789940
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
a0c535830f956e3d4f9521144bbbf5b283a50a2c1cc8e82808383533426a6d63
aa43c49c0bd10316ea615e9aa2ef21193a00a1e6d94c3d446d7a668a2d192c18
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759
ae04004032ce6953c6bd07a115905991fd0eedfa4919506361182c881a2d9e40
b66fc18fef504d695b9c3dd1596d4fce5f282ac0fa71709302ed647c76292a15
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b965ff50c9592406d6214cebdbb0776084d3e44283fcb6448efb75be4762d68f
b9d67e17e9c993aa3e996d9d14c9405ff64a93e1c60cdd4761a498a5498635d2
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd014a3e437ac3dfd36c28293f32d3179b093b564b6b2e80eadf30a5dfe7a0a6
c96de6e3cbecfe1f06c2f7403c736b9a594a2d4b6d38c78299c8e5279e993334
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cee5f5e56de6c6c040859a72f19fdc383b2f627b6cf9f393892151c61f605fe5
d3f500213aaf6ff768c43c84b75fc614c5c5db26829178a6953817d4061a6566
d508a4615eac0ecd6fadb07f90555a74c089fb823ae0a9e48a1ebaf060256356
da3d540cdca09aab1cab921f348157315f64239dae36a7d207e16c9c0e1a452f
db0b413c92eef041a6dda8e7279a8cbee06755eab7b751c88bdbc22781e7e78a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e284f113e4bcac5dff1505966a91a128687b12fae8d9c14e83d334a1f4afe6
e95e1c57b0f954d05ce99955b68c8b3c52e6ffd647e5c3cb30e6c547bb1eba23
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1
f0684816570b2b762c15aad36da9646f02223695a7aabdefa914bf1fc294334d
f0df5bac42e20b19dafbdf42b5480133ffdf8885bf9d4fd9a8fa3043e3efd2ae
f1bc17112f84d3e3b9e381a292e9ee6263cfb0706f07e34501396dee3a7c8a2a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f52ec3f4d0b043a36683a54caef45ae1158780aede5f886a6a1b63b61668e0d3
f8b9ebd631207b76cebf4b4095d50ad4adb0d7dd9ac5fada2ae4c896ebaf5e80
fcee59682cffa6913f1d8cdbb0bd1f5632f8e8533c518bec64c88e4d18dadd52