urlscan.io logo urlscan.io
SecurityTrails logo

insurance.klpt.org Open in urlscan Pro
45.76.154.238  Public Scan

Go To Rescan Add Verdict Report
URL: https://insurance.klpt.org/
Submission: On January 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 90 HTTP transactions. The main IP is 45.76.154.238, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is insurance.klpt.org.
TLS certificate: Issued by R3 on December 19th 2023. Valid for: 3 months.
This is the only time insurance.klpt.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    45.76.154.238 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.154.238.vultrusercontent.com
insurance.klpt.org
10    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
11    23.47.168.66 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-168-66.deploy.static.akamaitechnologies.com
contextual.media.net
8    23.58.90.38 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-90-38.deploy.static.akamaitechnologies.com
warp.media.net
hblg.media.net
3    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
7    23.77.240.29 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-240-29.deploy.static.akamaitechnologies.com
lg3.media.net
2    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
cm.g.doubleclick.net
2    23.52.160.28 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-28.deploy.static.akamaitechnologies.com
cs.media.net
2    23.200.0.188 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-188.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
Apex Domain
Subdomains		 Transfer
28 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
warp.media.net — Cisco Umbrella Rank: 3492
lg3.media.net — Cisco Umbrella Rank: 7860
hblg.media.net — Cisco Umbrella Rank: 2922
cs.media.net — Cisco Umbrella Rank: 1972
287 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
345 KB
19 klpt.org
insurance.klpt.org
143 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
92 KB
5 gstatic.com
www.gstatic.com
74 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
194 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3016
592 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 6
1 KB
90 9
Domain Requested by
19 insurance.klpt.org insurance.klpt.org
12 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
insurance.klpt.org
tpc.googlesyndication.com
11 contextual.media.net insurance.klpt.org
contextual.media.net
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com insurance.klpt.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
7 lg3.media.net googleads.g.doubleclick.net
contextual.media.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 hblg.media.net googleads.g.doubleclick.net
5 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com insurance.klpt.org
googleads.g.doubleclick.net
2 qsearch-a.akamaihd.net
2 cs.media.net contextual.media.net
2 cm.g.doubleclick.net 2 redirects
2 warp.media.net insurance.klpt.org
2 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
90 15

This site contains links to these domains. Also see Links.

Domain
wpenjoy.com
Subject Issuer Validity Valid
insurance.klpt.org
R3		 2023-12-19 -
2024-03-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh

This page contains 16 frames:

Primary Page: https://insurance.klpt.org/
Frame ID: 737DEA99DF2393D6386CE5073EAF77B7
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: 9A9F6C2A15C5934839ACDEE471E69C87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2940032778997096&output=html&adk=1812271804&adf=3025194257&lmt=1704476377&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Finsurance.klpt.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704476376709&bpp=4&bdt=1074&idt=296&shv=r20240103&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1082202877015&frm=20&pv=2&ga_vid=90240692.1704476377&ga_sid=1704476377&ga_hid=1502511028&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080235%2C44807406&oid=2&pvsid=1515411477380651&tmod=575523608&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=335
Frame ID: D0F08A2DE836C35AD2D9CDF0EDBEAC24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AB16D722603F931698968D9B12C12A63
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2AE3517F172BB0754C0E8992A21F439C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 47A9DE2C7F369FCC96739E548E83411A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CURI7T3U&ydspr=1
Frame ID: 4E3EF9EBE4F2DD72FC6CEFF97021C140
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Frame ID: 1CE355257FB624420CA984D1CD42EFE0
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 695049BE2A5DB8CA6DF1666CF5469267
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DCA93B7ACA6F4DADE5C3F9C22190CB2
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 584C24A7288F576CA7387C5ACE147028
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=*!%7Cu%7C9*An3H&33=-8&3934=oPNmR*~SWr.ZocWZSd.WL)%3D%3D&os=WcbYYc*ncVX7XVc*VfW&!49u=b&DS9T=b&34o=WWYn&CS3F=Bn*X&3s4=VP-LtcEn-&3us4=7n*W7fYnb&SsHF=W*bO*bb&S3=R)&3jlD=~)LwIx(&9s4=VRIWzPtL7&C9s4=EBYYvVE&jCC9S=W&uuu=CHL6jB3Q6BeXMOgw!u.gRo)v.P9HjPuo~~8*d4tZx8Y%3D&lSF=7&QZ=W&d!4=Y&T4CW=VP-W8JzYn&T4Cf=nnc*XW7nV&q4TCT=S4f%3DldQQiCC%3DbisduQeQ%3DWbidQDe9%3DbkWbWni5!Fu9D%3Dbk7*ioZeFO3%3DbkVXiosSeS4%3DWW*iduQeu9Seq%3DVkfVi45Deq%3DbkVYi43f%3DWiS34%3Dl2iuTF%3Db%2CbioeTSl%3DcbWi45DeQ%3DfbioQfueS4%3DfbfYbWbYfWisduQeq%3Dc*bkYciduQeCG3%3DbiduQeufTeq%3DbiSC4%3DTSZsUCeXej5SCiuTC%3Dbkbbb%2CbiQTSC%3Di3o5!%3DYk*YiosSeduQeq%3Dbk7*ioQfueseS4%3DfbfYbWbYfWis9%3DWX~tIT.PQDBRS!KZoXMgf!iUqq%3DbiosSeduQeQ%3Dbiuss9dT%3DV%2CXiFC%3DW7iu3%3DWioQfueseq%3DbkbYiu9SeS4%3DfbfYbWbYWViosSeq%3DcnbkWfiuT4o%3Dbkbbb%2CbiduQeq%3DWknWioQfueduQeq%3DbioQfueduQeos%3DW16W*iduQeCos%3DbiduQeQ%3DWbiSQo%3DYckX*i!3TC%3D7bb7cWiqq%3DWX*ioo%3Dbi3oQfueS4%3DWfniuUo%3DYbkfYiQfueq%3DWbbbiFu9D%3Dbk7*ioQfueduQeG3%3Db1bi9Sse3%3DW%2CW%2Cb%2Cb%2Cb%2Cb%2Cb%2CbiqD%3DWi9Sse4%3DbiuGF%3Db%2CbiuT49%3Dbkbbb%2CbiTn9eq%3DVkbf%2CXWkcXiSs4%3D7n*W7fYnbiS4%3Dbids4%3DnnXVjBjuCb8G1l*QA.iduQeu9SeG3%3Dbi3oQfueq%3DYk*YiqC4%3Dc77XfbcWf77f7c7nVnWWW7bYVbcYWWfWXbW7*f7cY7cWVnVbVfcfX7*nW7cWXYbXX*YnbX77nbcVVWc7nYccXc*n7XYWYWcfV7c7YVVioZd%3DbkVXi4f9eQ%3DWbi3oQf%3DYk*Yin93U%3DXXXkV7idsD%3Dbi5!eDSj%3Dbk*7iuGC%3Dbkbbb%2Cbi4DDeSCu!%3DjTuD5l2i4f9eq%3DWi5!4f9eq%3DbkX7iSS%3Dx)i33%3D-8idsZ%3D6Wi3F%3Dbiu9Seq%3DWb7k7*iduQeSu9Seq%3DVkfViu3o%3DYbkfYiPt%3DnbVniuGZ9%3Dbkbbb%2CbiGqed3%3D6filCS%3DfiGqe33GS%3D6fi3C%3DlFZ%2025uGiqSSemEM%3Dx)%2Cx)iuGZ4%3Dbkbbb%2CbiqTSsSf%3DWX*iq4C%3DWcbYYc*ncciqTSsSW%3DWX*isSLFU%3DbisSsU%3DbiduQeu93eq%3Dbiqs4%3Dbk7*i43%3DViduQeu9Seuo%3DbioQfueq%3Dckffi3q49%3Dbk7WbisC29Fes4%3DWciSFQQFueCT!es4%3DTSZsUCeXej5SCiSd99Q2eCT!es4%3Di4FCF3CF4eCT!es4%3DTSZsUCeXej5SCiosFZTqsQsC2%3DbkVXi95S%3DWiT3eC29F%3DWiT4qQG%3DWVWffcWVbniTD9%3DWi5!qs4%3Dbk7*biqUQu%3DbkbWbiSds4%3Di4C3%3DZFSCe5ui4DDeFu9D%3DUTQSFi4DD%3DjTuD5l2iq493T94%3Dbi4TQ!%3DdlsS5lfciS!DC%3D~5DFetlSduTl3FiS5q9%3Dbk7iOs4%3D)aA69dq6fXYbbnfccVXXcbX*ijCDQ%3DWiT4e95S%3D%7B%22C%22%3AW%2C%229%22%3AY%7Di43dC%3DWbi45!q%3Db6Wisq3%3DWilSH%3DfiC!S%3DWfbO*bb%7CW*bO*bbiqSq%3DbiqS9%3DbiCDO%3DWcV&lCo=b&DDD=dA5SxUtaK1G%3D&sZ=b&sltUu=W&q4ut4=Y*b&qs4=nYXb*Y&D3U=c*7Xf&24S9u=W&qTF=gOFxxOY%2FOOigOFxxOYTOOiYFF&GTC9uF=W&3T45DTsl=CHL6jB3Q6B6~8jxYf6ddUA9NFd7vHUIuHZdYSJ(z!)Jz.9K6evrNl)%3D%3D&29Q9=W&sSs4=7&T4o=tlSs4Fu%20Pj5s3FS&SSD3ueoFu=7&9!s4=9bW*YVVXcWVWCfbfYbWb7WcnX&SSQ4=%7B%22SSs9%22%3A%22f*bb%3AbVbn%3AbTVV%3Abbbb%3Abbbb%3Abbbb%3Abbbb%3Abbbb%22%2C%22SS33%22%3A%22-8%22%2C%22SSS3%22%3A%22x(%22%2C%22SS3C2%22%3A%22lFZ%2025uG%22%7D&jCDQSu3=W&sflct=6055235&ure=1
Frame ID: F0887ED43BDCFD86EB0EBF909A56C86A
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 28527605DD86A9771210D17FCF6A4690
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2700&&kkdd=*!%7C!%7C9*huAWn3H&aP=b-NKK-4y-OI-TbLT-4K&7iQo=N&*MQj=N&Fia=bbKy&2MF8=Yy4L&FPi=OndT1wbGe&FQFi=Ay8Lzu_g!b0~dh7gcJiAPm%3D%3D&FoPi=TbIOKON-b&MP!8=b4Ng4NN&FF=dl&MF=GD&FA~*=M**B*P7oj2P(~B28M2&QPi=OGkwK_IOV&2QPi=0b0T0qk&A22QM=b&ooo=2!1CAYFvCYBLRgtp7oHtGaDqHnQ!AnoaWWl4Zi9m_lK%3D&~M8=T&vm=b&Z7i=K&ji2b=OndblVrKy&ji2I=yy-4LbTyO&zij2j=MiI%3D~Zvv3PZovBv%3DbN3(78oQ*%3DN6y43i(*Bz%3DN6-43MFi%3D~u3oj8%3DN%2CN3i(*Bv%3DIN3avIoBMi%3DINIKNbNKIb3PZovBz%3D-4N6K-3ZovB25F%3DN3ZovBoIjBz%3DN3M2i%3DjMmPJ2BNBA(M23oj2%3DN6NNN%2CN3PQ%3DbLW9kjHnv*YGM7xmaLRtI73Jzz%3DN3oPPQZj%3DO%2CL3oF%3Db3oQMBMi%3DINIKNbNTN-3ojia%3DN6NNN%2CN3ZovBz%3Db6yb3avIoBZovBz%3DN3M**Bmo%3DyO6LK4y3ZovBv%3DbN3Mva%3D446II37Fj2%3DTNNT-b3zz%3DbL43M**B*Zv%3DN6OK38oQ*%3DN6y43avIoBZovB5F%3DN)N3QMPBF%3Db%2Cb%2CN%2CN%2CN%2CN%2CN%2CN3z*%3Db3QMPBi%3DN3o58%3DN%2CN3jyQBz%3DK64%2CbbL6bO3Mi%3DN3ZPi%3DyyLOAqPu4I-54iiM~a3FavIoBz%3DI64-3z2i%3D-TTLIN-bI-4bb4TK-LLy44IOOI4y4ILyON-4O-bbT-TIyIyNOLN-TNIOLL444yy-I4-IN-4Ty44ObLO-OLIbKLL4444NKLKIKyI44T43ZP*%3DN3o52%3DN6NNN%2CN3(7iIQBz%3DN6LO3MM%3D_D3FF%3Ddl3ZPm%3DCb3F8%3DN3oFa%3DKN6IK3n9%3DyNOy35zBZF%3DCI3~2M%3DI35zBFF5M%3DCI3F2%3D~8m%20u(o53zMMBS0R%3D_D%2C_D3zjMPMI%3DbL43zi2%3Db-NKK-4y--3zjMPMb%3DbL43iF%3DO3avIoBz%3DK6bK3Zv*BQ%3DN6bNby3amB8gF%3DN6OL3aPMBMi%3Dbb43ZovBoQMBz%3DO6IO3iFI%3Db3aBjM~%3D-Nb3vjM2%3D3Fa(7%3DI64-3aPMBZovBz%3DN6T43avIoBPBMi%3DINIKNbNTNy3aPMBZovBv%3DN382%3DbT3avIoBPBz%3DN6NI3aPMBz%3D-IL6Ny3avIoBZovBaP%3Db)Cb43ZovB2aP%3DN3aa%3DN3FavIoBMi%3DbIy3oJa%3DKN6IK3vIoBz%3DbNNN3M**BMi%3DINIKNbNTN-3ojiQ%3DN6NNN%2CN3MPi%3DTbIOKON-b3ZovBoQMB5F%3DN3amZ%3DN6OL3iIQBv%3DbN3FavI%3DI64-3yQFJ%3DLLL6OT3(7B*MA%3DN6yL3i**BM2o7%3DM**B*P7oj2P(~B28M23iIQBz%3DN6LO3oQMBz%3DbbL6bO3ZovBMoQMBz%3DO6IO3o5mQ%3DN6NNN%2CN3o5mi%3DN6NNN%2CN3PM18J%3DN3PMPJ%3DN3ZovBoQFBz%3DN3zPi%3DN6y3ZovBoQMBoa%3DN3FziQ%3DN6yNN3P2uQ8BPi%3Db-3M8vv8oB2j7BPi%3DjMmPJ2BNBA(M23MZQQvuB2j7BPi%3D3i828F28iB2j7BPi%3DjMmPJ2BNBA(M23aP8mjzPvP2u%3DN6OL3Q(M%3Db3jFB2uQ8%3Db3jizv5%3DbObII-bONK3j*Q%3Db3(7zPi%3DN6y4N3zJvo%3DN6NbN3MZPi%3D3i2F%3Dm8M2B(o3i**B8oQ*%3DJjvM83i**%3DM**B*P7oj2P(~B28M23ziQFjQi%3DN3ijv7%3DM**3M7*2%3DW(*8B9~MZoj~F83M(zQ%3DN6N43gPi%3DDXcCQZzCILKNNyI--OLL-NL43A2*v%3Db3jiBQ(M%3D%7B%222%22%3AN%2C%22Q%22%3AK%7D3M**BjQP%3Dab3PzF%3Db3~M!%3DI327M%3DbINg4NN%7Cb4Ng4NN3zMz%3DN3zMQ%3DN32*g%3DbOK&~2a=N&***=Zc(M_J9Xx)5%3D&Pm=N&P~9Jo=b&zio9i=ILK&zPi=yy-LLO&*FJ=-4TLI&uiMQo=b&zj8=tg8__gK%2Fgg3tg8__gKjgg3K88&5j2Qo8=b&5j2zPi=CbNI&uQvQ=b&PMPi=I&MM*FoBa8o=T&Q7Pi=QNb4KOOL-bOb2INIKNbNTb-yL&MMvi=%7B%22MMPQ%22%3A%22I4NN%3ANONy%3ANjOO%3ANNNN%3ANNNN%3ANNNN%3ANNNN%3ANNNN%22%2C%22MMFF%22%3A%22dl%22%2C%22MMMF%22%3A%22_s%22%2C%22MMF2u%22%3A%22~8m%20u(o5%22%7D&Q8oJ=b&A2*vMoF=b&sflct=451046&ure=1
Frame ID: 1021758655F2E40802007A5CA34351BE
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 033292B34707D5F936AC29E065E3D2C2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 28A264ACE2741D39DFAF62047168AC75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

insurance.klpt.org

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

90
Requests

97 %
HTTPS

50 %
IPv6

9
Domains

15
Subdomains

14
IPs

2
Countries

1152 kB
Transfer

3430 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3NDc3OTc4NTY1OTY2MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEN6vIvmRysh25BxO14cDMKE&google_cver=1
Request Chain 68
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3NDc3OTc4NTY1OTY2MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMP5x-Uc8vjqjnFxUH5CNtE&google_cver=1

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
insurance.klpt.org/ 		42 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
8d67e66d5779f51d4e9229544b5bb2c2144a2ea2ac837a73252e6684a50333d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-length
9258
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 17:39:35 GMT
link
<https://insurance.klpt.org/index.php/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
style.min.css
insurance.klpt.org/wp-includes/css/dist/block-library/ 		107 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 08:29:15 GMT
server
LiteSpeed
etag
"1add3-656d8ddb-511168;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13280
expires
Fri, 12 Jan 2024 17:39:35 GMT
blocks.style.build.css
insurance.klpt.org/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 		184 B
269 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.79
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
last-modified
Mon, 04 Dec 2023 10:04:59 GMT
server
LiteSpeed
etag
"b8-656da44b-514013;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
184
expires
Fri, 12 Jan 2024 17:39:35 GMT
font-awesome.css
insurance.klpt.org/wp-content/themes/blogsite/assets/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/assets/css/font-awesome.css?ver=6.4.2
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"8d64-656ee996-515edf;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6797
expires
Fri, 12 Jan 2024 17:39:35 GMT
genericons.css
insurance.klpt.org/wp-content/themes/blogsite/genericons/ 		154 B
218 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/genericons/genericons.css?ver=6.4.2
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"9a-656ee996-515efe;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
154
expires
Fri, 12 Jan 2024 17:39:35 GMT
style.css
insurance.klpt.org/wp-content/themes/blogsite/ 		70 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/style.css?ver=20230701
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
47aa507aa520ddf600e955596eb5b75a117eba68760dc9b10c5cbdebff98a9f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"11945-656ee996-515f1c;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13037
expires
Fri, 12 Jan 2024 17:39:35 GMT
responsive.css
insurance.klpt.org/wp-content/themes/blogsite/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/responsive.css?ver=20230701
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
d7b66acb0c96567acc8707b2473c308c2cb90430df021e86b9c6161e60e3e752

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"237e-656ee996-515f17;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1524
expires
Fri, 12 Jan 2024 17:39:35 GMT
jquery.min.js
insurance.klpt.org/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 08:29:15 GMT
server
LiteSpeed
etag
"15601-656d8ddb-511384;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
29597
expires
Fri, 12 Jan 2024 17:39:35 GMT
jquery-migrate.min.js
insurance.klpt.org/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 08:29:15 GMT
server
LiteSpeed
etag
"3509-656d8ddb-51137c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4679
expires
Fri, 12 Jan 2024 17:39:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2940032778997096
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dca2c163e36096d243831e6ba424ad842dffecfd0964fc2e7e812763848d515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.klpt.org/
Origin
https://insurance.klpt.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50948
x-xss-protection
0
server
cafe
etag
7223439182828131985
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 05 Jan 2024 17:39:36 GMT
superfish.js
insurance.klpt.org/wp-content/themes/blogsite/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/assets/js/superfish.js?ver=6.4.2
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"1d7c-656ee996-515ef4;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2227
expires
Fri, 12 Jan 2024 17:39:35 GMT
html5.js
insurance.klpt.org/wp-content/themes/blogsite/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/assets/js/html5.js?ver=6.4.2
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"285a-656ee996-515eee;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2845
expires
Fri, 12 Jan 2024 17:39:35 GMT
jquery.bxslider.js
insurance.klpt.org/wp-content/themes/blogsite/assets/js/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/assets/js/jquery.bxslider.js?ver=6.4.2
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"107e0-656ee996-515ef0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14064
expires
Fri, 12 Jan 2024 17:39:35 GMT
jquery.tabslet.js
insurance.klpt.org/wp-content/themes/blogsite/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/assets/js/jquery.tabslet.js?ver=20230701
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"1701-656ee996-515ef3;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1514
expires
Fri, 12 Jan 2024 17:39:35 GMT
index.js
insurance.klpt.org/wp-content/themes/blogsite/assets/js/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/assets/js/index.js?ver=20230701
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"777c-656ee996-515eef;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6733
expires
Fri, 12 Jan 2024 17:39:35 GMT
jquery.custom.js
insurance.klpt.org/wp-content/themes/blogsite/assets/js/ 		3 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/assets/js/jquery.custom.js?ver=20230701
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"b53-656ee996-515ef1;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
695
expires
Fri, 12 Jan 2024 17:39:35 GMT
ads.js
insurance.klpt.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		755 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.79
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
1f7231afd107bd58072c2d4cf76ec9b07bb703a9cc970941010c83886eb7107b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:35 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 10:04:59 GMT
server
LiteSpeed
etag
"2f3-656da44b-513fb6;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
290
expires
Fri, 12 Jan 2024 17:39:35 GMT
fa9f4163-ed31-45cc-97e8-321af7b63766
https://insurance.klpt.org/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://insurance.klpt.org/fa9f4163-ed31-45cc-97e8-321af7b63766
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
genericons.css
insurance.klpt.org/wp-content/themes/blogsite/genericons/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/genericons/genericons/genericons.css
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/wp-content/themes/blogsite/genericons/genericons.css?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/wp-content/themes/blogsite/genericons/genericons.css?ver=6.4.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:36 GMT
content-encoding
br
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"6e6a-656ee996-515f03;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
15970
expires
Fri, 12 Jan 2024 17:39:36 GMT
genericons-regular-webfont.woff
insurance.klpt.org/wp-content/themes/blogsite/genericons/font/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-content/themes/blogsite/genericons/font/genericons-regular-webfont.woff
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/wp-content/themes/blogsite/style.css?ver=20230701
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9

Request headers

Referer
https://insurance.klpt.org/wp-content/themes/blogsite/style.css?ver=20230701
Origin
https://insurance.klpt.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:36 GMT
last-modified
Tue, 05 Dec 2023 09:12:54 GMT
server
LiteSpeed
etag
"4348-656ee996-515efd;;;"
content-type
application/font-woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
17224
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://insurance.klpt.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 		401 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2940032778997096
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31ef16319ad5142b715efac4d58de1cbf64ff6a72c1d33852e05f06d1a9776c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139072
x-xss-protection
0
server
cafe
etag
11270514413272551825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:39:36 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame 9A9F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2940032778997096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.klpt.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
76594
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 20:23:03 GMT
etag
9219409622527106327
expires
Thu, 18 Jan 2024 20:23:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wp-emoji-release.min.js
insurance.klpt.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://insurance.klpt.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.76.154.238 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.76.154.238.vultrusercontent.com
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:36 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 08:29:15 GMT
server
LiteSpeed
etag
"4904-656d8ddb-511353;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4611
expires
Fri, 12 Jan 2024 17:39:36 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D0F0 		416 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2940032778997096&output=html&adk=1812271804&adf=3025194257&lmt=1704476377&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Finsurance.klpt.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704476376709&bpp=4&bdt=1074&idt=296&shv=r20240103&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1082202877015&frm=20&pv=2&ga_vid=90240692.1704476377&ga_sid=1704476377&ga_hid=1502511028&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31080235%2C44807406&oid=2&pvsid=1515411477380651&tmod=575523608&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=335
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e17b6e3cf6355d5c4664d679ca12033dace3164350533ee01976787c6c023c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.klpt.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
76052
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 17:39:37 GMT
expires
Fri, 05 Jan 2024 17:39:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c98ab96f70da21edd6030b128ddef4f29c882513c3c535f160a7642539f338d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12288
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/reactive_library_fy2021.js?bust=31080235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2369875e7a78a3457667c33f6cbf4b843f34d53be0e0e416e77a65f54809a54c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56069
x-xss-protection
0
server
cafe
etag
610196328488108919
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:39:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 17:39:37 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame AB16 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.klpt.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 15:04:03 GMT
etag
9219409622527106327
expires
Fri, 19 Jan 2024 15:04:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame 2AE3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.klpt.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 15:04:03 GMT
etag
9219409622527106327
expires
Fri, 19 Jan 2024 15:04:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/ Frame 47A9 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_fy2021.js?bust=31080235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.klpt.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
9334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 15:04:03 GMT
etag
9219409622527106327
expires
Fri, 19 Jan 2024 15:04:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame AB16 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 17:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 16:46:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 17:39:37 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB16 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 21:21:49 GMT
x-content-type-options
nosniff
age
245868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 01 Jan 2025 21:21:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB16 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 06:13:40 GMT
x-content-type-options
nosniff
age
213957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Jan 2025 06:13:40 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame AB16 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:49:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
10220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:49:17 GMT
nmedianet.js
contextual.media.net/ Frame 4E3E 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CURI7T3U&ydspr=1
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0bc72368536e40de3b0fc97f2d15239b0b15efdaff74939fa8960dd74bc23236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-mnt-h
21-tp9r
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 05 Jan 2024 17:39:38 GMT
server
Apache
etag
"20fbbac7b8a3193b06153bd303362f60"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
36436
expires
Fri, 05 Jan 2024 17:44:38 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 4E3E 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Fri, 05 Jan 2024 17:39:37 GMT
x-guploader-uploadid
ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Fri, 05 Jan 2024 18:39:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4E3E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4E3E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4E3E 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:39:37 GMT
nmedianet.js
contextual.media.net/ Frame 1CE3 		99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
626b9292a7c274cb042c68aecb6ba5a686e20b4823914e8e1f89d5dabe73d294
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-mnt-h
21-tp9r
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 05 Jan 2024 17:39:38 GMT
server
Apache
etag
"f4b786d609276f557d5aab41cff5067f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
38137
expires
Fri, 05 Jan 2024 17:44:38 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 1CE3 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Fri, 05 Jan 2024 17:39:37 GMT
x-guploader-uploadid
ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Fri, 05 Jan 2024 18:39:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1CE3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1CE3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1CE3 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: insurance.klpt.org
URL: https://insurance.klpt.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:39:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6950 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insurance.klpt.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
93236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 15:45:41 GMT
expires
Fri, 03 Jan 2025 15:45:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3DCA 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1cc0e91420a0cc4ee77dd8abc2944a92779d0f7619e35d9e773cdd957771e0b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nRSzCqpxOJL5moPwIwxnkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://insurance.klpt.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nRSzCqpxOJL5moPwIwxnkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 17:39:38 GMT
expires
Fri, 05 Jan 2024 17:39:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6950 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
76795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 20:19:42 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 584C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 21:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 01 Apr 2024 21:56:15 GMT
43280567f396343d5424196559bfbf8c.js
www.gstatic.com/mysidia/ Frame 584C 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/43280567f396343d5424196559bfbf8c.js?tag=video_mra/web_interstitial_raspberry_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be779b0e322b81f76bc00f275690c7a6b7f3cb407bdf383874080af920808c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 20:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54724
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 01 Apr 2024 20:20:07 GMT
css
fonts.googleapis.com/ Frame 584C 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 17:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 16:42:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 17:39:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 584C 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
10971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 584C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
10994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 584C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 584C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 14:36:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 584C 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:39:38 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 584C 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 13:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 02 Apr 2024 13:35:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3DCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=1515411477380651&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame F088 		75 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=*!%7Cu%7C9*An3H&33=-8&3934=oPNmR*~SWr.ZocWZSd.WL)%3D%3D&os=WcbYYc*ncVX7XVc*VfW&!49u=b&DS9T=b&34o=WWYn&CS3F=Bn*X&3s4=VP-LtcEn-&3us4=7n*W7fYnb&SsHF=W*bO*bb&S3=R)&3jlD=~)LwIx(&9s4=VRIWzPtL7&C9s4=EBYYvVE&jCC9S=W&uuu=CHL6jB3Q6BeXMOgw!u.gRo)v.P9HjPuo~~8*d4tZx8Y%3D&lSF=7&QZ=W&d!4=Y&T4CW=VP-W8JzYn&T4Cf=nnc*XW7nV&q4TCT=S4f%3DldQQiCC%3DbisduQeQ%3DWbidQDe9%3DbkWbWni5!Fu9D%3Dbk7*ioZeFO3%3DbkVXiosSeS4%3DWW*iduQeu9Seq%3DVkfVi45Deq%3DbkVYi43f%3DWiS34%3Dl2iuTF%3Db%2CbioeTSl%3DcbWi45DeQ%3DfbioQfueS4%3DfbfYbWbYfWisduQeq%3Dc*bkYciduQeCG3%3DbiduQeufTeq%3DbiSC4%3DTSZsUCeXej5SCiuTC%3Dbkbbb%2CbiQTSC%3Di3o5!%3DYk*YiosSeduQeq%3Dbk7*ioQfueseS4%3DfbfYbWbYfWis9%3DWX~tIT.PQDBRS!KZoXMgf!iUqq%3DbiosSeduQeQ%3Dbiuss9dT%3DV%2CXiFC%3DW7iu3%3DWioQfueseq%3DbkbYiu9SeS4%3DfbfYbWbYWViosSeq%3DcnbkWfiuT4o%3Dbkbbb%2CbiduQeq%3DWknWioQfueduQeq%3DbioQfueduQeos%3DW16W*iduQeCos%3DbiduQeQ%3DWbiSQo%3DYckX*i!3TC%3D7bb7cWiqq%3DWX*ioo%3Dbi3oQfueS4%3DWfniuUo%3DYbkfYiQfueq%3DWbbbiFu9D%3Dbk7*ioQfueduQeG3%3Db1bi9Sse3%3DW%2CW%2Cb%2Cb%2Cb%2Cb%2Cb%2CbiqD%3DWi9Sse4%3DbiuGF%3Db%2CbiuT49%3Dbkbbb%2CbiTn9eq%3DVkbf%2CXWkcXiSs4%3D7n*W7fYnbiS4%3Dbids4%3DnnXVjBjuCb8G1l*QA.iduQeu9SeG3%3Dbi3oQfueq%3DYk*YiqC4%3Dc77XfbcWf77f7c7nVnWWW7bYVbcYWWfWXbW7*f7cY7cWVnVbVfcfX7*nW7cWXYbXX*YnbX77nbcVVWc7nYccXc*n7XYWYWcfV7c7YVVioZd%3DbkVXi4f9eQ%3DWbi3oQf%3DYk*Yin93U%3DXXXkV7idsD%3Dbi5!eDSj%3Dbk*7iuGC%3Dbkbbb%2Cbi4DDeSCu!%3DjTuD5l2i4f9eq%3DWi5!4f9eq%3DbkX7iSS%3Dx)i33%3D-8idsZ%3D6Wi3F%3Dbiu9Seq%3DWb7k7*iduQeSu9Seq%3DVkfViu3o%3DYbkfYiPt%3DnbVniuGZ9%3Dbkbbb%2CbiGqed3%3D6filCS%3DfiGqe33GS%3D6fi3C%3DlFZ%2025uGiqSSemEM%3Dx)%2Cx)iuGZ4%3Dbkbbb%2CbiqTSsSf%3DWX*iq4C%3DWcbYYc*ncciqTSsSW%3DWX*isSLFU%3DbisSsU%3DbiduQeu93eq%3Dbiqs4%3Dbk7*i43%3DViduQeu9Seuo%3DbioQfueq%3Dckffi3q49%3Dbk7WbisC29Fes4%3DWciSFQQFueCT!es4%3DTSZsUCeXej5SCiSd99Q2eCT!es4%3Di4FCF3CF4eCT!es4%3DTSZsUCeXej5SCiosFZTqsQsC2%3DbkVXi95S%3DWiT3eC29F%3DWiT4qQG%3DWVWffcWVbniTD9%3DWi5!qs4%3Dbk7*biqUQu%3DbkbWbiSds4%3Di4C3%3DZFSCe5ui4DDeFu9D%3DUTQSFi4DD%3DjTuD5l2iq493T94%3Dbi4TQ!%3DdlsS5lfciS!DC%3D~5DFetlSduTl3FiS5q9%3Dbk7iOs4%3D)aA69dq6fXYbbnfccVXXcbX*ijCDQ%3DWiT4e95S%3D%7B%22C%22%3AW%2C%229%22%3AY%7Di43dC%3DWbi45!q%3Db6Wisq3%3DWilSH%3DfiC!S%3DWfbO*bb%7CW*bO*bbiqSq%3DbiqS9%3DbiCDO%3DWcV&lCo=b&DDD=dA5SxUtaK1G%3D&sZ=b&sltUu=W&q4ut4=Y*b&qs4=nYXb*Y&D3U=c*7Xf&24S9u=W&qTF=gOFxxOY%2FOOigOFxxOYTOOiYFF&GTC9uF=W&3T45DTsl=CHL6jB3Q6B6~8jxYf6ddUA9NFd7vHUIuHZdYSJ(z!)Jz.9K6evrNl)%3D%3D&29Q9=W&sSs4=7&T4o=tlSs4Fu%20Pj5s3FS&SSD3ueoFu=7&9!s4=9bW*YVVXcWVWCfbfYbWb7WcnX&SSQ4=%7B%22SSs9%22%3A%22f*bb%3AbVbn%3AbTVV%3Abbbb%3Abbbb%3Abbbb%3Abbbb%3Abbbb%22%2C%22SS33%22%3A%22-8%22%2C%22SSS3%22%3A%22x(%22%2C%22SS3C2%22%3A%22lFZ%2025uG%22%7D&jCDQSu3=W&sflct=6055235&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CURI7T3U&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f802f7568ab489d68e0b686f9a2efd81983e69e151c72e25d8236681b811a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
30491
content-type
text/html
date
Fri, 05 Jan 2024 17:39:38 GMT
expires
Fri, 05 Jan 2024 17:39:38 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-6jjb
bping.php
lg3.media.net/ Frame 4E3E 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2452&&vgd_cdv=1143&vgd_cage=0&vgd_tsce=L369&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CURI7T3U&crid=536152430&vi=1704476378959876821&ugd=4&lf=6&cc=US&sc=PA&lper=100&wsip=170785157&r=1704476378234&rrr=tzR-hLcl-L_9WxBMgrjBPvAFjCpzhCrvHHS6udIwNS4%3D&requrl=https%3A%2F%2Finsurance.klpt.org%2F&vgde_bdata=QOfvzxjj~77v9~8xLjMjvu9~xjYMEv9.u9uA~myJLEYv9.XF~eBMJ-Nv9.Wi~e8QMQOvuuF~xLjMLEQMGvW.fW~OmYMGv9.WH~ONfvu~QNOvz5~L1Jv9%2C9~eM1Qzvh9u~OmYMjvf9~ejfLMQOvf9fH9u9Hfu~8xLjMGvhF9.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MiMwmQ7~L17v9.999%2C9~j1Q7v~NemyvH.FH~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9Hfu~8EvuiqVa1d%3DjYT0Qy%20BeipRfy~kGGv9~e8QMxLjMjv9~L88Ex1vW%2Ci~J7vuX~LNvu~ejfLM8MGv9.9H~LEQMQOvf9fH9u9HuW~e8QMGvhA9.uf~L1Oev9.999%2C9~xLjMGvu.Au~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevHh.iF~yN17vX99Xhu~GGvuiF~eev9~NejfLMQOvufA~LkevH9.fH~jfLMGvu999~JLEYv9.XF~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvW.9f%2Ciu.hi~Q8OvXAFuXfHA9~QOv9~x8OvAAiWwTwL79bU4zFjtd~xLjMLEQMUNv9~NejfLMGvH.FH~G7OvhXXif9hufXXfXhXAWAuuuX9HW9hHuufui9uXFfXhHXhuWAW9WfhfiXFAuXhuiH9iiFHA9iXXA9hWWuhXAHhhihFAXiHuHuhfWXhXHWW~eBxv9.Wi~OfEMjvu9~NejfvH.FH~AENkviii.WX~x8Yv9~myMYQwv9.FX~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvu9X.XF~xLjMQLEQMGvW.fW~LNevH9.fH~%3DVvA9WA~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~GO7vuh9HHhFAhh~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.XF~ONvW~xLjMLEQMLev9~ejfLMGvh.ff~NGOEv9.Xu9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MiMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MiMwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.XF9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzfh~QyY7vqmYJMVzQxL1zNJ~QmGEv9.X~-8OvKrtoExGofiH99AfhhWiih9iF~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vu9~OmyGv9ou~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vuhW&ssld=%7B%22QQ8E%22%3A%22fF99%3A9W9A%3A91WW%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22zJBn5mLU%22%7D&vgd_bid=349064&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=701&vgd_rakh=1704476378186954817&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_pgid=p01648897181t202401051739&vgd_pgids=1&vgd_uspa=0&hvsid=00001704476378231034604565962316&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.240.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-240-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 05 Jan 2024 17:39:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 05 Jan 2024 17:39:38 GMT
checksync.php
contextual.media.net/ Frame 2852 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
221adf03a69aba45c3a275a4f03ffdb4caa1da06ac2dbc770221e1ff5f2eb988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
9650
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 17:39:38 GMT
expires
Sun, 07 Jan 2024 17:39:38 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 4E3E 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6286&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CU1SGZ43&reqid=ce2_aMNqhAcK6yhhyjDRmw&vid=ce2_aMNqhAcK6yhhyjDRmw&dn=insurance.klpt.org&rawDn=insurance.klpt.org&requrl_dn=insurance.klpt.org&pid=8PR113JGC&ugd=4&fleet=ebda&requrl=https%3A%2F%2Finsurance.klpt.org&cliIPV6=2600%3A0803%3A0a88%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NY&ct=new+york&zip=10004&pubid=pub-ADX-118903234488&tgtval=pub-ADX-118903234488&csip=rtb-ebda-59988cc7cb-h275b.OR&dtc=west_or&zone=b&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=701&sckfl=0&sckfl2=0&smbrid=adx-1&cxtSgmt=Home_Insurance&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm4XLCW34UBTJ7kYnL_eE5aY1EfSMQ5eo8sxrcFqRGKpkkGf2AOZfWm02ZhmyC9ooUg6&pexid=ADX-pub-2940032778997096&geoll=false&is_ortb=false&commit_id=b5e4e074&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-05+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=137&req_tid_present=false&pvid=460&prvAccId=536152430&prvApiId=8CURI7T3U&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=337691538&prspt=headerBid&prvReqId=8044297406070_23326522_3376915384601&size=160x600&chnl=HARMONY&bdp=0.560&bid_uuid=49c9a2b516ec512d89dfbc7d3763a879&cbdp=0.51&og_cbdp=0.560&ogbdp=0.56&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.insiderchoices.net&dfpBd=0.51&dsrc=-2&dp=0&dbf=1&epc=536152430&s=1&snm=SUCCESS&pcrid=8CURI7T3U-536152430-1-16&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=89&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704476377390&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.56&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700090000747800160060010000300&strg=HARMONY&stagid=aswift_9_host&pgcatiab=IAB13-6&pgcatiab2=400&pgcatsprig=467&vls=0&scrid=1700090000747800160060010000300&mang=1&pvdTmax=178&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CURI7T3U&mx_SPRIG=1&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CU1SGZ43&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=1&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=2&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=b29c8b4d64&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23prll_req%3Afalse%23%23RealTimeValidBid%3A1hr%23%23bsNed%3AnoAdd%23%23BF_store%3AREDIS%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23Mcid%3ADEFAULT%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&mx_isNed=1&is_video_cmp=false&acid=3fb7d0128c15c69e6d206c75f1f9f173&rtime=21.0&wsip=mowx-566d4c44f6-ngrlw&ltime=56.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=1812271803&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=3fb7d0128c15c69e6d206c75f1f9f173_1&policy_enf=2&pub_blk_enf=1&req_size=120x600%7C160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_9_host&feedback_id=ce2_aMNqhAcK6yhhyjDRmw_1&supplyTagId=1812271803&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=60753%23%23100166%23%2360537%23%23100273%23%2360780&debug_ts=2024-01-05+17%3A39%3A37&__expireat=1704476977644&mview=1&sc_pvid=294&sc_dp=0&sc_bdp=0.500&sc_cbdp=0.500&sc_ogbdp=0.5&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.560&lo_cbdp=0.51&actltime=56&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D10~ulm_p%3D0.1013~ogerpm%3D0.56~vw_exc%3D0.89~vis_sd%3D116~url_rps_b%3D8.28~dom_b%3D0.84~dc2%3D1~scd%3Dny~rae%3D0%2C0~v_asn%3D701~dom_l%3D20~vl2r_sd%3D2024010421~iurl_b%3D760.47~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_9_host~rat%3D0.000%2C0~last%3D~cvog%3D4.64~vis_url_b%3D0.56~vl2r_i_sd%3D2024010421~ip%3D19HIOajClmLPsgqwv9WB2g~fbb%3D0~vis_url_l%3D0~riipua%3D8%2C9~et%3D15~rc%3D1~vl2r_i_b%3D0.04~rps_sd%3D2024010418~vis_b%3D730.12~radv%3D0.000%2C0~url_b%3D1.31~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~slv%3D47.96~gcat%3D500571~bb%3D196~vv%3D0~cvl2r_sd%3D123~rfv%3D40.24~l2r_b%3D1000~erpm%3D0.56~vl2r_url_kc%3D0E0~psi_c%3D1%2C1%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~rke%3D0%2C0~radp%3D0.000%2C0~a3p_b%3D8.02%2C91.79~sid%3D536152430~sd%3D0~uid%3D3398hLhrt0SkEn6lXj~url_rps_kc%3D0~cvl2r_b%3D4.64~btd%3D7559207125525753831115048074112190156257457183808272956315719409964309553078817534779763594141728575488~vwu%3D0.89~d2p_l%3D10~cvl2%3D4.64~3pcf%3D999.85~uim%3D0~og_msh%3D0.65~rkt%3D0.000%2C0~dmm_strg%3Dharmony~d2p_b%3D1~ogd2p_b%3D0.95~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D105.56~url_srps_b%3D8.28~rcv%3D40.24~CI%3D3083~rkwp%3D0.000%2C0~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~ct%3Dnew%20york~bss_KTW%3DNA%2CNA~rkwd%3D0.000%2C0~basis2%3D196~bdt%3D1704476377~basis1%3D196~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.56~dc%3D8~url_rps_rv%3D0~vl2r_b%3D7.22~cbdp%3D0.510%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_9_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_9_host%7Eviewability%3D0.89%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1812271803%7Eamp%3D1%7Eogbid%3D0.560%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison27%7Esgmt%3DHome_Insurance%7Esobp%3D0.5%7Exid%3DADX-pub-2940032778997096%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A1%2C%22p%22%3A4%7D%7Edcut%3D10%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D178&utime=856&sf=0&cpr=0.776658365029177
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 05 Jan 2024 17:39:38 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 1021 		79 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2700&&kkdd=*!%7C!%7C9*huAWn3H&aP=b-NKK-4y-OI-TbLT-4K&7iQo=N&*MQj=N&Fia=bbKy&2MF8=Yy4L&FPi=OndT1wbGe&FQFi=Ay8Lzu_g!b0~dh7gcJiAPm%3D%3D&FoPi=TbIOKON-b&MP!8=b4Ng4NN&FF=dl&MF=GD&FA~*=M**B*P7oj2P(~B28M2&QPi=OGkwK_IOV&2QPi=0b0T0qk&A22QM=b&ooo=2!1CAYFvCYBLRgtp7oHtGaDqHnQ!AnoaWWl4Zi9m_lK%3D&~M8=T&vm=b&Z7i=K&ji2b=OndblVrKy&ji2I=yy-4LbTyO&zij2j=MiI%3D~Zvv3PZovBv%3DbN3(78oQ*%3DN6y43i(*Bz%3DN6-43MFi%3D~u3oj8%3DN%2CN3i(*Bv%3DIN3avIoBMi%3DINIKNbNKIb3PZovBz%3D-4N6K-3ZovB25F%3DN3ZovBoIjBz%3DN3M2i%3DjMmPJ2BNBA(M23oj2%3DN6NNN%2CN3PQ%3DbLW9kjHnv*YGM7xmaLRtI73Jzz%3DN3oPPQZj%3DO%2CL3oF%3Db3oQMBMi%3DINIKNbNTN-3ojia%3DN6NNN%2CN3ZovBz%3Db6yb3avIoBZovBz%3DN3M**Bmo%3DyO6LK4y3ZovBv%3DbN3Mva%3D446II37Fj2%3DTNNT-b3zz%3DbL43M**B*Zv%3DN6OK38oQ*%3DN6y43avIoBZovB5F%3DN)N3QMPBF%3Db%2Cb%2CN%2CN%2CN%2CN%2CN%2CN3z*%3Db3QMPBi%3DN3o58%3DN%2CN3jyQBz%3DK64%2CbbL6bO3Mi%3DN3ZPi%3DyyLOAqPu4I-54iiM~a3FavIoBz%3DI64-3z2i%3D-TTLIN-bI-4bb4TK-LLy44IOOI4y4ILyON-4O-bbT-TIyIyNOLN-TNIOLL444yy-I4-IN-4Ty44ObLO-OLIbKLL4444NKLKIKyI44T43ZP*%3DN3o52%3DN6NNN%2CN3(7iIQBz%3DN6LO3MM%3D_D3FF%3Ddl3ZPm%3DCb3F8%3DN3oFa%3DKN6IK3n9%3DyNOy35zBZF%3DCI3~2M%3DI35zBFF5M%3DCI3F2%3D~8m%20u(o53zMMBS0R%3D_D%2C_D3zjMPMI%3DbL43zi2%3Db-NKK-4y--3zjMPMb%3DbL43iF%3DO3avIoBz%3DK6bK3Zv*BQ%3DN6bNby3amB8gF%3DN6OL3aPMBMi%3Dbb43ZovBoQMBz%3DO6IO3iFI%3Db3aBjM~%3D-Nb3vjM2%3D3Fa(7%3DI64-3aPMBZovBz%3DN6T43avIoBPBMi%3DINIKNbNTNy3aPMBZovBv%3DN382%3DbT3avIoBPBz%3DN6NI3aPMBz%3D-IL6Ny3avIoBZovBaP%3Db)Cb43ZovB2aP%3DN3aa%3DN3FavIoBMi%3DbIy3oJa%3DKN6IK3vIoBz%3DbNNN3M**BMi%3DINIKNbNTN-3ojiQ%3DN6NNN%2CN3MPi%3DTbIOKON-b3ZovBoQMB5F%3DN3amZ%3DN6OL3iIQBv%3DbN3FavI%3DI64-3yQFJ%3DLLL6OT3(7B*MA%3DN6yL3i**BM2o7%3DM**B*P7oj2P(~B28M23iIQBz%3DN6LO3oQMBz%3DbbL6bO3ZovBMoQMBz%3DO6IO3o5mQ%3DN6NNN%2CN3o5mi%3DN6NNN%2CN3PM18J%3DN3PMPJ%3DN3ZovBoQFBz%3DN3zPi%3DN6y3ZovBoQMBoa%3DN3FziQ%3DN6yNN3P2uQ8BPi%3Db-3M8vv8oB2j7BPi%3DjMmPJ2BNBA(M23MZQQvuB2j7BPi%3D3i828F28iB2j7BPi%3DjMmPJ2BNBA(M23aP8mjzPvP2u%3DN6OL3Q(M%3Db3jFB2uQ8%3Db3jizv5%3DbObII-bONK3j*Q%3Db3(7zPi%3DN6y4N3zJvo%3DN6NbN3MZPi%3D3i2F%3Dm8M2B(o3i**B8oQ*%3DJjvM83i**%3DM**B*P7oj2P(~B28M23ziQFjQi%3DN3ijv7%3DM**3M7*2%3DW(*8B9~MZoj~F83M(zQ%3DN6N43gPi%3DDXcCQZzCILKNNyI--OLL-NL43A2*v%3Db3jiBQ(M%3D%7B%222%22%3AN%2C%22Q%22%3AK%7D3M**BjQP%3Dab3PzF%3Db3~M!%3DI327M%3DbINg4NN%7Cb4Ng4NN3zMz%3DN3zMQ%3DN32*g%3DbOK&~2a=N&***=Zc(M_J9Xx)5%3D&Pm=N&P~9Jo=b&zio9i=ILK&zPi=yy-LLO&*FJ=-4TLI&uiMQo=b&zj8=tg8__gK%2Fgg3tg8__gKjgg3K88&5j2Qo8=b&5j2zPi=CbNI&uQvQ=b&PMPi=I&MM*FoBa8o=T&Q7Pi=QNb4KOOL-bOb2INIKNbNTb-yL&MMvi=%7B%22MMPQ%22%3A%22I4NN%3ANONy%3ANjOO%3ANNNN%3ANNNN%3ANNNN%3ANNNN%3ANNNN%22%2C%22MMFF%22%3A%22dl%22%2C%22MMMF%22%3A%22_s%22%2C%22MMF2u%22%3A%22~8m%20u(o5%22%7D&Q8oJ=b&A2*vMoF=b&sflct=451046&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db2e23ae7605eb424febdcf6162d44863af06c17416f1fa998f2a56aff300770
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
30628
content-type
text/html
date
Fri, 05 Jan 2024 17:39:38 GMT
expires
Fri, 05 Jan 2024 17:39:38 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-cgmb
bping.php
lg3.media.net/ Frame 1CE3 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2549&&vgd_cdv=1143&vgd_cage=0&vgd_tsce=L369&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=512848071&vi=1704476378275195764&ugd=4&lf=6&cc=US&sc=PA&lper=100&wsip=170785157&r=1704476378318&rrr=tzR-hLcl-L_9WxBMgrjBPvAFjCpzhCrvHHS6udIwNS4%3D&requrl=https%3A%2F%2Finsurance.klpt.org%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.AF~OmYMGv9.hF~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9Hfu~8xLjMGvhF9.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7M9MwmQ7~L17v9.999%2C9~8EvuiqVa1d%3DjYT0Qy%20BeipRfy~kGGv9~L88Ex1vW%2Ci~LNvu~LEQMQOvf9fH9u9X9h~L1Oev9.999%2C9~xLjMGvu.Au~ejfLMxLjMGv9~QYYMBLvAW.iHFA~xLjMjvu9~QjevFF.ff~yN17vX99Xhu~GGvuiF~QYYMYxjv9.WH~JLEYv9.AF~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvH.F%2Cuui.uW~QOv9~x8OvAAiWws85FfhUFOOQze~NejfLMGvf.Fh~G7OvhXXif9hufhFuuFXHhiiAFFfWWfFAFfiAW9hFWhuuXhXfAfA9Wi9hX9fWiiFFFAAhfFhf9hFXAFFWuiWhWifuHiiFFFF9HiHfHAfFFXF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevH9.fH~%3DVvA9WA~UGMxNvof~z7Qvf~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HHhFAhh~G1Q8QuvuiF~ONvW~ejfLMGvH.uH~xjYMEv9.u9uA~eBMJ-Nv9.Wi~e8QMQOvuuF~xLjMLEQMGvW.fW~ONfvu~eM1Qzvh9u~j1Q7v~Nemyvf.Fh~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9X9A~e8QMxLjMjv9~J7vuX~ejfLM8MGv9.9f~e8QMGvhfi.9A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvufA~LkevH9.fH~jfLMGvu999~QYYMQOvf9fH9u9X9h~L1OEv9.999%2C9~Q8OvXufWHW9hu~xLjMLEQMUNv9~eBxv9.Wi~OfEMjvu9~Nejfvf.Fh~AENkviii.WX~myMYQwv9.Ai~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvuui.uW~xLjMQLEQMGvW.fW~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.A~xLjMLEQMLev9~NGOEv9.A99~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.AF9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vqmYJMVzQxL1zNJ~QmGEv9.9F~-8OvKrtoExGofiH99AfhhWiih9iF~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~QYYM1E8veu~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vuWH&ssld=%7B%22QQ8E%22%3A%22fF99%3A9W9A%3A91WW%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22zJBn5mLU%22%7D&vgd_bid=337998&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=701&vgd_rakh=1704476378101085517&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_pgid=p01648897181t202401051739&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&hvsid=00001704476378313034604565964552&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.240.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-240-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 05 Jan 2024 17:39:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 05 Jan 2024 17:39:38 GMT
checksync.php
contextual.media.net/ Frame 0332 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
221adf03a69aba45c3a275a4f03ffdb4caa1da06ac2dbc770221e1ff5f2eb988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
9650
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 17:39:38 GMT
expires
Sun, 07 Jan 2024 17:39:38 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 1CE3 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6405&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CU1SGZ43&reqid=Jzr4LrXTAQhd5NQLKabfhA&vid=Jzr4LrXTAQhd5NQLKabfhA&dn=insurance.klpt.org&rawDn=insurance.klpt.org&requrl_dn=insurance.klpt.org&pid=8PR113JGC&ugd=4&fleet=ebda&requrl=https%3A%2F%2Finsurance.klpt.org&cliIPV6=2600%3A0803%3A0a88%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NY&ct=new+york&zip=10004&pubid=pub-ADX-118903234488&tgtval=pub-ADX-118903234488&csip=rtb-ebda-59988cc7cb-w257m.OR&dtc=west_or&zone=b&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=701&sckfl=0&sckfl2=0&smbrid=adx-1&cxtSgmt=Home_Insurance&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm6KPcp8ULlEHHvaWYccvRQeU5T8madz_gHQO9_hMTjpfwvGuBvIOiSS_6plcDpM60Tn&pexid=ADX-pub-2940032778997096&geoll=false&is_ortb=false&commit_id=b5e4e074&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-05+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=114&req_tid_present=false&pvid=294&prvAccId=512848071&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=337691538&prspt=headerBid&prvReqId=5285577814603_514043356_3376915382941&size=160x600&chnl=smm_migration_test&bdp=0.360&bid_uuid=b531584bd39ad12544c6268aefeda47b&cbdp=0.3&og_cbdp=0.360&ogbdp=0.36&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.3&dsrc=-2&dp=0&dbf=1&epc=512848071&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-512848071-1-0&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=89&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704476377373&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.36&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080800127000160060000025600&strg=smm_migration_test&stagid=aswift_0_host&pgcatiab=IAB13-6&pgcatiab2=400&pgcatsprig=467&vls=0&scrid=1700080800127000160060000025600&mang=1&pvdTmax=184&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU5RJ1PV&mx_SPRIG=1&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CU1SGZ43&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=1&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=2&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=NtDT08VU7jiq&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=b29c8b4d64&mx_exp_tokens%3C%3E=NedCkfl%3Aall_blk%23%23IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23launchexp%3Atoken1%23%23NedCkflWithData%3Aall_blk%23%23BF_store%3AREDIS%23%23Mcid%3Atoken_2%23%23RealTimeValidBid%3A15m%23%23BssTgtMig%3Abkt%23%23bsNed%3AvalidBid%23%23prll_req%3Atrue&mx_isNed=1&is_video_cmp=false&acid=030d995dfd0a4edc93cb14a58d8958e0&rtime=22.0&wsip=mowx-566d4c44f6-lscj6&ltime=41.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=1812271804&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=030d995dfd0a4edc93cb14a58d8958e0_1&policy_enf=2&pub_blk_enf=1&req_size=120x600%7C160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_0_host&feedback_id=Jzr4LrXTAQhd5NQLKabfhA_1&supplyTagId=1812271804&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=60753%23%23100166%23%2360537%23%23100273%23%2360780&debug_ts=2024-01-05+17%3A39%3A37&__expireat=1704476977625&mview=1&sc_pvid=460&sc_dp=0&sc_bdp=0.060&sc_cbdp=0.060&sc_ogbdp=0.06&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&lo_pvid=%5B294%5D&lo_dp=0&lo_bdp=0.360&lo_cbdp=0.3&actltime=41&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.36~dom_b%3D0.76~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2024010421~iurl_b%3D760.47~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_0_host~rat%3D0.000%2C0~ip%3D19HIOajClmLPsgqwv9WB2g~fbb%3D0~riipua%3D8%2C9~rc%3D1~rps_sd%3D2024010507~radv%3D0.000%2C0~url_b%3D1.31~vl2r_url_b%3D0~smm_wr%3D38.9463~url_l%3D10~slv%3D66.22~gcat%3D500571~bb%3D196~smm_mul%3D0.84~erpm%3D0.36~vl2r_url_kc%3D0E0~psi_c%3D1%2C1%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~rke%3D0%2C0~a3p_b%3D4.6%2C119.18~sd%3D0~uid%3D3398hFiy627k6ddsnv~cvl2r_b%3D2.67~btd%3D7559207127611654799366288263629380768711575232308907502899666337267207653668198789214996666049424326656~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rcv%3D40.24~CI%3D3083~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~ct%3Dnew%20york~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1704476377~basis1%3D196~dc%3D8~vl2r_b%3D4.14~ulm_p%3D0.1013~vw_exc%3D0.89~vis_sd%3D116~url_rps_b%3D8.28~dc2%3D1~v_asn%3D701~last%3D~cvog%3D2.67~vis_url_b%3D0.56~vl2r_i_sd%3D2024010503~vis_url_l%3D0~et%3D15~vl2r_i_b%3D0.02~vis_b%3D729.03~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D123~rfv%3D40.24~l2r_b%3D1000~smm_sd%3D2024010507~radp%3D0.000%2C0~sid%3D512848071~url_rps_kc%3D0~vwu%3D0.89~d2p_l%3D10~cvl2%3D2.67~3pcf%3D999.85~og_msh%3D0.39~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.98~rps_b%3D119.18~url_srps_b%3D8.28~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.3~url_rps_rv%3D0~cbdp%3D0.300%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_0_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_0_host%7Eviewability%3D0.89%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1812271804%7Eamp%3D1%7Eogbid%3D0.360%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Esgmt%3DHome_Insurance%7Esobp%3D0.06%7Exid%3DADX-pub-2940032778997096%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A0%2C%22p%22%3A4%7D%7Esmm_api%3Dv1~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D184&utime=960&sf=0&cpr=0.07744197054216428
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 05 Jan 2024 17:39:38 GMT
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 28A2 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 08:05:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
207264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 08:05:14 GMT
generate_204
tpc.googlesyndication.com/ Frame 6950 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dtsXYA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 2852
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3NDc3OTc4NTY1OTY2MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEN6vIvmRysh25BxO14cDMKE&google_cver=1
57 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEN6vIvmRysh25BxO14cDMKE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.160.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 17:39:38 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Fri, 05 Jan 2024 17:39:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEN6vIvmRysh25BxO14cDMKE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0332
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3NDc3OTc4NTY1OTY2MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMP5x-Uc8vjqjnFxUH5CNtE&google_cver=1
57 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMP5x-Uc8vjqjnFxUH5CNtE&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU1SGZ43&prvid=462%2C99%2C77%2C20000%2C313%2C229%2C319%2C294%2C460&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.160.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 17:39:38 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Fri, 05 Jan 2024 17:39:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMP5x-Uc8vjqjnFxUH5CNtE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bql.php
lg3.media.net/ Frame 1021 		15 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6832&&vgd_canary=0&vgd_l2type=scs_newfl&fp=NY5plQUbepCNKd_Jb2VeYPbK02ioPQ_TrX9deelecPeQ3YPKlE6UBGw6cic6ZSz78WSGCGV4BEmA9QY1LwE7jqQvOi3G1QgUS0Qg4CPWiyI749Cyf4fAketCm65DQDopxFFqD-_M0pordV0z6p9dPg%3D%3D&cme=SvRUeXBvSU0E7SIHKwkvzvkKd3AFUQMNUu0tyhZ2kJ4yYUUAyG_AJY953sUy9GPln0q5Xo__Z4lSs9WvMADYi_y2JfdkSJCnMgXDPbhwiljd3DoXgGotGdziL-yKZHuTldHo2d1AXySv7OEJ83A-K1DkBcE0ztKfjZn6jY4aPxhLtldmBdfwDesPq6GFtEvTPD-9tPyXe6KYDZBwFTznwVQEHm_CF0JLHnZnzNWSSyMUXS8pKb6IEg%3D%3D%7C%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD5AAH7yxQ8toscQwLB9H8PQvIlPcpkKa6BZv_c6fk0QNA%3D%3D%7Cb8KlCmE6kTENKxSBIehsQLbXBNKeHPZV%7CUrq5LXjBN9_lNYlsJzE0gDewH0gdDyAPN6UFj5av6u-S9f3eHZscrD0rP3Rqac5WIhlEPviNPgQXBquav1zhi1YWHw4KL_rEFtKUK_4wnB3yzsDYMs6CwLTP89lgwHiglMFGQFQ_tjJzbBPu4g6GHiVwWrChj7kCUcbYg5UfrOUtXg_PSaEgNcoIQIcUu806xor-80p9BiCFj_181_xdcp8POxq9-YYOnxkGY4A7d7DTe1eMg6tlg9b9NLg9JHphWB1PaIjmu67F0DFaI7TW8ta5v_dlR7OJanI3NMUk9TAs3jMnsgDGdQ%3D%3D%7Cu8A6SM53vAeV5r4ww6ldE8TMDOtCsF6e%7Cqk5jDP-Bqht8AUEIoCxyGGxeRRMQBwSB%7C&subBdr=196&bdrid=294&ksu=355&fdkt=267&vgde_kbbh=ffoyxQJuO&kwd[]=10+Best+Auto+Insurance+Companies&kwt[]=267&kbc[]=57678&kwp[]=1&kid[]=329984690&kbc2[]=3%3D0.58%7C4%3D4.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.4017%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.720%7C1%3D2.38%7C2%3D4.32&ktd[]=36029071913779456&kwd[]=Cheap+Car+Insurance+in+2023&kwt[]=267&kbc[]=57678&kwp[]=2&kid[]=350578617&kbc2[]=3%3D0.00%7C4%3D3.13%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.2927%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.720%7C1%3D1.71%7C2%3D8.15&ktd[]=40532671541149952&kwd[]=7%25+Interest+Bank+Savings+Account&kwt[]=391&kbc[]=1262905965&kwp[]=3&kid[]=351038714&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D010420%7C13%3D0.3001%7C14%3D010510%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.523%7C1%3D2.56%7C2%3D9.16&ktd[]=4503874522251520&kwd[]=Car+Insurance+Cost&kwt[]=267&kbc[]=57678&kwp[]=4&kid[]=5078478&kbc2[]=3%3D1.06%7C4%3D3.96%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.2642%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.720%7C1%3D1.90%7C2%3D11.22&ktd[]=18014673421074688&kwd[]=Best+Car+Insurance+Companies+of+2023&kwt[]=267&kbc[]=57678&kwp[]=5&kid[]=330153150&kbc2[]=3%3D0.12%7C4%3D2.85%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.2484%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.720%7C1%3D1.32%7C2%3D8.72&ktd[]=36029071913779456&kwd[]=Highest-Rated+Furnace+Brands&kwt[]=267&kbc[]=57678&kwp[]=6&kid[]=351009215&kbc2[]=3%3D0.40%7C4%3D2.65%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0010%7C8%3D010420%7C13%3D0.2148%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.720%7C1%3D0.44%7C2%3D2.18&ktd[]=18014673404297472&kwd[]=Top+Home+Insurance+for+Seniors+in+2023&kwt[]=267&kbc[]=57678&kwp[]=7&kid[]=354627936&kbc2[]=3%3D0.38%7C4%3D3.85%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0010%7C8%3D010420%7C13%3D0.2125%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cps%3D0.720%7C1%3D0.88%7C2%3D4.43&ktd[]=36029621669593344&kwd[]=Upcoming+Stock-Split+Stocks+to+Buy&kwt[]=391&kbc[]=1262905965&kwp[]=8&kid[]=350867687&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.2374%7C14%3D010510%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.523%7C1%3D2.29%7C2%3D7.66&ktd[]=4503874522251520&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774659&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22zJBn5mLU%22%2C%22QQ8E%22%3A%22fF99%3A9W9A%3A91WW%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU5RJ1PV&vi=1704476378275195764&vsid=3474779785659661&tdAdd[]=asnum%3D701&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=1000&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L369-S369&vgd_l3_sc=PA&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=43000c82a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1704476378313&upk=1704476378.7930&hvsid=00001704476378313034604565964552&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&vgd_l1rakh=1704476378101085517&vgd_ecrid=1700080800127000160060000025600&vgd_isiolc=1&kbbq=%26asn%3D701&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3474779785659661&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.AF~OmYMGv9.hF~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9Hfu~8xLjMGvhF9.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7M9MwmQ7~L17v9.999%2C9~8EvuiqVa1d%3DjYT0Qy%20BeipRfy~kGGv9~L88Ex1vW%2Ci~LNvu~LEQMQOvf9fH9u9X9h~L1Oev9.999%2C9~xLjMGvu.Au~ejfLMxLjMGv9~QYYMBLvAW.iHFA~xLjMjvu9~QjevFF.ff~yN17vX99Xhu~GGvuiF~QYYMYxjv9.WH~JLEYv9.AF~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvH.F%2Cuui.uW~QOv9~x8OvAAiWws85FfhUFOOQze~NejfLMGvf.Fh~G7OvhXXif9hufhFuuFXHhiiAFFfWWfFAFfiAW9hFWhuuXhXfAfA9Wi9hX9fWiiFFFAAhfFhf9hFXAFFWuiWhWifuHiiFFFF9HiHfHAfFFXF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevH9.fH~%3DVvA9WA~UGMxNvof~z7Qvf~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HHhFAhh~G1Q8QuvuiF~ONvW~ejfLMGvH.uH~xjYMEv9.u9uA~eBMJ-Nv9.Wi~e8QMQOvuuF~xLjMLEQMGvW.fW~ONfvu~eM1Qzvh9u~j1Q7v~Nemyvf.Fh~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9X9A~e8QMxLjMjv9~J7vuX~ejfLM8MGv9.9f~e8QMGvhfi.9A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvufA~LkevH9.fH~jfLMGvu999~QYYMQOvf9fH9u9X9h~L1OEv9.999%2C9~Q8OvXufWHW9hu~xLjMLEQMUNv9~eBxv9.Wi~OfEMjvu9~Nejfvf.Fh~AENkviii.WX~myMYQwv9.Ai~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvuui.uW~xLjMQLEQMGvW.fW~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.A~xLjMLEQMLev9~NGOEv9.A99~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.AF9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vqmYJMVzQxL1zNJ~QmGEv9.9F~-8OvKrtoExGofiH99AfhhWiih9iF~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~QYYM1E8veu~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vuWH&vgd_cfud=220914&vgd_scsver=312&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=504&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1143&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=50&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=PA&vgd_l1rhst=contextual.media.net&hvsid=00001704476378313034604565964552&rc=0&rand=1704476378589&acid=030d995dfd0a4edc93cb14a58d8958e0&matm=1704476378589&vgd_ltimesrc=1&vgd_ltime=755&vgd_rtime=743&vgd_etm=16&vgd_l1hcsd=Otp9r%7C8731&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=5885&vgd_pgid=p01648897181t202401051739&vgd_csip=rtb-ebda-59988cc7cb-w257m.OR&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2700&&kkdd=*!%7C!%7C9*huAWn3H&aP=b-NKK-4y-OI-TbLT-4K&7iQo=N&*MQj=N&Fia=bbKy&2MF8=Yy4L&FPi=OndT1wbGe&FQFi=Ay8Lzu_g!b0~dh7gcJiAPm%3D%3D&FoPi=TbIOKON-b&MP!8=b4Ng4NN&FF=dl&MF=GD&FA~*=M**B*P7oj2P(~B28M2&QPi=OGkwK_IOV&2QPi=0b0T0qk&A22QM=b&ooo=2!1CAYFvCYBLRgtp7oHtGaDqHnQ!AnoaWWl4Zi9m_lK%3D&~M8=T&vm=b&Z7i=K&ji2b=OndblVrKy&ji2I=yy-4LbTyO&zij2j=MiI%3D~Zvv3PZovBv%3DbN3(78oQ*%3DN6y43i(*Bz%3DN6-43MFi%3D~u3oj8%3DN%2CN3i(*Bv%3DIN3avIoBMi%3DINIKNbNKIb3PZovBz%3D-4N6K-3ZovB25F%3DN3ZovBoIjBz%3DN3M2i%3DjMmPJ2BNBA(M23oj2%3DN6NNN%2CN3PQ%3DbLW9kjHnv*YGM7xmaLRtI73Jzz%3DN3oPPQZj%3DO%2CL3oF%3Db3oQMBMi%3DINIKNbNTN-3ojia%3DN6NNN%2CN3ZovBz%3Db6yb3avIoBZovBz%3DN3M**Bmo%3DyO6LK4y3ZovBv%3DbN3Mva%3D446II37Fj2%3DTNNT-b3zz%3DbL43M**B*Zv%3DN6OK38oQ*%3DN6y43avIoBZovB5F%3DN)N3QMPBF%3Db%2Cb%2CN%2CN%2CN%2CN%2CN%2CN3z*%3Db3QMPBi%3DN3o58%3DN%2CN3jyQBz%3DK64%2CbbL6bO3Mi%3DN3ZPi%3DyyLOAqPu4I-54iiM~a3FavIoBz%3DI64-3z2i%3D-TTLIN-bI-4bb4TK-LLy44IOOI4y4ILyON-4O-bbT-TIyIyNOLN-TNIOLL444yy-I4-IN-4Ty44ObLO-OLIbKLL4444NKLKIKyI44T43ZP*%3DN3o52%3DN6NNN%2CN3(7iIQBz%3DN6LO3MM%3D_D3FF%3Ddl3ZPm%3DCb3F8%3DN3oFa%3DKN6IK3n9%3DyNOy35zBZF%3DCI3~2M%3DI35zBFF5M%3DCI3F2%3D~8m%20u(o53zMMBS0R%3D_D%2C_D3zjMPMI%3DbL43zi2%3Db-NKK-4y--3zjMPMb%3DbL43iF%3DO3avIoBz%3DK6bK3Zv*BQ%3DN6bNby3amB8gF%3DN6OL3aPMBMi%3Dbb43ZovBoQMBz%3DO6IO3iFI%3Db3aBjM~%3D-Nb3vjM2%3D3Fa(7%3DI64-3aPMBZovBz%3DN6T43avIoBPBMi%3DINIKNbNTNy3aPMBZovBv%3DN382%3DbT3avIoBPBz%3DN6NI3aPMBz%3D-IL6Ny3avIoBZovBaP%3Db)Cb43ZovB2aP%3DN3aa%3DN3FavIoBMi%3DbIy3oJa%3DKN6IK3vIoBz%3DbNNN3M**BMi%3DINIKNbNTN-3ojiQ%3DN6NNN%2CN3MPi%3DTbIOKON-b3ZovBoQMB5F%3DN3amZ%3DN6OL3iIQBv%3DbN3FavI%3DI64-3yQFJ%3DLLL6OT3(7B*MA%3DN6yL3i**BM2o7%3DM**B*P7oj2P(~B28M23iIQBz%3DN6LO3oQMBz%3DbbL6bO3ZovBMoQMBz%3DO6IO3o5mQ%3DN6NNN%2CN3o5mi%3DN6NNN%2CN3PM18J%3DN3PMPJ%3DN3ZovBoQFBz%3DN3zPi%3DN6y3ZovBoQMBoa%3DN3FziQ%3DN6yNN3P2uQ8BPi%3Db-3M8vv8oB2j7BPi%3DjMmPJ2BNBA(M23MZQQvuB2j7BPi%3D3i828F28iB2j7BPi%3DjMmPJ2BNBA(M23aP8mjzPvP2u%3DN6OL3Q(M%3Db3jFB2uQ8%3Db3jizv5%3DbObII-bONK3j*Q%3Db3(7zPi%3DN6y4N3zJvo%3DN6NbN3MZPi%3D3i2F%3Dm8M2B(o3i**B8oQ*%3DJjvM83i**%3DM**B*P7oj2P(~B28M23ziQFjQi%3DN3ijv7%3DM**3M7*2%3DW(*8B9~MZoj~F83M(zQ%3DN6N43gPi%3DDXcCQZzCILKNNyI--OLL-NL43A2*v%3Db3jiBQ(M%3D%7B%222%22%3AN%2C%22Q%22%3AK%7D3M**BjQP%3Dab3PzF%3Db3~M!%3DI327M%3DbINg4NN%7Cb4Ng4NN3zMz%3DN3zMQ%3DN32*g%3DbOK&~2a=N&***=Zc(M_J9Xx)5%3D&Pm=N&P~9Jo=b&zio9i=ILK&zPi=yy-LLO&*FJ=-4TLI&uiMQo=b&zj8=tg8__gK%2Fgg3tg8__gKjgg3K88&5j2Qo8=b&5j2zPi=CbNI&uQvQ=b&PMPi=I&MM*FoBa8o=T&Q7Pi=QNb4KOOL-bOb2INIKNbNTb-yL&MMvi=%7B%22MMPQ%22%3A%22I4NN%3ANONy%3ANjOO%3ANNNN%3ANNNN%3ANNNN%3ANNNN%3ANNNN%22%2C%22MMFF%22%3A%22dl%22%2C%22MMMF%22%3A%22_s%22%2C%22MMF2u%22%3A%22~8m%20u(o5%22%7D&Q8oJ=b&A2*vMoF=b&sflct=451046&ure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.240.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-240-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 05 Jan 2024 17:39:38 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
15
Expires
Fri, 05 Jan 2024 17:39:38 GMT
bql.php
lg3.media.net/ Frame F088 		15 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5622&&vgd_canary=0&vgd_l2type=scs_newfl&fp=NY5plQUbepCNKd_Jb2VeYPbK02ioPQ_TtOeqbcyinCGB_F0PxTZnxnLL_bK8LPdLX1O6px4jBbKCKxclV2dSBpyFffknXi4X-0_QBJaMWdlglCaHskBo4B-RcwtwDa_IKPojxSDAq_6ePiSATKLF4A%3D%3D&cme=58DdsOa55KkVRjr59oc1nILzIv8xn8OFZHDG24fA4v5_xwLBhq1lv3S2JeZxyckpShu61G_sdrfiX46ebY2073BH0uPSpSEwAhgyaoA8xjqxuxS80iDE5UjMgnDMc2GvSCR3TZB0OJUQP041-FNjFPIVXTu_4R3rMxydtFNjM55wbpqKm7CDJPzMjf87YlasuClA_O5eUc9CIfG8ZizJCHvKuKl8h4HF5RfCec2_ilY%3D%7C%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7Cd8_1Kw8Os5OIe3KBIW-UPvv5GCIqGaziYwCHaWZLSTxq5DHO_lejUdhAK99unSTXvx_UgbGjLJIG_6ihzuo7gJPCiXAoKcinE9jDCufgdJmTPqqO8mpVub-yjPaz7zLvClbiZnQQs_GucBtnr9nBYPYNCLcymwTGjAt4NToB42v12q1SlYsdpA2aj3vG4UAn9cjk9gBXZKBzrlC4qLBEZHFuTHQ9RjewQXApLXOiv7nNhT0JcE6buLykoTyHmYD1jimqriV-0X2KCbe5lQFhJaR_s94aukB1uHS3Sza2LHogDEiyJhi9TA%3D%3D%7Cu8A6SM53vAeV5r4ww6ldE8TMDOtCsF6e%7Cqk5jDP-Bqht8AUEIoCxyGGxeRRMQBwSB%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD5AAH7yxQ8toscQwLB9H8PQvIlPcpkKa6BZv_c6fk0QNA%3D%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=267&vgde_kbbh=ffoyxQJuO&kwd[]=Cheap+Car+Insurance+in+2023&kwt[]=267&kbc[]=57678&kwp[]=1&kid[]=350578617&kbc2[]=3%3D0.00%7C4%3D4.06%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.1688%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cir%3D1%7Ciid%3D2451670%7Cps%3D0.720%7C1%3D1.63%7C2%3D7.05&ktd[]=40532672346456320&kwd[]=Best+Car+Insurance+Companies+of+2023&kwt[]=267&kbc[]=57678&kwp[]=2&kid[]=330153150&kbc2[]=3%3D0.10%7C4%3D3.21%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.1676%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cir%3D1%7Ciid%3D7137301%7Cps%3D0.720%7C1%3D0.94%7C2%3D5.51&ktd[]=36029072719085824&kwd[]=10+Best+Auto+Insurance+Companies&kwt[]=267&kbc[]=57678&kwp[]=3&kid[]=329984690&kbc2[]=3%3D0.59%7C4%3D4.29%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.1627%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cir%3D1%7Ciid%3D1424396%7Cps%3D0.720%7C1%3D2.47%7C2%3D3.75&ktd[]=36029072719085824&kwd[]=Car+Insurance+Cost&kwt[]=267&kbc[]=57678&kwp[]=4&kid[]=5078478&kbc2[]=3%3D0.88%7C4%3D3.96%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0007%7C8%3D010420%7C13%3D0.1584%7C14%3D010510%7Cokt%3D267%7Cbdkt%3D267%7Cir%3D1%7Ciid%3D1422021%7Cps%3D0.720%7C1%3D0.58%7C2%3D3.85&ktd[]=22518273853751552&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774710&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22zJBn5mLU%22%2C%22QQ8E%22%3A%22fF99%3A9W9A%3A91WW%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CURI7T3U&vi=1704476378959876821&vsid=3474779785659653&tdAdd[]=asnum%3D701&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L369-S369&vgd_l3_sc=PA&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000c82a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1704476378231&upk=1704476378.8529&hvsid=00001704476378231034604565962316&verid=3111299&sbdrId=196&tsrc=entity&vgd_l1rakh=1704476378186954817&vgd_ecrid=1700090000747800160060010000300&vgd_isiolc=1&kbbq=%26asn%3D701&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3474779785659653&vgde_bdata=QOfvzxjj~77v9~8xLjMjvu9~xjYMEv9.u9uA~myJLEYv9.XF~eBMJ-Nv9.Wi~e8QMQOvuuF~xLjMLEQMGvW.fW~OmYMGv9.WH~ONfvu~QNOvz5~L1Jv9%2C9~eM1Qzvh9u~OmYMjvf9~ejfLMQOvf9fH9u9Hfu~8xLjMGvhF9.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MiMwmQ7~L17v9.999%2C9~j1Q7v~NemyvH.FH~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9Hfu~8EvuiqVa1d%3DjYT0Qy%20BeipRfy~kGGv9~e8QMxLjMjv9~L88Ex1vW%2Ci~J7vuX~LNvu~ejfLM8MGv9.9H~LEQMQOvf9fH9u9HuW~e8QMGvhA9.uf~L1Oev9.999%2C9~xLjMGvu.Au~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevHh.iF~yN17vX99Xhu~GGvuiF~eev9~NejfLMQOvufA~LkevH9.fH~jfLMGvu999~JLEYv9.XF~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvW.9f%2Ciu.hi~Q8OvXAFuXfHA9~QOv9~x8OvAAiWwTwL79bU4zFjtd~xLjMLEQMUNv9~NejfLMGvH.FH~G7OvhXXif9hufXXfXhXAWAuuuX9HW9hHuufui9uXFfXhHXhuWAW9WfhfiXFAuXhuiH9iiFHA9iXXA9hWWuhXAHhhihFAXiHuHuhfWXhXHWW~eBxv9.Wi~OfEMjvu9~NejfvH.FH~AENkviii.WX~x8Yv9~myMYQwv9.FX~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvu9X.XF~xLjMQLEQMGvW.fW~LNevH9.fH~%3DVvA9WA~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~GO7vuh9HHhFAhh~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.XF~ONvW~xLjMLEQMLev9~ejfLMGvh.ff~NGOEv9.Xu9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MiMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MiMwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.XF9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzfh~QyY7vqmYJMVzQxL1zNJ~QmGEv9.X~-8OvKrtoExGofiH99AfhhWiih9iF~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vu9~OmyGv9ou~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vuhW&vgd_cfud=230324&vgd_scsver=312&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=504&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1143&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=PA&vgd_l1rhst=contextual.media.net&hvsid=00001704476378231034604565962316&rc=0&rand=1704476378629&acid=3fb7d0128c15c69e6d206c75f1f9f173&matm=1704476378629&vgd_ltimesrc=1&vgd_ltime=797&vgd_rtime=793&vgd_etm=7&vgd_l1hcsd=Otp9r%7C8731&vgd_l1ch=1&vgd_lhl=5799&vgd_pgid=p01648897181t202401051739&vgd_csip=rtb-ebda-59988cc7cb-h275b.OR&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=*!%7Cu%7C9*An3H&33=-8&3934=oPNmR*~SWr.ZocWZSd.WL)%3D%3D&os=WcbYYc*ncVX7XVc*VfW&!49u=b&DS9T=b&34o=WWYn&CS3F=Bn*X&3s4=VP-LtcEn-&3us4=7n*W7fYnb&SsHF=W*bO*bb&S3=R)&3jlD=~)LwIx(&9s4=VRIWzPtL7&C9s4=EBYYvVE&jCC9S=W&uuu=CHL6jB3Q6BeXMOgw!u.gRo)v.P9HjPuo~~8*d4tZx8Y%3D&lSF=7&QZ=W&d!4=Y&T4CW=VP-W8JzYn&T4Cf=nnc*XW7nV&q4TCT=S4f%3DldQQiCC%3DbisduQeQ%3DWbidQDe9%3DbkWbWni5!Fu9D%3Dbk7*ioZeFO3%3DbkVXiosSeS4%3DWW*iduQeu9Seq%3DVkfVi45Deq%3DbkVYi43f%3DWiS34%3Dl2iuTF%3Db%2CbioeTSl%3DcbWi45DeQ%3DfbioQfueS4%3DfbfYbWbYfWisduQeq%3Dc*bkYciduQeCG3%3DbiduQeufTeq%3DbiSC4%3DTSZsUCeXej5SCiuTC%3Dbkbbb%2CbiQTSC%3Di3o5!%3DYk*YiosSeduQeq%3Dbk7*ioQfueseS4%3DfbfYbWbYfWis9%3DWX~tIT.PQDBRS!KZoXMgf!iUqq%3DbiosSeduQeQ%3Dbiuss9dT%3DV%2CXiFC%3DW7iu3%3DWioQfueseq%3DbkbYiu9SeS4%3DfbfYbWbYWViosSeq%3DcnbkWfiuT4o%3Dbkbbb%2CbiduQeq%3DWknWioQfueduQeq%3DbioQfueduQeos%3DW16W*iduQeCos%3DbiduQeQ%3DWbiSQo%3DYckX*i!3TC%3D7bb7cWiqq%3DWX*ioo%3Dbi3oQfueS4%3DWfniuUo%3DYbkfYiQfueq%3DWbbbiFu9D%3Dbk7*ioQfueduQeG3%3Db1bi9Sse3%3DW%2CW%2Cb%2Cb%2Cb%2Cb%2Cb%2CbiqD%3DWi9Sse4%3DbiuGF%3Db%2CbiuT49%3Dbkbbb%2CbiTn9eq%3DVkbf%2CXWkcXiSs4%3D7n*W7fYnbiS4%3Dbids4%3DnnXVjBjuCb8G1l*QA.iduQeu9SeG3%3Dbi3oQfueq%3DYk*YiqC4%3Dc77XfbcWf77f7c7nVnWWW7bYVbcYWWfWXbW7*f7cY7cWVnVbVfcfX7*nW7cWXYbXX*YnbX77nbcVVWc7nYccXc*n7XYWYWcfV7c7YVVioZd%3DbkVXi4f9eQ%3DWbi3oQf%3DYk*Yin93U%3DXXXkV7idsD%3Dbi5!eDSj%3Dbk*7iuGC%3Dbkbbb%2Cbi4DDeSCu!%3DjTuD5l2i4f9eq%3DWi5!4f9eq%3DbkX7iSS%3Dx)i33%3D-8idsZ%3D6Wi3F%3Dbiu9Seq%3DWb7k7*iduQeSu9Seq%3DVkfViu3o%3DYbkfYiPt%3DnbVniuGZ9%3Dbkbbb%2CbiGqed3%3D6filCS%3DfiGqe33GS%3D6fi3C%3DlFZ%2025uGiqSSemEM%3Dx)%2Cx)iuGZ4%3Dbkbbb%2CbiqTSsSf%3DWX*iq4C%3DWcbYYc*ncciqTSsSW%3DWX*isSLFU%3DbisSsU%3DbiduQeu93eq%3Dbiqs4%3Dbk7*i43%3DViduQeu9Seuo%3DbioQfueq%3Dckffi3q49%3Dbk7WbisC29Fes4%3DWciSFQQFueCT!es4%3DTSZsUCeXej5SCiSd99Q2eCT!es4%3Di4FCF3CF4eCT!es4%3DTSZsUCeXej5SCiosFZTqsQsC2%3DbkVXi95S%3DWiT3eC29F%3DWiT4qQG%3DWVWffcWVbniTD9%3DWi5!qs4%3Dbk7*biqUQu%3DbkbWbiSds4%3Di4C3%3DZFSCe5ui4DDeFu9D%3DUTQSFi4DD%3DjTuD5l2iq493T94%3Dbi4TQ!%3DdlsS5lfciS!DC%3D~5DFetlSduTl3FiS5q9%3Dbk7iOs4%3D)aA69dq6fXYbbnfccVXXcbX*ijCDQ%3DWiT4e95S%3D%7B%22C%22%3AW%2C%229%22%3AY%7Di43dC%3DWbi45!q%3Db6Wisq3%3DWilSH%3DfiC!S%3DWfbO*bb%7CW*bO*bbiqSq%3DbiqS9%3DbiCDO%3DWcV&lCo=b&DDD=dA5SxUtaK1G%3D&sZ=b&sltUu=W&q4ut4=Y*b&qs4=nYXb*Y&D3U=c*7Xf&24S9u=W&qTF=gOFxxOY%2FOOigOFxxOYTOOiYFF&GTC9uF=W&3T45DTsl=CHL6jB3Q6B6~8jxYf6ddUA9NFd7vHUIuHZdYSJ(z!)Jz.9K6evrNl)%3D%3D&29Q9=W&sSs4=7&T4o=tlSs4Fu%20Pj5s3FS&SSD3ueoFu=7&9!s4=9bW*YVVXcWVWCfbfYbWb7WcnX&SSQ4=%7B%22SSs9%22%3A%22f*bb%3AbVbn%3AbTVV%3Abbbb%3Abbbb%3Abbbb%3Abbbb%3Abbbb%22%2C%22SS33%22%3A%22-8%22%2C%22SSS3%22%3A%22x(%22%2C%22SS3C2%22%3A%22lFZ%2025uG%22%7D&jCDQSu3=W&sflct=6055235&ure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.240.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-240-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 05 Jan 2024 17:39:38 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
15
Expires
Fri, 05 Jan 2024 17:39:38 GMT
truncated
/ Frame 4E3E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fea674952d420a8e6bc0e32e8907c79150a27e6c1ce529b84c4e6dd55c4b8b24

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 4E3E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cjc1s2T6YZZ7NBtz3kPIP0Kqf4ALvr7qBdd2Oo_nKDMCNtwEQASAAYMkGggEXY2EtcHViLTI5NDAwMzI3Nzg5OTcwOTbIAQmoAwHIAwKqBOABT9DaQcGYxWCPII0MXZS9H_TVuvC4TKqrpmk3MxhgV6MNOuINSMlr-Pq0i-Q43puUokl3xFb9mrVALebsQI2Ww5lj6MfhQ3QhnLqC4qt2RwdBYZDRW362YgTbVKRtwEdLLiOjODzwac9irKm6AfGtRoVoyTvqLSA_c_mawFLB0Z41TbyTPgZrZanNZ-qoipgf37IqC_JBVV3o7fcIKBdcmiAgp6k2yxW1moWOQZbU0xSLLx_L7R5T9o1qHWTxPRsZi-9lg75fGNynawhM_pri291f3YENcmHRPSeMbcxVpKCABpfjsKK-uZ-gfKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljzqO-n5caDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTQwMDMyNzc4OTk3MDk2GAA&sigh=mOq_-MizagU&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_RgNmAH4_EjGIwleFTcoG5lWsICcY8mLzvb0s6YSlZ255Un5k2ss0yvtbpXCg6__ZEnhOaWxxG4xRGYUtlB5SA4uBU8j7lBuOK5UYAQ&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 05 Jan 2024 17:39:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 4E3E 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwaELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAASDgwNDQyOTc0MDYwNzBfMjMzMjY1MjJfMzM3NjkxNTM4NDYwMUAzZmI3ZDAxMjhjMTVjNjllNmQyMDZjNzVmMWY5ZjE3M5gH7FG4HoXr4T_MBDRodHRwczovL2luc3VyYW5jZS5rbHB0Lm9yZwRVUwDoAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2JGluc3VyYW5jZS5rbHB0Lm9yZxI4Q1UxU0daNDMIDjE2MHg2MDAIMC41MQ53ZXN0X29yBkFEWAgIbnVybAAAAAAAAEBWQNyErKubYwIxAAAAAAAA8L84cnRiLWViZGEtNTk5ODhjYzdjYi1oMjc1Yi5PUj4xNzAwMDkwMDAwNzQ3ODAwMTYwMDYwMDEwMDAwMzAwAhBiNWU0ZTA3NAJiAg&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 05 Jan 2024 17:39:38 GMT
log
qsearch-a.akamaihd.net/ Frame 4E3E 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=3fb7d0128c15c69e6d206c75f1f9f173&algo=unison27&bdp=0.5600&bidfp=0.0100&capd=0&cc=US&cid=8CU1SGZ43&crid=337691538&ct=new%20york&dc=west_or&dfpbd=0.5100&dn=insurance.klpt.org&infl=sb&iwb=1&ogcbdp=0.5600&other_bids=0.5%7C0.56&other_prv=294%7C460&pbshr=100.0000&prdp=0.5100&requrl=insurance.klpt.org%2F&sat=1&sc=NY&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=3207130&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2024-01-05%2017%3A39%3A37&seat=BID_API&itype=adx&req_id=ce2_aMNqhAcK6yhhyjDRmw&dfp_bucket=0.5&level_base=0&bdp_bucket=0.6&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.129%20Safari%2F537.36&br_ver=120.0.6099.129&o_ver=NT%2010.0&second_bid=0.5&second_bidder=294&seg=Home_Insurance%2Chomepage_personal_finance%2CInsurance%2Clong_tail_homepage_catchall%2CPersonal_Finance&f_seg=Home_Insurance&model_key=generic_adx_1-cid_1&ogerpm=0.5600&ogerpm_used=false&rawbid=0.5600&totalTimeBucket=3&as_cache=0&sub_bidder=196&current_day=5.0&current_hour=17&cut=9&floor_bucket=0.00&model_version=202401041216_generic_adx_1-cid_1&erpm_bucket=0.60&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8900&stid=aswift_9_host&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=72.7998&bdp_wider_bucket=1&adblk=1812271803&dim10=false&dmm_m9=0.0000&dmm_m10=1209244&log_less=false&cut_bkt=10&advurl=related.insiderchoices.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-ebda-59988cc7cb-h275b.OR&dmm_m1=2024-01-05%2017%3A39%3A37.391904250&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.5600&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700090000747800160060010000300&sb_flr=true&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_8CU1SGZ43_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-566d4c44f6-ngrlw&rel_cut_bkt=10&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.188 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-188.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 17:39:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 05 Jan 2024 17:39:38 GMT
a4ffe0cf-e53b-4647-a951-b255591a918b.jpg
contextual.media.net/kimg/new/172x86/2/206/199/109/ Frame F088 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/172x86/2/206/199/109/a4ffe0cf-e53b-4647-a951-b255591a918b.jpg?v=9
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d19c2277e9c8f1a31d2c721b37f7b1accda8f4906351f5a6381ef2e7cbb75fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=*!%7Cu%7C9*An3H&33=-8&3934=oPNmR*~SWr.ZocWZSd.WL)%3D%3D&os=WcbYYc*ncVX7XVc*VfW&!49u=b&DS9T=b&34o=WWYn&CS3F=Bn*X&3s4=VP-LtcEn-&3us4=7n*W7fYnb&SsHF=W*bO*bb&S3=R)&3jlD=~)LwIx(&9s4=VRIWzPtL7&C9s4=EBYYvVE&jCC9S=W&uuu=CHL6jB3Q6BeXMOgw!u.gRo)v.P9HjPuo~~8*d4tZx8Y%3D&lSF=7&QZ=W&d!4=Y&T4CW=VP-W8JzYn&T4Cf=nnc*XW7nV&q4TCT=S4f%3DldQQiCC%3DbisduQeQ%3DWbidQDe9%3DbkWbWni5!Fu9D%3Dbk7*ioZeFO3%3DbkVXiosSeS4%3DWW*iduQeu9Seq%3DVkfVi45Deq%3DbkVYi43f%3DWiS34%3Dl2iuTF%3Db%2CbioeTSl%3DcbWi45DeQ%3DfbioQfueS4%3DfbfYbWbYfWisduQeq%3Dc*bkYciduQeCG3%3DbiduQeufTeq%3DbiSC4%3DTSZsUCeXej5SCiuTC%3Dbkbbb%2CbiQTSC%3Di3o5!%3DYk*YiosSeduQeq%3Dbk7*ioQfueseS4%3DfbfYbWbYfWis9%3DWX~tIT.PQDBRS!KZoXMgf!iUqq%3DbiosSeduQeQ%3Dbiuss9dT%3DV%2CXiFC%3DW7iu3%3DWioQfueseq%3DbkbYiu9SeS4%3DfbfYbWbYWViosSeq%3DcnbkWfiuT4o%3Dbkbbb%2CbiduQeq%3DWknWioQfueduQeq%3DbioQfueduQeos%3DW16W*iduQeCos%3DbiduQeQ%3DWbiSQo%3DYckX*i!3TC%3D7bb7cWiqq%3DWX*ioo%3Dbi3oQfueS4%3DWfniuUo%3DYbkfYiQfueq%3DWbbbiFu9D%3Dbk7*ioQfueduQeG3%3Db1bi9Sse3%3DW%2CW%2Cb%2Cb%2Cb%2Cb%2Cb%2CbiqD%3DWi9Sse4%3DbiuGF%3Db%2CbiuT49%3Dbkbbb%2CbiTn9eq%3DVkbf%2CXWkcXiSs4%3D7n*W7fYnbiS4%3Dbids4%3DnnXVjBjuCb8G1l*QA.iduQeu9SeG3%3Dbi3oQfueq%3DYk*YiqC4%3Dc77XfbcWf77f7c7nVnWWW7bYVbcYWWfWXbW7*f7cY7cWVnVbVfcfX7*nW7cWXYbXX*YnbX77nbcVVWc7nYccXc*n7XYWYWcfV7c7YVVioZd%3DbkVXi4f9eQ%3DWbi3oQf%3DYk*Yin93U%3DXXXkV7idsD%3Dbi5!eDSj%3Dbk*7iuGC%3Dbkbbb%2Cbi4DDeSCu!%3DjTuD5l2i4f9eq%3DWi5!4f9eq%3DbkX7iSS%3Dx)i33%3D-8idsZ%3D6Wi3F%3Dbiu9Seq%3DWb7k7*iduQeSu9Seq%3DVkfViu3o%3DYbkfYiPt%3DnbVniuGZ9%3Dbkbbb%2CbiGqed3%3D6filCS%3DfiGqe33GS%3D6fi3C%3DlFZ%2025uGiqSSemEM%3Dx)%2Cx)iuGZ4%3Dbkbbb%2CbiqTSsSf%3DWX*iq4C%3DWcbYYc*ncciqTSsSW%3DWX*isSLFU%3DbisSsU%3DbiduQeu93eq%3Dbiqs4%3Dbk7*i43%3DViduQeu9Seuo%3DbioQfueq%3Dckffi3q49%3Dbk7WbisC29Fes4%3DWciSFQQFueCT!es4%3DTSZsUCeXej5SCiSd99Q2eCT!es4%3Di4FCF3CF4eCT!es4%3DTSZsUCeXej5SCiosFZTqsQsC2%3DbkVXi95S%3DWiT3eC29F%3DWiT4qQG%3DWVWffcWVbniTD9%3DWi5!qs4%3Dbk7*biqUQu%3DbkbWbiSds4%3Di4C3%3DZFSCe5ui4DDeFu9D%3DUTQSFi4DD%3DjTuD5l2iq493T94%3Dbi4TQ!%3DdlsS5lfciS!DC%3D~5DFetlSduTl3FiS5q9%3Dbk7iOs4%3D)aA69dq6fXYbbnfccVXXcbX*ijCDQ%3DWiT4e95S%3D%7B%22C%22%3AW%2C%229%22%3AY%7Di43dC%3DWbi45!q%3Db6Wisq3%3DWilSH%3DfiC!S%3DWfbO*bb%7CW*bO*bbiqSq%3DbiqS9%3DbiCDO%3DWcV&lCo=b&DDD=dA5SxUtaK1G%3D&sZ=b&sltUu=W&q4ut4=Y*b&qs4=nYXb*Y&D3U=c*7Xf&24S9u=W&qTF=gOFxxOY%2FOOigOFxxOYTOOiYFF&GTC9uF=W&3T45DTsl=CHL6jB3Q6B6~8jxYf6ddUA9NFd7vHUIuHZdYSJ(z!)Jz.9K6evrNl)%3D%3D&29Q9=W&sSs4=7&T4o=tlSs4Fu%20Pj5s3FS&SSD3ueoFu=7&9!s4=9bW*YVVXcWVWCfbfYbWb7WcnX&SSQ4=%7B%22SSs9%22%3A%22f*bb%3AbVbn%3AbTVV%3Abbbb%3Abbbb%3Abbbb%3Abbbb%3Abbbb%22%2C%22SS33%22%3A%22-8%22%2C%22SSS3%22%3A%22x(%22%2C%22SS3C2%22%3A%22lFZ%2025uG%22%7D&jCDQSu3=W&sflct=6055235&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 01 Apr 2018 00:39:41 GMT
server
nginx
etag
"5ac02a4d-3f4b"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
16203
quic-version
0x00000001
truncated
/ Frame F088 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7c81eefabd5e0d8ef105e1675d4c087b37b596c9e85184144bfa63008a20de

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F088 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
47c43e0d-ec2b-41bf-a3b9-c937ceee1607.jpg
contextual.media.net/kimg/new/172x86/2/130/239/19/ Frame F088 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/172x86/2/130/239/19/47c43e0d-ec2b-41bf-a3b9-c937ceee1607.jpg?v=9
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f40d7c888224dcf53cda237b7daf9b87fea8fcf061a15522a942fbc9a03a2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=*!%7Cu%7C9*An3H&33=-8&3934=oPNmR*~SWr.ZocWZSd.WL)%3D%3D&os=WcbYYc*ncVX7XVc*VfW&!49u=b&DS9T=b&34o=WWYn&CS3F=Bn*X&3s4=VP-LtcEn-&3us4=7n*W7fYnb&SsHF=W*bO*bb&S3=R)&3jlD=~)LwIx(&9s4=VRIWzPtL7&C9s4=EBYYvVE&jCC9S=W&uuu=CHL6jB3Q6BeXMOgw!u.gRo)v.P9HjPuo~~8*d4tZx8Y%3D&lSF=7&QZ=W&d!4=Y&T4CW=VP-W8JzYn&T4Cf=nnc*XW7nV&q4TCT=S4f%3DldQQiCC%3DbisduQeQ%3DWbidQDe9%3DbkWbWni5!Fu9D%3Dbk7*ioZeFO3%3DbkVXiosSeS4%3DWW*iduQeu9Seq%3DVkfVi45Deq%3DbkVYi43f%3DWiS34%3Dl2iuTF%3Db%2CbioeTSl%3DcbWi45DeQ%3DfbioQfueS4%3DfbfYbWbYfWisduQeq%3Dc*bkYciduQeCG3%3DbiduQeufTeq%3DbiSC4%3DTSZsUCeXej5SCiuTC%3Dbkbbb%2CbiQTSC%3Di3o5!%3DYk*YiosSeduQeq%3Dbk7*ioQfueseS4%3DfbfYbWbYfWis9%3DWX~tIT.PQDBRS!KZoXMgf!iUqq%3DbiosSeduQeQ%3Dbiuss9dT%3DV%2CXiFC%3DW7iu3%3DWioQfueseq%3DbkbYiu9SeS4%3DfbfYbWbYWViosSeq%3DcnbkWfiuT4o%3Dbkbbb%2CbiduQeq%3DWknWioQfueduQeq%3DbioQfueduQeos%3DW16W*iduQeCos%3DbiduQeQ%3DWbiSQo%3DYckX*i!3TC%3D7bb7cWiqq%3DWX*ioo%3Dbi3oQfueS4%3DWfniuUo%3DYbkfYiQfueq%3DWbbbiFu9D%3Dbk7*ioQfueduQeG3%3Db1bi9Sse3%3DW%2CW%2Cb%2Cb%2Cb%2Cb%2Cb%2CbiqD%3DWi9Sse4%3DbiuGF%3Db%2CbiuT49%3Dbkbbb%2CbiTn9eq%3DVkbf%2CXWkcXiSs4%3D7n*W7fYnbiS4%3Dbids4%3DnnXVjBjuCb8G1l*QA.iduQeu9SeG3%3Dbi3oQfueq%3DYk*YiqC4%3Dc77XfbcWf77f7c7nVnWWW7bYVbcYWWfWXbW7*f7cY7cWVnVbVfcfX7*nW7cWXYbXX*YnbX77nbcVVWc7nYccXc*n7XYWYWcfV7c7YVVioZd%3DbkVXi4f9eQ%3DWbi3oQf%3DYk*Yin93U%3DXXXkV7idsD%3Dbi5!eDSj%3Dbk*7iuGC%3Dbkbbb%2Cbi4DDeSCu!%3DjTuD5l2i4f9eq%3DWi5!4f9eq%3DbkX7iSS%3Dx)i33%3D-8idsZ%3D6Wi3F%3Dbiu9Seq%3DWb7k7*iduQeSu9Seq%3DVkfViu3o%3DYbkfYiPt%3DnbVniuGZ9%3Dbkbbb%2CbiGqed3%3D6filCS%3DfiGqe33GS%3D6fi3C%3DlFZ%2025uGiqSSemEM%3Dx)%2Cx)iuGZ4%3Dbkbbb%2CbiqTSsSf%3DWX*iq4C%3DWcbYYc*ncciqTSsSW%3DWX*isSLFU%3DbisSsU%3DbiduQeu93eq%3Dbiqs4%3Dbk7*i43%3DViduQeu9Seuo%3DbioQfueq%3Dckffi3q49%3Dbk7WbisC29Fes4%3DWciSFQQFueCT!es4%3DTSZsUCeXej5SCiSd99Q2eCT!es4%3Di4FCF3CF4eCT!es4%3DTSZsUCeXej5SCiosFZTqsQsC2%3DbkVXi95S%3DWiT3eC29F%3DWiT4qQG%3DWVWffcWVbniTD9%3DWi5!qs4%3Dbk7*biqUQu%3DbkbWbiSds4%3Di4C3%3DZFSCe5ui4DDeFu9D%3DUTQSFi4DD%3DjTuD5l2iq493T94%3Dbi4TQ!%3DdlsS5lfciS!DC%3D~5DFetlSduTl3FiS5q9%3Dbk7iOs4%3D)aA69dq6fXYbbnfccVXXcbX*ijCDQ%3DWiT4e95S%3D%7B%22C%22%3AW%2C%229%22%3AY%7Di43dC%3DWbi45!q%3Db6Wisq3%3DWilSH%3DfiC!S%3DWfbO*bb%7CW*bO*bbiqSq%3DbiqS9%3DbiCDO%3DWcV&lCo=b&DDD=dA5SxUtaK1G%3D&sZ=b&sltUu=W&q4ut4=Y*b&qs4=nYXb*Y&D3U=c*7Xf&24S9u=W&qTF=gOFxxOY%2FOOigOFxxOYTOOiYFF&GTC9uF=W&3T45DTsl=CHL6jB3Q6B6~8jxYf6ddUA9NFd7vHUIuHZdYSJ(z!)Jz.9K6evrNl)%3D%3D&29Q9=W&sSs4=7&T4o=tlSs4Fu%20Pj5s3FS&SSD3ueoFu=7&9!s4=9bW*YVVXcWVWCfbfYbWb7WcnX&SSQ4=%7B%22SSs9%22%3A%22f*bb%3AbVbn%3AbTVV%3Abbbb%3Abbbb%3Abbbb%3Abbbb%3Abbbb%22%2C%22SS33%22%3A%22-8%22%2C%22SSS3%22%3A%22x(%22%2C%22SS3C2%22%3A%22lFZ%2025uG%22%7D&jCDQSu3=W&sflct=6055235&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 01 Apr 2018 11:35:01 GMT
server
nginx
etag
"5ac0c3e5-3acb"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
15051
quic-version
0x00000001
b5e80a74-fd01-44af-b1d4-b7bb389a376f.jpg
contextual.media.net/kimg/new/172x86/4/53/229/206/ Frame F088 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/172x86/4/53/229/206/b5e80a74-fd01-44af-b1d4-b7bb389a376f.jpg?v=9
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
82a1b54f3e05018baec3a33d1dc19b8068036f4d73977e92c1836b3b240263a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=*!%7Cu%7C9*An3H&33=-8&3934=oPNmR*~SWr.ZocWZSd.WL)%3D%3D&os=WcbYYc*ncVX7XVc*VfW&!49u=b&DS9T=b&34o=WWYn&CS3F=Bn*X&3s4=VP-LtcEn-&3us4=7n*W7fYnb&SsHF=W*bO*bb&S3=R)&3jlD=~)LwIx(&9s4=VRIWzPtL7&C9s4=EBYYvVE&jCC9S=W&uuu=CHL6jB3Q6BeXMOgw!u.gRo)v.P9HjPuo~~8*d4tZx8Y%3D&lSF=7&QZ=W&d!4=Y&T4CW=VP-W8JzYn&T4Cf=nnc*XW7nV&q4TCT=S4f%3DldQQiCC%3DbisduQeQ%3DWbidQDe9%3DbkWbWni5!Fu9D%3Dbk7*ioZeFO3%3DbkVXiosSeS4%3DWW*iduQeu9Seq%3DVkfVi45Deq%3DbkVYi43f%3DWiS34%3Dl2iuTF%3Db%2CbioeTSl%3DcbWi45DeQ%3DfbioQfueS4%3DfbfYbWbYfWisduQeq%3Dc*bkYciduQeCG3%3DbiduQeufTeq%3DbiSC4%3DTSZsUCeXej5SCiuTC%3Dbkbbb%2CbiQTSC%3Di3o5!%3DYk*YiosSeduQeq%3Dbk7*ioQfueseS4%3DfbfYbWbYfWis9%3DWX~tIT.PQDBRS!KZoXMgf!iUqq%3DbiosSeduQeQ%3Dbiuss9dT%3DV%2CXiFC%3DW7iu3%3DWioQfueseq%3DbkbYiu9SeS4%3DfbfYbWbYWViosSeq%3DcnbkWfiuT4o%3Dbkbbb%2CbiduQeq%3DWknWioQfueduQeq%3DbioQfueduQeos%3DW16W*iduQeCos%3DbiduQeQ%3DWbiSQo%3DYckX*i!3TC%3D7bb7cWiqq%3DWX*ioo%3Dbi3oQfueS4%3DWfniuUo%3DYbkfYiQfueq%3DWbbbiFu9D%3Dbk7*ioQfueduQeG3%3Db1bi9Sse3%3DW%2CW%2Cb%2Cb%2Cb%2Cb%2Cb%2CbiqD%3DWi9Sse4%3DbiuGF%3Db%2CbiuT49%3Dbkbbb%2CbiTn9eq%3DVkbf%2CXWkcXiSs4%3D7n*W7fYnbiS4%3Dbids4%3DnnXVjBjuCb8G1l*QA.iduQeu9SeG3%3Dbi3oQfueq%3DYk*YiqC4%3Dc77XfbcWf77f7c7nVnWWW7bYVbcYWWfWXbW7*f7cY7cWVnVbVfcfX7*nW7cWXYbXX*YnbX77nbcVVWc7nYccXc*n7XYWYWcfV7c7YVVioZd%3DbkVXi4f9eQ%3DWbi3oQf%3DYk*Yin93U%3DXXXkV7idsD%3Dbi5!eDSj%3Dbk*7iuGC%3Dbkbbb%2Cbi4DDeSCu!%3DjTuD5l2i4f9eq%3DWi5!4f9eq%3DbkX7iSS%3Dx)i33%3D-8idsZ%3D6Wi3F%3Dbiu9Seq%3DWb7k7*iduQeSu9Seq%3DVkfViu3o%3DYbkfYiPt%3DnbVniuGZ9%3Dbkbbb%2CbiGqed3%3D6filCS%3DfiGqe33GS%3D6fi3C%3DlFZ%2025uGiqSSemEM%3Dx)%2Cx)iuGZ4%3Dbkbbb%2CbiqTSsSf%3DWX*iq4C%3DWcbYYc*ncciqTSsSW%3DWX*isSLFU%3DbisSsU%3DbiduQeu93eq%3Dbiqs4%3Dbk7*i43%3DViduQeu9Seuo%3DbioQfueq%3Dckffi3q49%3Dbk7WbisC29Fes4%3DWciSFQQFueCT!es4%3DTSZsUCeXej5SCiSd99Q2eCT!es4%3Di4FCF3CF4eCT!es4%3DTSZsUCeXej5SCiosFZTqsQsC2%3DbkVXi95S%3DWiT3eC29F%3DWiT4qQG%3DWVWffcWVbniTD9%3DWi5!qs4%3Dbk7*biqUQu%3DbkbWbiSds4%3Di4C3%3DZFSCe5ui4DDeFu9D%3DUTQSFi4DD%3DjTuD5l2iq493T94%3Dbi4TQ!%3DdlsS5lfciS!DC%3D~5DFetlSduTl3FiS5q9%3Dbk7iOs4%3D)aA69dq6fXYbbnfccVXXcbX*ijCDQ%3DWiT4e95S%3D%7B%22C%22%3AW%2C%229%22%3AY%7Di43dC%3DWbi45!q%3Db6Wisq3%3DWilSH%3DfiC!S%3DWfbO*bb%7CW*bO*bbiqSq%3DbiqS9%3DbiCDO%3DWcV&lCo=b&DDD=dA5SxUtaK1G%3D&sZ=b&sltUu=W&q4ut4=Y*b&qs4=nYXb*Y&D3U=c*7Xf&24S9u=W&qTF=gOFxxOY%2FOOigOFxxOYTOOiYFF&GTC9uF=W&3T45DTsl=CHL6jB3Q6B6~8jxYf6ddUA9NFd7vHUIuHZdYSJ(z!)Jz.9K6evrNl)%3D%3D&29Q9=W&sSs4=7&T4o=tlSs4Fu%20Pj5s3FS&SSD3ueoFu=7&9!s4=9bW*YVVXcWVWCfbfYbWb7WcnX&SSQ4=%7B%22SSs9%22%3A%22f*bb%3AbVbn%3AbTVV%3Abbbb%3Abbbb%3Abbbb%3Abbbb%3Abbbb%22%2C%22SS33%22%3A%22-8%22%2C%22SSS3%22%3A%22x(%22%2C%22SS3C2%22%3A%22lFZ%2025uG%22%7D&jCDQSu3=W&sflct=6055235&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 09 Mar 2018 04:10:04 GMT
server
nginx
etag
"5aa2091c-3916"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
14614
quic-version
0x00000001
02d00033-fc57-499d-a2da-659be6454abe.jpg
contextual.media.net/kimg/new/172x86/2/141/232/21/ Frame F088 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/172x86/2/141/232/21/02d00033-fc57-499d-a2da-659be6454abe.jpg?v=9
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2b20ba3e64d6ce716b0aa274f5eba5896b851c5c4f4cfe6a8ae7b0ab4df18820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2703&&kkdd=*!%7Cu%7C9*An3H&33=-8&3934=oPNmR*~SWr.ZocWZSd.WL)%3D%3D&os=WcbYYc*ncVX7XVc*VfW&!49u=b&DS9T=b&34o=WWYn&CS3F=Bn*X&3s4=VP-LtcEn-&3us4=7n*W7fYnb&SsHF=W*bO*bb&S3=R)&3jlD=~)LwIx(&9s4=VRIWzPtL7&C9s4=EBYYvVE&jCC9S=W&uuu=CHL6jB3Q6BeXMOgw!u.gRo)v.P9HjPuo~~8*d4tZx8Y%3D&lSF=7&QZ=W&d!4=Y&T4CW=VP-W8JzYn&T4Cf=nnc*XW7nV&q4TCT=S4f%3DldQQiCC%3DbisduQeQ%3DWbidQDe9%3DbkWbWni5!Fu9D%3Dbk7*ioZeFO3%3DbkVXiosSeS4%3DWW*iduQeu9Seq%3DVkfVi45Deq%3DbkVYi43f%3DWiS34%3Dl2iuTF%3Db%2CbioeTSl%3DcbWi45DeQ%3DfbioQfueS4%3DfbfYbWbYfWisduQeq%3Dc*bkYciduQeCG3%3DbiduQeufTeq%3DbiSC4%3DTSZsUCeXej5SCiuTC%3Dbkbbb%2CbiQTSC%3Di3o5!%3DYk*YiosSeduQeq%3Dbk7*ioQfueseS4%3DfbfYbWbYfWis9%3DWX~tIT.PQDBRS!KZoXMgf!iUqq%3DbiosSeduQeQ%3Dbiuss9dT%3DV%2CXiFC%3DW7iu3%3DWioQfueseq%3DbkbYiu9SeS4%3DfbfYbWbYWViosSeq%3DcnbkWfiuT4o%3Dbkbbb%2CbiduQeq%3DWknWioQfueduQeq%3DbioQfueduQeos%3DW16W*iduQeCos%3DbiduQeQ%3DWbiSQo%3DYckX*i!3TC%3D7bb7cWiqq%3DWX*ioo%3Dbi3oQfueS4%3DWfniuUo%3DYbkfYiQfueq%3DWbbbiFu9D%3Dbk7*ioQfueduQeG3%3Db1bi9Sse3%3DW%2CW%2Cb%2Cb%2Cb%2Cb%2Cb%2CbiqD%3DWi9Sse4%3DbiuGF%3Db%2CbiuT49%3Dbkbbb%2CbiTn9eq%3DVkbf%2CXWkcXiSs4%3D7n*W7fYnbiS4%3Dbids4%3DnnXVjBjuCb8G1l*QA.iduQeu9SeG3%3Dbi3oQfueq%3DYk*YiqC4%3Dc77XfbcWf77f7c7nVnWWW7bYVbcYWWfWXbW7*f7cY7cWVnVbVfcfX7*nW7cWXYbXX*YnbX77nbcVVWc7nYccXc*n7XYWYWcfV7c7YVVioZd%3DbkVXi4f9eQ%3DWbi3oQf%3DYk*Yin93U%3DXXXkV7idsD%3Dbi5!eDSj%3Dbk*7iuGC%3Dbkbbb%2Cbi4DDeSCu!%3DjTuD5l2i4f9eq%3DWi5!4f9eq%3DbkX7iSS%3Dx)i33%3D-8idsZ%3D6Wi3F%3Dbiu9Seq%3DWb7k7*iduQeSu9Seq%3DVkfViu3o%3DYbkfYiPt%3DnbVniuGZ9%3Dbkbbb%2CbiGqed3%3D6filCS%3DfiGqe33GS%3D6fi3C%3DlFZ%2025uGiqSSemEM%3Dx)%2Cx)iuGZ4%3Dbkbbb%2CbiqTSsSf%3DWX*iq4C%3DWcbYYc*ncciqTSsSW%3DWX*isSLFU%3DbisSsU%3DbiduQeu93eq%3Dbiqs4%3Dbk7*i43%3DViduQeu9Seuo%3DbioQfueq%3Dckffi3q49%3Dbk7WbisC29Fes4%3DWciSFQQFueCT!es4%3DTSZsUCeXej5SCiSd99Q2eCT!es4%3Di4FCF3CF4eCT!es4%3DTSZsUCeXej5SCiosFZTqsQsC2%3DbkVXi95S%3DWiT3eC29F%3DWiT4qQG%3DWVWffcWVbniTD9%3DWi5!qs4%3Dbk7*biqUQu%3DbkbWbiSds4%3Di4C3%3DZFSCe5ui4DDeFu9D%3DUTQSFi4DD%3DjTuD5l2iq493T94%3Dbi4TQ!%3DdlsS5lfciS!DC%3D~5DFetlSduTl3FiS5q9%3Dbk7iOs4%3D)aA69dq6fXYbbnfccVXXcbX*ijCDQ%3DWiT4e95S%3D%7B%22C%22%3AW%2C%229%22%3AY%7Di43dC%3DWbi45!q%3Db6Wisq3%3DWilSH%3DfiC!S%3DWfbO*bb%7CW*bO*bbiqSq%3DbiqS9%3DbiCDO%3DWcV&lCo=b&DDD=dA5SxUtaK1G%3D&sZ=b&sltUu=W&q4ut4=Y*b&qs4=nYXb*Y&D3U=c*7Xf&24S9u=W&qTF=gOFxxOY%2FOOigOFxxOYTOOiYFF&GTC9uF=W&3T45DTsl=CHL6jB3Q6B6~8jxYf6ddUA9NFd7vHUIuHZdYSJ(z!)Jz.9K6evrNl)%3D%3D&29Q9=W&sSs4=7&T4o=tlSs4Fu%20Pj5s3FS&SSD3ueoFu=7&9!s4=9bW*YVVXcWVWCfbfYbWb7WcnX&SSQ4=%7B%22SSs9%22%3A%22f*bb%3AbVbn%3AbTVV%3Abbbb%3Abbbb%3Abbbb%3Abbbb%3Abbbb%22%2C%22SS33%22%3A%22-8%22%2C%22SSS3%22%3A%22x(%22%2C%22SS3C2%22%3A%22lFZ%2025uG%22%7D&jCDQSu3=W&sflct=6055235&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 23 Mar 2018 00:40:34 GMT
server
nginx
etag
"5ab44d02-2b49"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
11081
quic-version
0x00000001
truncated
/ Frame F088 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F088 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1CE3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02269a901331d907ea1afe2d231356370d8d4dec189070b02b86e07f89d907a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 1CE3 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CE4kS2T6YZZ_NBtz3kPIP0Kqf4ALvr7qBdd2Oo_nKDMCNtwEQASAAYMkGggEXY2EtcHViLTI5NDAwMzI3Nzg5OTcwOTbIAQmoAwHIAwKqBOABT9C84SRqT0Eh6Id8RK_Y773Ew60F5duWeMjMX5jgtOetHW57Kfvzx5WUiYcvaguo8USTaXYU2cjqFu5rUmQe6PARe1FvyseRKhyVl4Nl6yp2C0TUYRVbTK9ll-gy8ve0ej7txxnxTyRZAaEjPA4QHkcLq08PGboRo3g4WxNSDvgtan-XZLyrgWxgRNRmHph9ogJKEdcfQr6L3AfAFn0V0aLgyoEF4OL4QszNG0D9DPkeWC5-bEsYz7LgXx4DQl2jaH4EkWvgvcMTa4mLLjLRm_0i0s7MyhJNzWnMFgd7YCiABtfW4OCv4dO3WKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljzqO-n5caDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTQwMDMyNzc4OTk3MDk2GAA&sigh=MoS5F-WJBLU&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_RgNmAH4_EjGIwleFTcoG5lWsICcY8mLzvb0s6YSlZ255Un5k2ss0yvtbpXCg6__ZEnhOaWxxG4xRGYUtlB5SA4uBU8j7lBuOK5UYAQ&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 05 Jan 2024 17:39:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 1CE3 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwaELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAASjUyODU1Nzc4MTQ2MDNfNTE0MDQzMzU2XzMzNzY5MTUzODI5NDFAMDMwZDk5NWRmZDBhNGVkYzkzY2IxNGE1OGQ4OTU4ZTDMBArXo3A9Ctc_mAc0aHR0cHM6Ly9pbnN1cmFuY2Uua2xwdC5vcmcEVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMjkgU2FmYXJpLzUzNy4zNiRpbnN1cmFuY2Uua2xwdC5vcmcSOENVMVNHWjQzCA4xNjB4NjAwBjAuMw53ZXN0X29yBkFEWAgIbnVybAAAAAAAAEBWQLqErKubYwIxAAAAAAAA8L84cnRiLWViZGEtNTk5ODhjYzdjYi13MjU3bS5PUj4xNzAwMDgwODAwMTI3MDAwMTYwMDYwMDAwMDI1NjAwAhBiNWU0ZTA3NAJiAg&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 05 Jan 2024 17:39:38 GMT
log
qsearch-a.akamaihd.net/ Frame 1CE3 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=030d995dfd0a4edc93cb14a58d8958e0&bdp=0.3600&bidfp=0.0100&cc=US&cid=8CU1SGZ43&crid=337691538&ct=new%20york&dc=west_or&dn=insurance.klpt.org&iwb=1&ogcbdp=0.3600&other_bids=0.06%2C0.36&other_prv=460%2C294&pbshr=100.0000&requrl=insurance.klpt.org&sat=1&sc=NY&sc_pvid=294&send_erpm=false&server=6&size=160x600&strg=smm_migration_test&totalTime=977460&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2024-01-05%2017%3A39%3A37&seat=BID_API&itype=adx&req_id=Jzr4LrXTAQhd5NQLKabfhA&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.129%20Safari%2F537.36&br_ver=120.0.6099.129&o_ver=NT%2010.0&second_bid=0.06&second_bidder=460&seg=Home_Insurance%2Chomepage_personal_finance%2CInsurance%2Clong_tail_homepage_catchall%2CPersonal_Finance&f_seg=Home_Insurance&ogerpm=0.36&ogerpm_used=false&rawbid=0.36&totalTimeBucket=0&sub_bidder=196&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.89&stid=aswift_0_host&pvid_seat=294_BID_API&ckfl=0&mnckfl=0&bdp_wider_bucket=1&adblk=1812271804&advurl=search.yahoo.com%2F&bdr_typ=1&clisp=rtb-ebda-59988cc7cb-w257m.OR&dmm_m22=0.3600&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080800127000160060000025600&zone=b&rc=-1&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-566d4c44f6-lscj6&djvm=9.5.8&cbvp=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.188 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-188.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 17:39:39 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 05 Jan 2024 17:39:39 GMT
truncated
/ Frame 1021 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1021 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1021 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
montserrat-semibold.woff
contextual.media.net/__media__/fonts/montserrat-semibold/ Frame 1021 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/montserrat-semibold/montserrat-semibold.woff
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
541c1dec9560ca0b3650854c7111c8a34f1deeacefa81cdf6619024916928661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2700&&kkdd=*!%7C!%7C9*huAWn3H&aP=b-NKK-4y-OI-TbLT-4K&7iQo=N&*MQj=N&Fia=bbKy&2MF8=Yy4L&FPi=OndT1wbGe&FQFi=Ay8Lzu_g!b0~dh7gcJiAPm%3D%3D&FoPi=TbIOKON-b&MP!8=b4Ng4NN&FF=dl&MF=GD&FA~*=M**B*P7oj2P(~B28M2&QPi=OGkwK_IOV&2QPi=0b0T0qk&A22QM=b&ooo=2!1CAYFvCYBLRgtp7oHtGaDqHnQ!AnoaWWl4Zi9m_lK%3D&~M8=T&vm=b&Z7i=K&ji2b=OndblVrKy&ji2I=yy-4LbTyO&zij2j=MiI%3D~Zvv3PZovBv%3DbN3(78oQ*%3DN6y43i(*Bz%3DN6-43MFi%3D~u3oj8%3DN%2CN3i(*Bv%3DIN3avIoBMi%3DINIKNbNKIb3PZovBz%3D-4N6K-3ZovB25F%3DN3ZovBoIjBz%3DN3M2i%3DjMmPJ2BNBA(M23oj2%3DN6NNN%2CN3PQ%3DbLW9kjHnv*YGM7xmaLRtI73Jzz%3DN3oPPQZj%3DO%2CL3oF%3Db3oQMBMi%3DINIKNbNTN-3ojia%3DN6NNN%2CN3ZovBz%3Db6yb3avIoBZovBz%3DN3M**Bmo%3DyO6LK4y3ZovBv%3DbN3Mva%3D446II37Fj2%3DTNNT-b3zz%3DbL43M**B*Zv%3DN6OK38oQ*%3DN6y43avIoBZovB5F%3DN)N3QMPBF%3Db%2Cb%2CN%2CN%2CN%2CN%2CN%2CN3z*%3Db3QMPBi%3DN3o58%3DN%2CN3jyQBz%3DK64%2CbbL6bO3Mi%3DN3ZPi%3DyyLOAqPu4I-54iiM~a3FavIoBz%3DI64-3z2i%3D-TTLIN-bI-4bb4TK-LLy44IOOI4y4ILyON-4O-bbT-TIyIyNOLN-TNIOLL444yy-I4-IN-4Ty44ObLO-OLIbKLL4444NKLKIKyI44T43ZP*%3DN3o52%3DN6NNN%2CN3(7iIQBz%3DN6LO3MM%3D_D3FF%3Ddl3ZPm%3DCb3F8%3DN3oFa%3DKN6IK3n9%3DyNOy35zBZF%3DCI3~2M%3DI35zBFF5M%3DCI3F2%3D~8m%20u(o53zMMBS0R%3D_D%2C_D3zjMPMI%3DbL43zi2%3Db-NKK-4y--3zjMPMb%3DbL43iF%3DO3avIoBz%3DK6bK3Zv*BQ%3DN6bNby3amB8gF%3DN6OL3aPMBMi%3Dbb43ZovBoQMBz%3DO6IO3iFI%3Db3aBjM~%3D-Nb3vjM2%3D3Fa(7%3DI64-3aPMBZovBz%3DN6T43avIoBPBMi%3DINIKNbNTNy3aPMBZovBv%3DN382%3DbT3avIoBPBz%3DN6NI3aPMBz%3D-IL6Ny3avIoBZovBaP%3Db)Cb43ZovB2aP%3DN3aa%3DN3FavIoBMi%3DbIy3oJa%3DKN6IK3vIoBz%3DbNNN3M**BMi%3DINIKNbNTN-3ojiQ%3DN6NNN%2CN3MPi%3DTbIOKON-b3ZovBoQMB5F%3DN3amZ%3DN6OL3iIQBv%3DbN3FavI%3DI64-3yQFJ%3DLLL6OT3(7B*MA%3DN6yL3i**BM2o7%3DM**B*P7oj2P(~B28M23iIQBz%3DN6LO3oQMBz%3DbbL6bO3ZovBMoQMBz%3DO6IO3o5mQ%3DN6NNN%2CN3o5mi%3DN6NNN%2CN3PM18J%3DN3PMPJ%3DN3ZovBoQFBz%3DN3zPi%3DN6y3ZovBoQMBoa%3DN3FziQ%3DN6yNN3P2uQ8BPi%3Db-3M8vv8oB2j7BPi%3DjMmPJ2BNBA(M23MZQQvuB2j7BPi%3D3i828F28iB2j7BPi%3DjMmPJ2BNBA(M23aP8mjzPvP2u%3DN6OL3Q(M%3Db3jFB2uQ8%3Db3jizv5%3DbObII-bONK3j*Q%3Db3(7zPi%3DN6y4N3zJvo%3DN6NbN3MZPi%3D3i2F%3Dm8M2B(o3i**B8oQ*%3DJjvM83i**%3DM**B*P7oj2P(~B28M23ziQFjQi%3DN3ijv7%3DM**3M7*2%3DW(*8B9~MZoj~F83M(zQ%3DN6N43gPi%3DDXcCQZzCILKNNyI--OLL-NL43A2*v%3Db3jiBQ(M%3D%7B%222%22%3AN%2C%22Q%22%3AK%7D3M**BjQP%3Dab3PzF%3Db3~M!%3DI327M%3DbINg4NN%7Cb4Ng4NN3zMz%3DN3zMQ%3DN32*g%3DbOK&~2a=N&***=Zc(M_J9Xx)5%3D&Pm=N&P~9Jo=b&zio9i=ILK&zPi=yy-LLO&*FJ=-4TLI&uiMQo=b&zj8=tg8__gK%2Fgg3tg8__gKjgg3K88&5j2Qo8=b&5j2zPi=CbNI&uQvQ=b&PMPi=I&MM*FoBa8o=T&Q7Pi=QNb4KOOL-bOb2INIKNbNTb-yL&MMvi=%7B%22MMPQ%22%3A%22I4NN%3ANONy%3ANjOO%3ANNNN%3ANNNN%3ANNNN%3ANNNN%3ANNNN%22%2C%22MMFF%22%3A%22dl%22%2C%22MMMF%22%3A%22_s%22%2C%22MMF2u%22%3A%22~8m%20u(o5%22%7D&Q8oJ=b&A2*vMoF=b&sflct=451046&ure=1
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 06 Jan 2024 17:39:39 GMT
date
Fri, 05 Jan 2024 17:39:39 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
24784
quic-version
0x00000001
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=1515411477380651&bg=!Y2ClYC_NAAY3kmNgF5I7ADQBe5WfOHUCXxkAuCuLpHZ264LXX_lOw4f7VuINJmUQDqLbBY_CsZVkheUx5ln50yowjadVAgAAAgxSAAAABGgBB5kCtJ_Cu_sVuEH9KhPxiCOtwDpiWZWG3VT9wvy7LxhMFnBVTxUHSc0vkx_Q-6vs16T41CSFn7gXoCk6ImjzrkgNtM9twxrfocd6gtRElkYW-B7OITL1H6dJPRUfWNWIRHzBFGZLgfVtDCPpDDPfUQN17ZJtmv5Rh8ixFV4xpc61huYBpx7ACsMzPGbHi0aLNy3CqP4zsvMw8DaS8yijTGMSB62FJkONPqeDFrV_L3r88VrwaOviO5E7ACXfYp3AZOsEQavalaN79n3cIE4MWwpUS1gf8PE6aBA6WrNUl_Fvc08wo7WOjFTATbglBhGNu9cm-UqwvgDTa-cN7-b1evnb7O1I3wS_g76ek_p1GU-i7xcraeVXmT_YlCGrVrkVQtxiv0ZrdaSlnDdpzxeHT7yZiEDG3UCJ5-cl5WFXfnnKnGeXf5Cde1u3TxMBKZ9S4GoajHAxmIgYma0Qs1qxPmcIGQNNBRaDs-g1mf34R_ztg_0E0_djq2M4bT5STNRZVRYWePsZiEMBsZ-m6PgqSoglBLF--sDS1gY0maSYpaGtuxRljIWy7wORkUkRfKgUZwO2wAh9Y08aDvyQaB8rsmB537PTMSTuarEftGT8UiNvuQUtQ4boXF-axS9bx7I9aD1ShayivDA-YvqC6YDD-PBmvQ48I466Um5UFiW3_qOSBL8eJClc-1jV7My05mKgwIVmOcjiKabOeGh_wXfnOn3_EU_sOTjfE7xsgfequh3KRo7UEzNDihNCJGL8jGBSnN45EKLJr8TB9K0DWm2DUbPFAjQLpeE21lFQqTmwYYhVCT3xE7wCWDJwzcqCWaXk04DQ_QZezBglQjP1ugHPzUmBqSNJUYXdf8JTrqXfwpSD-stpxeJm8ryTI32044Yo4Rw60e77YzvbCFvrt1ZNPrxLJHSMMoVP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://insurance.klpt.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
log
lg3.media.net/ Frame 1CE3 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CU5RJ1PV&vi=1704476378275195764&hvsid=00001704476378313034604565964552&cdv=1143&bid=337998&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=226&l2s_downloadTime=3&l2s_total=229&l2s_start=480&l2s_sslTime=0&l2s_trfSize=30.2&l2s_decSize=79.4&l2s_encSize=29.9&l2s_nhp=h2&l2s_host=contextual.media.net&bql_dnsTime=0&bql_connectionTime=0&bql_waitTime=58&bql_downloadTime=0&bql_total=59&bql_start=285&bql_sslTime=0&bql_trfSize=0.3&bql_decSize=0.0&bql_encSize=0.0&bql_nhp=http/1.1&bql_host=lg3.media.net&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=284&l1s_downloadTime=21&l1s_total=305&l1s_start=11&l1s_sslTime=0&l1s_trfSize=37.5&l1s_decSize=98.5&l1s_encSize=37.2&l1s_nhp=h2&l1s_host=contextual.media.net&font_dnsTime=0&font_connectionTime=0&font_waitTime=58&font_downloadTime=5&font_total=64&font_start=648&font_sslTime=0&font_trfSize=24.5&font_decSize=24.2&font_encSize=24.2&font_nhp=h3&font_host=contextual.media.net&gdpr=0&mspa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.240.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-240-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 17:39:39 GMT
Strict-Transport-Security
max-age=21600
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 05 Jan 2024 17:39:39 GMT
log
hblg.media.net/ Frame 4E3E 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDNmYjdkMDEyOGMxNWM2OWU2ZDIwNmM3NWYxZjlmMTczpI6GwgKYBwRVUyRpbnN1cmFuY2Uua2xwdC5vcmcSOENVMVNHWjQzGmFzd2lmdF85X2hvc3QOMTYweDYwMA53ZXN0X29yBDIzBkFEWBI4UFIxMTNKR0MOQklEX0FQSQAaYXN3aWZ0XzlfaG9zdAIwOHJ0Yi1lYmRhLTU5OTg4Y2M3Y2ItaDI3NWIuT1I-MTcwMDA5MDAwMDc0NzgwMDE2MDA2MDAxMDAwMDMwMAIwACIAEEVYQ0hBTkdFAgJi&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 05 Jan 2024 17:39:39 GMT
bqi.php
lg3.media.net/ Frame 4E3E 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2504&lf=3&&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_tsce=L369&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349064&vgd_cdv=1143&vgd_cage=0&vgd_rensize=160_600&vgde_bdata=QOfvzxjj~77v9~8xLjMjvu9~xjYMEv9.u9uA~myJLEYv9.XF~eBMJ-Nv9.Wi~e8QMQOvuuF~xLjMLEQMGvW.fW~OmYMGv9.WH~ONfvu~QNOvz5~L1Jv9%2C9~eM1Qzvh9u~OmYMjvf9~ejfLMQOvf9fH9u9Hfu~8xLjMGvhF9.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MiMwmQ7~L17v9.999%2C9~j1Q7v~NemyvH.FH~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9Hfu~8EvuiqVa1d%3DjYT0Qy%20BeipRfy~kGGv9~e8QMxLjMjv9~L88Ex1vW%2Ci~J7vuX~LNvu~ejfLM8MGv9.9H~LEQMQOvf9fH9u9HuW~e8QMGvhA9.uf~L1Oev9.999%2C9~xLjMGvu.Au~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevHh.iF~yN17vX99Xhu~GGvuiF~eev9~NejfLMQOvufA~LkevH9.fH~jfLMGvu999~JLEYv9.XF~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvW.9f%2Ciu.hi~Q8OvXAFuXfHA9~QOv9~x8OvAAiWwTwL79bU4zFjtd~xLjMLEQMUNv9~NejfLMGvH.FH~G7OvhXXif9hufXXfXhXAWAuuuX9HW9hHuufui9uXFfXhHXhuWAW9WfhfiXFAuXhuiH9iiFHA9iXXA9hWWuhXAHhhihFAXiHuHuhfWXhXHWW~eBxv9.Wi~OfEMjvu9~NejfvH.FH~AENkviii.WX~x8Yv9~myMYQwv9.FX~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvu9X.XF~xLjMQLEQMGvW.fW~LNevH9.fH~%3DVvA9WA~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~GO7vuh9HHhFAhh~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.XF~ONvW~xLjMLEQMLev9~ejfLMGvh.ff~NGOEv9.Xu9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MiMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MiMwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.XF9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzfh~QyY7vqmYJMVzQxL1zNJ~QmGEv9.X~-8OvKrtoExGofiH99AfhhWiih9iF~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vu9~OmyGv9ou~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vuhW&vgd_lbt=1000&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CURI7T3U&crid=536152430&rrr=tzR-hLcl-L_9WxBMgrjBPvAFjCpzhCrvHHS6udIwNS4%3D&requrl=https%3A%2F%2Finsurance.klpt.org%2F&vi=1704476378959876821&ugd=4&cc=US&sc=PA&bdrid=460&subBdr=196&startTime=1704476378225&l1ch=1&l1hcsd=l1!Otp9r|8731&mmm=uXosNfIDqEk=&buid=349064&sttm=1704476378231&upk=1704476378.8529&hvsid=00001704476378231034604565962316&acid=3fb7d0128c15c69e6d206c75f1f9f173&verid=3111299&infr=1&twna=1&dma=504&stime=1704476377845&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704476378186954817&vgd_sc=PA&vgd_ecrid=1700090000747800160060010000300&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01648897181t202401051739&vgd_pgids=1&vgd_end=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.240.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-240-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 05 Jan 2024 17:39:39 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Fri, 05 Jan 2024 17:39:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E3E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8Fko-67tbAr6JcYeyoOEmWnxT9uBQ4UFHJaOFlx5QUz16sVsRKEz2_f6w8ADvaK5-tzWkbbBb5CWhofrHAOZzHuHJRjC42sid4AXWgvZXFuTo9xpdDQQu&sig=Cg0ArKJSzEbBCwQp8InMEAE&id=lidar2&mcvt=1001&p=0,0,604,160&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704476377831&rpt=461&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bqi.php
lg3.media.net/ Frame 1CE3 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2617&lf=3&&vgd_hb_audit_1=8CU1SGZ43&vgd_hb_audit_2=337691538&vgd_tsce=L369&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=337998&vgd_cdv=1143&vgd_cage=0&vgd_rensize=160_600&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.AF~OmYMGv9.hF~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9Hfu~8xLjMGvhF9.Hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7M9MwmQ7~L17v9.999%2C9~8EvuiqVa1d%3DjYT0Qy%20BeipRfy~kGGv9~L88Ex1vW%2Ci~LNvu~LEQMQOvf9fH9u9X9h~L1Oev9.999%2C9~xLjMGvu.Au~ejfLMxLjMGv9~QYYMBLvAW.iHFA~xLjMjvu9~QjevFF.ff~yN17vX99Xhu~GGvuiF~QYYMYxjv9.WH~JLEYv9.AF~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvH.F%2Cuui.uW~QOv9~x8OvAAiWws85FfhUFOOQze~NejfLMGvf.Fh~G7OvhXXif9hufhFuuFXHhiiAFFfWWfFAFfiAW9hFWhuuXhXfAfA9Wi9hX9fWiiFFFAAhfFhf9hFXAFFWuiWhWifuHiiFFFF9HiHfHAfFFXF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LNevH9.fH~%3DVvA9WA~UGMxNvof~z7Qvf~UGMNNUQvof~N7vzJBn5mLU~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HHhFAhh~G1Q8QuvuiF~ONvW~ejfLMGvH.uH~xjYMEv9.u9uA~eBMJ-Nv9.Wi~e8QMQOvuuF~xLjMLEQMGvW.fW~ONfvu~eM1Qzvh9u~j1Q7v~Nemyvf.Fh~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9X9A~e8QMxLjMjv9~J7vuX~ejfLM8MGv9.9f~e8QMGvhfi.9A~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvufA~LkevH9.fH~jfLMGvu999~QYYMQOvf9fH9u9X9h~L1OEv9.999%2C9~Q8OvXufWHW9hu~xLjMLEQMUNv9~eBxv9.Wi~OfEMjvu9~Nejfvf.Fh~AENkviii.WX~myMYQwv9.Ai~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~LEQMGvuui.uW~xLjMQLEQMGvW.fW~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.A~xLjMLEQMLev9~NGOEv9.A99~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.AF9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vqmYJMVzQxL1zNJ~QmGEv9.9F~-8OvKrtoExGofiH99AfhhWiih9iF~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~QYYM1E8veu~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vuWH&vgd_lbt=50&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=512848071&rrr=tzR-hLcl-L_9WxBMgrjBPvAFjCpzhCrvHHS6udIwNS4%3D&requrl=https%3A%2F%2Finsurance.klpt.org%2F&vi=1704476378275195764&ugd=4&cc=US&sc=PA&bdrid=294&subBdr=196&startTime=1704476378306&l1ch=1&l1hcsd=l1!Otp9r|8731&mmm=uXosNfIDqEk=&buid=337998&sttm=1704476378313&upk=1704476378.7930&hvsid=00001704476378313034604565964552&acid=030d995dfd0a4edc93cb14a58d8958e0&verid=3111299&infr=1&twna=1&dma=504&stime=1704476377863&tsrc=entity&kafm_ull_cache=00&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704476378101085517&vgd_sc=PA&vgd_ecrid=1700080800127000160060000025600&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01648897181t202401051739&vgd_pgids=1&vgd_end=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.240.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-240-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Fri, 05 Jan 2024 17:39:40 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Fri, 05 Jan 2024 17:39:40 GMT
log
hblg.media.net/ Frame 1CE3 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDAzMGQ5OTVkZmQwYTRlZGM5M2NiMTRhNThkODk1OGUwpI6GwgLMBARVUyRpbnN1cmFuY2Uua2xwdC5vcmcSOENVMVNHWjQzGmFzd2lmdF8wX2hvc3QOMTYweDYwMA53ZXN0X29yBDIzBkFEWBI4UFIxMTNKR0MOQklEX0FQSQAaYXN3aWZ0XzBfaG9zdAIwOHJ0Yi1lYmRhLTU5OTg4Y2M3Y2ItdzI1N20uT1I-MTcwMDA4MDgwMDEyNzAwMDE2MDA2MDAwMDAyNTYwMAIwACIAEEVYQ0hBTkdFAgJi&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-90-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 05 Jan 2024 17:39:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1CE3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstx8_1KfOThHutY5lN7ZrThKCQ0015KdtVZ78vSA03qoqMvy0RUDZlYQU9hyv0VzK-s1mYki51Dd5b47G4hVPgNpOGUtkE-Vtz12TD_p3hDUvP5VXgLz5T4&sig=Cg0ArKJSzBq5hWoMi8YuEAE&id=lidar2&mcvt=1001&p=0,0,604,160&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704476377853&rpt=536&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 17:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| blogsite function| blogsiteDomReady function| blogsiteToggleAttribute function| blogsiteMenuToggle function| blogsiteFindParents boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| google_llp object| GoogleGcLKhOms object| googletag object| google_image_requests

6 Cookies

Domain/Path Name / Value
insurance.klpt.org/ Name: quads_browser_width
Value: 1600
.klpt.org/ Name: __gads
Value: ID=a9637eb14ca84725:T=1704476377:RT=1704476377:S=ALNI_Ma__dJu1sZJ5-0C6joW3YaVftfduA
.klpt.org/ Name: __gpi
Value: UID=00000db119f43ac7:T=1704476377:RT=1704476377:S=ALNI_MbmjQLypuYgvcTNZRlqh9h6V-rEBA
.media.net/ Name: visitor-id
Value: 3474779785659653000V10
.doubleclick.net/ Name: IDE
Value: AHWqTUnkG5H8b6tESbor7IQ16FnRvYjUTUFnS7YE8MfwDEezLooGnAFYJ6h3KYBj1VU
.media.net/ Name: data-g
Value: CAESEMP5x-Uc8vjqjnFxUH5CNtE~~6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
contextual.media.net
cs.media.net
fonts.googleapis.com
googleads.g.doubleclick.net
hblg.media.net
insurance.klpt.org
lg3.media.net
pagead2.googlesyndication.com
qsearch-a.akamaihd.net
tpc.googlesyndication.com
warp.media.net
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.65.226
23.200.0.188
23.47.168.66
23.52.160.28
23.58.90.38
23.77.240.29
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::200a
45.76.154.238
02269a901331d907ea1afe2d231356370d8d4dec189070b02b86e07f89d907a7
0bc72368536e40de3b0fc97f2d15239b0b15efdaff74939fa8960dd74bc23236
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
1cc0e91420a0cc4ee77dd8abc2944a92779d0f7619e35d9e773cdd957771e0b0
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1f7231afd107bd58072c2d4cf76ec9b07bb703a9cc970941010c83886eb7107b
221adf03a69aba45c3a275a4f03ffdb4caa1da06ac2dbc770221e1ff5f2eb988
2369875e7a78a3457667c33f6cbf4b843f34d53be0e0e416e77a65f54809a54c
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2b20ba3e64d6ce716b0aa274f5eba5896b851c5c4f4cfe6a8ae7b0ab4df18820
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ef16319ad5142b715efac4d58de1cbf64ff6a72c1d33852e05f06d1a9776c5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
47aa507aa520ddf600e955596eb5b75a117eba68760dc9b10c5cbdebff98a9f0
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
541c1dec9560ca0b3650854c7111c8a34f1deeacefa81cdf6619024916928661
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dca2c163e36096d243831e6ba424ad842dffecfd0964fc2e7e812763848d515
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626b9292a7c274cb042c68aecb6ba5a686e20b4823914e8e1f89d5dabe73d294
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
82a1b54f3e05018baec3a33d1dc19b8068036f4d73977e92c1836b3b240263a2
85d3987a45a0fdca18652344761e0dce4f3616d51f7788ad3447c18a8eea5291
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8d67e66d5779f51d4e9229544b5bb2c2144a2ea2ac837a73252e6684a50333d9
8f40d7c888224dcf53cda237b7daf9b87fea8fcf061a15522a942fbc9a03a2b0
8f802f7568ab489d68e0b686f9a2efd81983e69e151c72e25d8236681b811a42
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a7fe9347c265a8ef227a2c0e3e0e6e62e75f14784355f556fa9ddb864c5753f6
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
be779b0e322b81f76bc00f275690c7a6b7f3cb407bdf383874080af920808c5c
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c98ab96f70da21edd6030b128ddef4f29c882513c3c535f160a7642539f338d3
ca7c81eefabd5e0d8ef105e1675d4c087b37b596c9e85184144bfa63008a20de
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d19c2277e9c8f1a31d2c721b37f7b1accda8f4906351f5a6381ef2e7cbb75fff
d7b66acb0c96567acc8707b2473c308c2cb90430df021e86b9c6161e60e3e752
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d8e8b70424cd0f3f1f5a9285e3b0d2a0d5546f371544550969facf69b81a0d90
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
db2e23ae7605eb424febdcf6162d44863af06c17416f1fa998f2a56aff300770
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e17b6e3cf6355d5c4664d679ca12033dace3164350533ee01976787c6c023c5d
e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fea674952d420a8e6bc0e32e8907c79150a27e6c1ce529b84c4e6dd55c4b8b24