urlscan.io logo urlscan.io
SecurityTrails logo

en.krystalmagick.com Open in urlscan Pro
34.149.87.45  Public Scan

Go To Rescan Add Verdict Report
URL: https://en.krystalmagick.com/
Submission: On December 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 28 domains to perform 243 HTTP transactions. The main IP is 34.149.87.45, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is en.krystalmagick.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 1st 2023. Valid for: 3 months.
This is the only time en.krystalmagick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.149.87.45 396982 (GOOGLE-CL...)
42 2607:f8b0:400... 15169 (GOOGLE)
11 3.231.23.212 14618 (AMAZON-AES)
57 151.101.65.91 54113 (FASTLY)
4 151.101.129.91 54113 (FASTLY)
3 18 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
41 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
7 21 142.250.72.98 15169 (GOOGLE)
4 8 172.64.151.101 13335 (CLOUDFLAR...)
4 6 68.67.160.114 29990 (ASN-APPNEX)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
4 2800:3f0:4002... 15169 (GOOGLE)
1 172.253.122.156 15169 (GOOGLE)
2 142.250.65.230 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 142.251.32.98 15169 (GOOGLE)
3 3 184.86.146.172 16625 (AKAMAI-AS)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 1 151.101.130.49 54113 (FASTLY)
2 74.119.119.150 19750 (AS-CRITEO)
1 1 31.220.27.155 39572 (ADVANCEDH...)
1 1 54.221.120.232 14618 (AMAZON-AES)
1 2 23.51.57.155 16625 (AKAMAI-AS)
1 2620:116:800b... 14618 (AMAZON-AES)
2 2 54.210.168.168 14618 (AMAZON-AES)
2 2 185.167.164.39 198622 (ADFORM)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 5.161.204.250 213230 (HETZNER-C...)
243 27
4    34.149.87.45 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.87.149.34.bc.googleusercontent.com
en.krystalmagick.com
42    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    3.231.23.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-23-212.compute-1.amazonaws.com
frog.wix.com
57    151.101.65.91 (United States)

ASN54113 (FASTLY, US)
static.parastorage.com
4    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
siteassets.parastorage.com
18    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
41    2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80a::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    2607:f8b0:4006:806::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
5    2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
21    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
6    68.67.160.114 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:24f1:6400:0:7dcd:9780:93a1 (United States)

ASN16509 (AMAZON-02, US)
en-krystalmagick-com.filesusr.com
4    2800:3f0:4002:80d::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
bid.g.doubleclick.net
2    142.250.65.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
ad.doubleclick.net
1    2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2607:f8b0:4006:15::6 (United States)

ASN15169 (GOOGLE, US)
r1---sn-ab5sznzy.c.2mdn.net
6    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
www.googleadservices.com
3    184.86.146.172 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
2    2606:ae80:1451:17::1370 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    54.221.120.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-120-232.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    54.210.168.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-168-168.compute-1.amazonaws.com
pm.w55c.net
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    5.161.204.250 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.250.204.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
Apex Domain
Subdomains		 Transfer
83 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
1 MB
61 parastorage.com
static.parastorage.com — Cisco Umbrella Rank: 6393
siteassets.parastorage.com — Cisco Umbrella Rank: 6838
848 KB
37 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
ad.doubleclick.net — Cisco Umbrella Rank: 139
247 KB
13 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
140 KB
11 wix.com
frog.wix.com — Cisco Umbrella Rank: 6329
3 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
4 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
138 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
5 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r1---sn-ab5sznzy.c.2mdn.net — Cisco Umbrella Rank: 80807
185 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
318 KB
4 krystalmagick.com
en.krystalmagick.com
255 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1523
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
328 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2647
723 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
606 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
725 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
886 B
2 filesusr.com
en-krystalmagick-com.filesusr.com
4 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7973
586 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 9014
288 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
537 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
92 KB
243 28
Domain Requested by
57 static.parastorage.com en.krystalmagick.com
static.parastorage.com
42 pagead2.googlesyndication.com en.krystalmagick.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
en-krystalmagick-com.filesusr.com
www.googletagservices.com
41 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
en.krystalmagick.com
tpc.googlesyndication.com
imasdk.googleapis.com
21 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
13 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
en.krystalmagick.com
11 frog.wix.com en.krystalmagick.com
static.parastorage.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
6 www.googleadservices.com
6 fonts.gstatic.com fonts.googleapis.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
5 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
5 www.googletagservices.com en.krystalmagick.com
googleads.g.doubleclick.net
5 fonts.googleapis.com googleads.g.doubleclick.net
4 csi.gstatic.com imasdk.googleapis.com
4 siteassets.parastorage.com en.krystalmagick.com
4 en.krystalmagick.com en.krystalmagick.com
static.parastorage.com
3 px.owneriq.net 3 redirects
3 www.google-analytics.com www.googletagmanager.com
3 www.gstatic.com googleads.g.doubleclick.net
2 sync-dmp.mobtrakk.com 2 redirects
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.teads.tv 1 redirects
2 dis.criteo.com googleads.g.doubleclick.net
2 dclk-match.dotomi.com 2 redirects
2 r1---sn-ab5sznzy.c.2mdn.net
2 ad.doubleclick.net en.krystalmagick.com
2 en-krystalmagick-com.filesusr.com static.parastorage.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 s0.2mdn.net googleads.g.doubleclick.net
en.krystalmagick.com
1 dsp.adkernel.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 sync.srv.stackadapt.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.googletagmanager.com static.parastorage.com
243 38

This site contains links to these domains. Also see Links.

Domain
www.krystalmagick.com
Subject Issuer Validity Valid
en.krystalmagick.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-01 -
2024-02-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.frog.wix.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-22 -
2024-03-20		 6 months crt.sh
static.parastorage.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-08 -
2024-08-08		 a year crt.sh
*.parastorage.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-31 -
2024-08-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.filesusr.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-26 -
2024-01-22		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-11-14 -
2024-01-23		 2 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh

This page contains 30 frames:

Primary Page: https://en.krystalmagick.com/
Frame ID: 96C2D9C8C391FA5AC75CCEDAA4771F11
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 5E2E843B53C38830470EF7D9E66CF929
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&adk=1812271804&adf=3025194257&lmt=1701432948&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432947735&bpp=4&bdt=212&idt=283&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5823599517550&frm=20&pv=2&ga_vid=2137318846.1701432948&ga_sid=1701432948&ga_hid=1837765268&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44809314%2C31078297%2C31079860%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=4087991418844724&tmod=95544401&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=320
Frame ID: 85C341D13379927EF15AE30CBEDB1795
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F6E3494B2F7E4CF7BA4688EC0BBD7F59
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4341C69C48CFE2DD307897EC94A12122
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 64EE35C1796E0B6DDCF13E51E416B8E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0C597ECD9F36D29238CC3DBD65DC7F04
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNVcrE9rIzkWGWL0xJXbC6aFZl3SjmubcTgD0jUwZhk4xxI4Hc0mdOURh4f_3Y3Edp-Mb-tju3qjqLl-DhfHrCp9NIAN1w
Frame ID: D52BAAB886F6850E54B0C93D69BADD98
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Frame ID: 9B59164C842BC9137C0D78F6D66C3EDA
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNWuikfInbXNjE7quxtzgN-gjXVH1Z2LScAcod4UV0vkapD8Y8kE__ekleMb17JBX1KzrkYn5a1sHf3NCiJPxBgd7cvIeQ
Frame ID: FD552A920658779CBADACFAC938B1E82
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/8276187446365717456
Frame ID: B0474B4EA42874525449D3C6A2B1A6FE
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21DE029C0C1AE279D28976A5E1B2CE78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 87021E8B3ACDACA6CDE0996C2EDCDA9D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 15330B7056B0F2FE9AA920C91908FF40
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Frame ID: EEEC1A7E8B0ECA972E15D60FB37C7312
Requests: 14 HTTP requests in this frame

Frame: https://en-krystalmagick-com.filesusr.com/html/7d14e7_cf8fd86f21500c2291da6c479b72db89.html
Frame ID: 1C23D858DAE80CF8F141B7C56019D4CF
Requests: 6 HTTP requests in this frame

Frame: https://en-krystalmagick-com.filesusr.com/html/7d14e7_cf8fd86f21500c2291da6c479b72db89.html
Frame ID: 056D26896940AF03939F03ED92D5F3FF
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1ABD801E93E8DFFEF27D126B32165487
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 7DF85815E4136760D4708281A72D04EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 202592135AE2E2712C83AE26E2FF0E6C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Frame ID: 286E5AA8B3A677AB92FCD7CB12633DCA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Frame ID: 6E013906FB0F59468A4A7A34B149A15F
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84FA5E2A440B9CA7D304A54CD148EAE7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9144E50E23A47871D7F8E3E08E67383
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 30B20AE17A75A4515CB8351D9D3EA15A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: ED8DE3CFEF8D8EB05240699E6F91AB96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06919902FCB787B2484ACE79D6AB1E97
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1EA5F6E8E06738D779FF14209F2088AE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C564E7EE89BAD413827C07842A274420
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FF123CD4A2DA43B6E5B4D6FF9994968B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

KrystalMagick

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.parastorage\.com
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

243
Requests

90 %
HTTPS

44 %
IPv6

28
Domains

38
Subdomains

27
IPs

4
Countries

3402 kB
Transfer

10447 kB
Size

41
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Request Chain 106
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWnOdXXrNXMXsdhPIIfIBgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
Request Chain 108
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Request Chain 110
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWnOdXXrNXMXsdhPIIfIBgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
Request Chain 112
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
Request Chain 157
  • https://gcdn.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/A278BA12DD9D84504D11C17FF20A489CBBAF09E7.116D72D56B663B51F2DF9090788CD5CD9D9DF4F0/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/75E63E77A3C44FFF2CAA6DE7FEB7D5705DE046C8.646169A0E2F5C6EAC5B228D72086C7809380DFB4/key/cms1/cms_redirect/yes/mh/cu/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1701431871/mv/u/mvi/1/pl/48/file/file.mp4
Request Chain 159
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ck3VgdM5pZYPrBeqFoPMPsfiyyAPv28zLc7WNqPjzEdeSgcWODhABIJjvwpMBYMnujovApIwQoAHcxs2qKsgBCagDAcgDywSqBOUBT9AJIABqnx7ofoJ-qSKAOJ2vz2MTFTR7IwOQ_3z5j0tmSICQZgaqt5w1BUBeFSQyfZOWJXidjxtUSNjSkj12Iq_eDvtNoBYU2bigC6EG9Ly-vN6PYgHQMU1DCbHCDzLxBLfGNP5s6iaoAQyTUEQ7jrygkrxscKer7YxRq-wH3e2FhvLThlloybANBdl3j8hW1oMpHKH0d1yf_M3TjtQJv5JAzSqaCXRBZJvhkblEtlsTNh-Boc5ILGyROckddyPTNZGJok1zeXgXWhOXmnLhJa4VK_t8Ct3oht2h7UtsBg1G-k2IQ8AEjdCf8LkEiAWzssz9TJIFBAgEGAGSBQQIBRgEoAYugAfc_p2KBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMTrFtIIHQiAYRABGB8yAooCOgKAQEi9_cE6WN7M69Ob7oIDmgknaHR0cHM6Ly93d3cubG92aW5nc3Vuc2hpbmVyZWFkaW5ncy5jb20vgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtoMEQoLEODl__jlmba_oAESAgEDuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi05MDUyOTI0NzExODA4MTI1GAA&sigh=hsmOqRcvaHg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNk1iLW6z5GbRCG0EXewytw2IB6TwEQ4ZBvanUya1dej68Ze8Igx0DoBPs0Vfm3hoYNsjsuWBE1Vbrr07N5AQi-GzZZlL686viRwEYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcba5377a39bff7de0000000000000000%22,%222%22:%220x6b970fb65b739a870000000000000000%22,%223%22:%220x15b59dcc6448f5e00000000000000000%22,%224%22:%220x70d11800079cd9ad0000000000000000%22,%225%22:%220x8c27c91f090020160000000000000000%22},%22debug_key%22:%2210689299592189576291%22,%22debug_reporting%22:true,%22destination%22:%22https://lovingsunshinereadings.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211363640156%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22721910400620498289%22}&andc=true
Request Chain 194
  • https://px.owneriq.net/ecmg?google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_cver=1&google_push=AXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O6rNzepWxcEpWmDqFwltbBiDuIIkR7q86w HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O6rNzepWxcEpWmDqFwltbBiDuIIkR7q86w%26google_cver%3d1%26google_gid%3dCAESELooqO6bRHbKrh2uV-APZiA%26google_hm%3dUTc1NDcxOTM1MTE2MTgzOTE5NTA%3d&uid=Q7547193511618391950&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O6rNzepWxcEpWmDqFwltbBiDuIIkR7q86w&google_cver=1&google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_hm=UTc1NDcxOTM1MTE2MTgzOTE5NTA=
Request Chain 195
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOhLDUtDNwqvnnalDVQ2bpE&google_cver=1&google_push=AXcoOmQKQ9wfXSwWWPKTwT4yEf0-vWUYxch_QjcJMd0b0lOoukb3SMtj-Ftq20q77p9YvmonnpJ5qQ0XssdQHDQGYooa895wQo1Dag HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=615629f6c7ca140f&is_secure=true&networkId=14000&version=1&google_gid=CAESEOhLDUtDNwqvnnalDVQ2bpE&google_cver=1&google_push=AXcoOmQKQ9wfXSwWWPKTwT4yEf0-vWUYxch_QjcJMd0b0lOoukb3SMtj-Ftq20q77p9YvmonnpJ5qQ0XssdQHDQGYooa895wQo1Dag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_NFAVvc19QN9g99nAAAAAAA&expiration=1701519351&google_cver=1&is_secure=true&google_gid=CAESEOhLDUtDNwqvnnalDVQ2bpE&google_push=AXcoOmQKQ9wfXSwWWPKTwT4yEf0-vWUYxch_QjcJMd0b0lOoukb3SMtj-Ftq20q77p9YvmonnpJ5qQ0XssdQHDQGYooa895wQo1Dag
Request Chain 196
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGoRUio1ruLkt7Odw3UwRlA&google_cver=1&google_push=AXcoOmSXvSsAyBN62UcjsxYRtnb-jvJmNcL7cYqs_GV9d85fv-OMY11IG_H8fi0a42HsOps8AuRxn9phYCVctndeL-9F4KxJqRiHmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGoRUio1ruLkt7Odw3UwRlA&google_push=AXcoOmSXvSsAyBN62UcjsxYRtnb-jvJmNcL7cYqs_GV9d85fv-OMY11IG_H8fi0a42HsOps8AuRxn9phYCVctndeL-9F4KxJqRiHmA
Request Chain 198
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJk3QbnVUspqSNNG2h9t8a4&c_param1=AXcoOmQ8aIDGDpl9jV9lSmuLtfpGk6sHWZWXb_v0uheXqr_K_zK1Wqx4dcSDHKqHh58ss6mWee0K5PUqBBtq8-W4320WqC0sdFzT&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ8aIDGDpl9jV9lSmuLtfpGk6sHWZWXb_v0uheXqr_K_zK1Wqx4dcSDHKqHh58ss6mWee0K5PUqBBtq8-W4320WqC0sdFzT
Request Chain 199
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEpXn59XsdioKTRhLBvx1M8&google_cver=1&google_push=AXcoOmSZLvTiQ8_o8h_dCMNXIe8G30_XZv_J9uAcnC9fnWkLlSHqWVqVZu8pV0dl8DiEDZWHJCz7OcEMMxY27kl9wOnpUqluWIgAFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZSfz20w6V599SbOcGzQRzmAJ-SQ&google_push=AXcoOmSZLvTiQ8_o8h_dCMNXIe8G30_XZv_J9uAcnC9fnWkLlSHqWVqVZu8pV0dl8DiEDZWHJCz7OcEMMxY27kl9wOnpUqluWIgAFQ
Request Chain 200
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPF77wHZH5xaIh84aLkJKbo&google_cver=1&google_push=AXcoOmQuMV_DuA7_UlHuP29QQ_Td4jzp7PHmPGW59qpqQtezTE7OBLv98P6JwIgLEGChWToovtJCUl1s6VascFvYj37kzJPooRJBysM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzFiNTA1YTMtN2Y0OS00ZDQyLTllOGYtZjM0ZjhiOTZhNTg0&google_push=AXcoOmQuMV_DuA7_UlHuP29QQ_Td4jzp7PHmPGW59qpqQtezTE7OBLv98P6JwIgLEGChWToovtJCUl1s6VascFvYj37kzJPooRJBysM HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 212
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CkEW9ds5pZbPFGMuG3rsPjKu2yAufq876ZvbE49zhEcCNtwEQASCY78KTAWDJ7o6LwKSMEKABpIm7kwLIAQmoAwHIA8uEgIAEqgTdAU_Qc-pIgkZaZf3ITpsNiSOC88j7T7FFFKQfZEWouMTYcbxWhDIoRtOSTXZlHpdIufOmSJ9P5D3hkF7uJDZPflRKeU8D-1t0sAHut-wB_N5wwOC8yPdypI21CNz20Z88InEXY0RkuplhFolS2hEEpENLOy72aDX7f4yF96hGDBIxXX0DHouhlWb77JcI2EOhxdv0K-M365wAvu1N-f_ZQLhCu-riip7Ktfl0d9eUxKKPe2GezYkGqlI93Js3EzmilFgmvrOIEQwk8hhuXMVWC9YSB_E5ktKIg0BUr3VzwATcwNeE2AOIBY_3weQpkgUECAQYAZIFBAgFGASgBi6AB8T2xOwBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ5YUO0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj5nfjUm-6CA5oJHWh0dHBzOi8vZmllbGRzb2Zmb3J0dW5lcy5jb20vgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQsMLKqOWQ4ZB7EgIBA7gT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItOTA1MjkyNDcxMTgwODEyNRgA&sigh=lapIVmSEMJQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNyJr3klyVC7IuDK-vIQaVBzVFrbErILMpgKooEcOQe8nGMrK1nB2e6oihsPDv0DnYtXi7ifNtGAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e52f9bffe770000000000000000%22,%224%22:%220x33191568df5586640000000000000000%22,%225%22:%220xd61a1efe36cddf340000000000000000%22},%22debug_key%22:%22254076532262281451%22,%22debug_reporting%22:true,%22destination%22:%22https://fieldsoffortunes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22577684644%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221870941720975949185%22}&andc=true
Request Chain 216
  • https://px.owneriq.net/ecmg?google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_cver=1&google_push=AXcoOmR8Igh3Y0_XJwBIcT_rxXcMmefW1Je4yVLlqHD6AV834WM5kbLBhmOIcXhmtlj4FXJPNsR2qRxH-H1y8Q3YQhYfPmIZxiRe0nU1X_E_Hvh3qwv-S0ZOtVOBG3UfuTYK8CXlt_v2tV2LNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR8Igh3Y0_XJwBIcT_rxXcMmefW1Je4yVLlqHD6AV834WM5kbLBhmOIcXhmtlj4FXJPNsR2qRxH-H1y8Q3YQhYfPmIZxiRe0nU1X_E_Hvh3qwv-S0ZOtVOBG3UfuTYK8CXlt_v2tV2LNg&google_cver=1&google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_hm=UTc1NDcxOTM1MTE2MTgzOTE5NTBQ
Request Chain 217
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&google_cver=1&google_push=AXcoOmRl5qz_groNcDTOYXG87h7k3_-6Y2zhEhd92bAgOhF6qOHyAaPKHi2uRgNzUfLHD_VSH_zI3z5tX910JKdFlj3xjYppVKWaj1sB5Z7041pNWNfBEUBgRZ6Cx4928fdAxYouUs33MvFb6g HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&google_cver=1&google_push=AXcoOmRl5qz_groNcDTOYXG87h7k3_-6Y2zhEhd92bAgOhF6qOHyAaPKHi2uRgNzUfLHD_VSH_zI3z5tX910JKdFlj3xjYppVKWaj1sB5Z7041pNWNfBEUBgRZ6Cx4928fdAxYouUs33MvFb6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek5uQXFwejYxUjkycVg1&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&google_cver=1&google_push=AXcoOmRl5qz_groNcDTOYXG87h7k3_-6Y2zhEhd92bAgOhF6qOHyAaPKHi2uRgNzUfLHD_VSH_zI3z5tX910JKdFlj3xjYppVKWaj1sB5Z7041pNWNfBEUBgRZ6Cx4928fdAxYouUs33MvFb6g
Request Chain 219
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOrCKQsptkhPcxZNny8KB3I&google_cver=1&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr6urZQMCeEH-1zzUQRcMJVcXxLAsN4bX-OFC6r7XFvp-GUspc6la5MikxwIRXG_R4LaaJWCA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOrCKQsptkhPcxZNny8KB3I&google_cver=1&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr6urZQMCeEH-1zzUQRcMJVcXxLAsN4bX-OFC6r7XFvp-GUspc6la5MikxwIRXG_R4LaaJWCA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NjEwMTk2MzIyMjU1MjEzOA&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr6urZQMCeEH-1zzUQRcMJVcXxLAsN4bX-OFC6r7XFvp-GUspc6la5MikxwIRXG_R4LaaJWCA
Request Chain 220
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ9qFMu1bSZTvGgub-cplRc&google_cver=1&google_push=AXcoOmTDB2E84myCBK6l47-MPGXHcrTBR17ABJ57Mg-xLuktMqzndq4N-fC892Akqz2NDaRCG1ZlD2s9kaFYg9Oel0PBYnUBu2WuEY4bL8vKxyzaOBrsqP6vUkB9R3WqX5hyjvSik6hIz6Hixw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc5NTkwNTU3NjU0NDA5NTIzNDE&google_push=AXcoOmTDB2E84myCBK6l47-MPGXHcrTBR17ABJ57Mg-xLuktMqzndq4N-fC892Akqz2NDaRCG1ZlD2s9kaFYg9Oel0PBYnUBu2WuEY4bL8vKxyzaOBrsqP6vUkB9R3WqX5hyjvSik6hIz6Hixw
Request Chain 221
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEGakp23VRt8u6AZqbBYq4uY&google_cver=1&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquPvfGELnn2xCozHjWRqk4RA9by_TsHTvj2uijBxXAtpbHwibIc8G0K5t7FqQ HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEGakp23VRt8u6AZqbBYq4uY&google_cver=1&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquPvfGELnn2xCozHjWRqk4RA9by_TsHTvj2uijBxXAtpbHwibIc8G0K5t7FqQ&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWVkYzM4MmIwNTFmMTg5ZQ&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquPvfGELnn2xCozHjWRqk4RA9by_TsHTvj2uijBxXAtpbHwibIc8G0K5t7FqQ
Request Chain 224
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CCYCuds5pZZ_1G6nMoPMP_5aCsAufq876ZvbE49zhEcCNtwEQASCY78KTAWDJ7o6LwKSMEKABpIm7kwLIAQmoAwHIA8sEqgTdAU_QOmUY6KAL37Dzgt2OADjR9gOFZu_5EhLYPeelDrS47-OwB5m7s_rSfKmzGZfNwDqVMtcrf904sthaRm0U9ZwVCw3XqyP60V4abX4qgIQitU_-ZDhKmPD6fCpzXUIQXBqSKpHVHEpLy5NNyQCpje5ln_ErELFwZEJv1R73x6DIINQYomDtK5aBUQGue--Uz5ZsWw-R13IYGufqxXtWFBlrOHTh5IjW5YebF0Loy3uDkMRbG72X30n0AVij1pDkh25v-s7DRrR031YzFVemgt1fIH_sTho1BNe7LtfNwATcwNeE2AOIBY_3weQpkgUECAQYAZIFBAgFGASgBi6AB8T2xOwBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQjL4J0ggdCIBhEAEYHzICigI6AoBASL39wTpY8-v71JvuggOaCR1odHRwczovL2ZpZWxkc29mZm9ydHVuZXMuY29tL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEKCl4ML7_O2t5wESAgEDuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi05MDUyOTI0NzExODA4MTI1GAA&sigh=pahoquhEy8A&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNfbyAG99rr3WOt6uT9y1lmQkJ6eWV9GHaZ2_KV1n0KDcZyqdQslTsnasWXdeUfSt1PrOL0VgyGAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e52f9bffe770000000000000000%22,%224%22:%220x33191568df5586640000000000000000%22,%225%22:%220xd61a1efe36cddf340000000000000000%22},%22debug_key%22:%2213630753513616330458%22,%22debug_reporting%22:true,%22destination%22:%22https://fieldsoffortunes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22577684644%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216683477028881254401%22}&andc=true

243 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
en.krystalmagick.com/ 		642 KB
121 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
70ce13c80a0477d869bd31760b537e2398bb0b2d061510c4826a48cc399dbfe5
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
5367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
content-language
en
content-length
123486
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 12:15:47 GMT
link
<https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
server
Pepyaka/1.19.10
server-timing
cache;desc=miss, varnish;desc=miss_hit, dc;desc=fastly_g
strict-transport-security
max-age=3600
vary
Accept-Encoding
via
1.1 google
x-cache
HIT
x-content-type-options
nosniff
x-seen-by
yvSunuo/8ld62ehjr5B7kA==
x-served-by
cache-iad-kjyo7100123-IAD
x-wix-request-id
1701427579.69511672014023516210
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9052924711808125
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3690e0f91d39036bc6030bf5838b275ca3f3e2efc6b53b5907efbcd4a4e3bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52767
x-xss-protection
0
server
cafe
etag
16304792085009524040
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:47 GMT
bolt-performance
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=42&microPop=fastly_g&is_cached=false&msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&session_id=9b66f974-977b-4a36-ae09-282ee86d207d&ish=true&isb=true&isbr=plugins-extra&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&caching=miss,miss_hit&pv=visible&pn=1&v=1.13164.0&url=https%3A%2F%2Fen.krystalmagick.com%2F&st=2&ts=2&tsn=165&platformOnSite=true
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
dynamicmodel
en.krystalmagick.com/_api/v2/ 		28 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://en.krystalmagick.com/_api/v2/dynamicmodel
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
57195dc7164b6fefd0b7a709822ebbe4bf229928df2026b36886248c7f4ba53f
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
br
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 12:15:47 GMT
via
1.1 google
age
19382
x-cache
MISS
server-timing
cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-iad-kjyo7100111-IAD
x-wix-request-id
1701432947.5741169336427684678
server
Pepyaka/1.19.10
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private,no-cache,no-store
accept-ranges
bytes
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLl77sBeKLtHVaXbFQUDNQYPu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalqeeT/rORjctXFlmbjQx23yZoyplVHAKexY5Q/y5KxTkOXgxRBkMxB4Dr1nWeIifBg==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL
2hXzmNaFRuKTSBR9nRGO-A.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/lato/v14/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/lato/v14/2hXzmNaFRuKTSBR9nRGO-A.woff2
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
b790d5c543466ddf7faf3e2dd42b971c3bb5687ccd414b8e122b41fd2ec196b8

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
date
Fri, 01 Dec 2023 12:15:47 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
2147449
x-cache-status
HIT
x-cache
HIT
x-envoy-upstream-service-time
20
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24752
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1699426614.8052028614613215299
server
Pepyaka/1.19.0
x-timer
S1701432948.642272,VS0,VE0
access-control-allow-methods
GET, OPTIONS, POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
2
thunderbolt
siteassets.parastorage.com/pages/pages/ 		84 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221005%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2218%22%7D&beckyExperiments=specs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.catharsis_theme_optimize_css%3Atrue%2Cspecs.thunderbolt.backgroundColorPerBreakpoint%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.native_css_mappers_popups%3Atrue%2Cspecs.thunderbolt.wowImageRelayout%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.responsiveShapeDividersPublic%3Atrue%2Cspecs.thunderbolt.compsMeasuresCss_catharsis%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.url_hierarchy%3Atrue%2Cspecs.thunderbolt.scaleprop%3Atrue%2Cspecs.thunderbolt.interactionsOverrides%3Atrue%2Cspecs.thunderbolt.displayRefComponentsAsBlock%3Atrue%2CuseTranslatedUrlSlugs%3Atrue%2Cspecs.thunderbolt.responsiveLayout_optimize_css%3Atrue%2Cspecs.thunderbolt.theme_fonts_colors_catharsis%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.2748.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_compFixerPropertySplit%2Cdm_fixVectorImageModesProperties%2Cdm_linkTargetDefaults%2Cdm_removePageDataUnderTranslations%2Cdm_runTranslationsPageUriSeoFixer&externalBaseUrl=https%3A%2F%2Fen.krystalmagick.com&fileId=a83647c7.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=true&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=Subdomain&metaSiteId=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-features&originalLanguage=zh&pageId=7d14e7_1865d80ef52d0dd9afa78b17103a8a74_107.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a00443dd-3758-46c7-9241-094e16b19582&siteRevision=107&staticHTMLComponentUrl=https%3A%2F%2Fen-krystalmagick-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
200ed9a8cd6ee9c2420d2cab03a9f445296a309b80c0abf0fbbbcf2b4217a180

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375xW9Ms9IQL2HG9X48emqdN,ZUT6NeJ/NsDmQ9DMGnwT1CIjmOzmapZydGfiqJCxYjxGm22l4sMMyE0/ceb+9yL4
date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
age
5367
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14437
x-served-by
cache-yyz4521-YYZ
x-wix-request-id
1701427580.7085126106026129601
server
Pepyaka/1.19.10
x-timer
S1701432948.673209,VS0,VE1
etag
W/"14e22-dEnbGFVVeBsKsknqOess9lHn5PU"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-cache-hits
1
thunderbolt
siteassets.parastorage.com/pages/pages/ 		89 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221005%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2218%22%7D&beckyExperiments=specs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.catharsis_theme_optimize_css%3Atrue%2Cspecs.thunderbolt.backgroundColorPerBreakpoint%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.native_css_mappers_popups%3Atrue%2Cspecs.thunderbolt.wowImageRelayout%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.responsiveShapeDividersPublic%3Atrue%2Cspecs.thunderbolt.compsMeasuresCss_catharsis%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.url_hierarchy%3Atrue%2Cspecs.thunderbolt.scaleprop%3Atrue%2Cspecs.thunderbolt.interactionsOverrides%3Atrue%2Cspecs.thunderbolt.displayRefComponentsAsBlock%3Atrue%2CuseTranslatedUrlSlugs%3Atrue%2Cspecs.thunderbolt.responsiveLayout_optimize_css%3Atrue%2Cspecs.thunderbolt.theme_fonts_colors_catharsis%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.2748.0&disableStaticPagesUrlHierarchy=false&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_compFixerPropertySplit%2Cdm_fixVectorImageModesProperties%2Cdm_linkTargetDefaults%2Cdm_removePageDataUnderTranslations%2Cdm_runTranslationsPageUriSeoFixer&externalBaseUrl=https%3A%2F%2Fen.krystalmagick.com&fileId=a83647c7.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=true&isPremiumDomain=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=Subdomain&metaSiteId=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-features&originalLanguage=zh&pageId=7d14e7_f95212023695187f16699d5f6717b478_107.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a00443dd-3758-46c7-9241-094e16b19582&siteRevision=107&staticHTMLComponentUrl=https%3A%2F%2Fen-krystalmagick-com.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4ff37800845024456756c5a39ad1c0c47c400c31e69940bd94014f7589b8f326

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375/+a5xM/bLKY61R8sv4cw+,ZUT6NeJ/NsDmQ9DMGnwT1CIjmOzmapZydGfiqJCxYjxGm22l4sMMyE0/ceb+9yL4
date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
age
5367
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13502
x-served-by
cache-yyz4521-YYZ
x-wix-request-id
1701427580.7095103156555126801
server
Pepyaka/1.19.10
x-timer
S1701432948.673590,VS0,VE1
etag
W/"16268-Tg7R7OKueXK1Nz5MjW3zG14S94U"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-cache-hits
1
thunderbolt
siteassets.parastorage.com/pages/pages/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221005%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2218%22%7D&beckyExperiments=specs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.catharsis_theme_optimize_css%3Atrue%2Cspecs.thunderbolt.backgroundColorPerBreakpoint%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.native_css_mappers_popups%3Atrue%2Cspecs.thunderbolt.wowImageRelayout%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.responsiveShapeDividersPublic%3Atrue%2Cspecs.thunderbolt.compsMeasuresCss_catharsis%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.url_hierarchy%3Atrue%2Cspecs.thunderbolt.scaleprop%3Atrue%2Cspecs.thunderbolt.interactionsOverrides%3Atrue%2Cspecs.thunderbolt.displayRefComponentsAsBlock%3Atrue%2CuseTranslatedUrlSlugs%3Atrue%2Cspecs.thunderbolt.responsiveLayout_optimize_css%3Atrue%2Cspecs.thunderbolt.theme_fonts_colors_catharsis%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.2748.0&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_compFixerPropertySplit%2Cdm_fixVectorImageModesProperties%2Cdm_linkTargetDefaults%2Cdm_removePageDataUnderTranslations%2Cdm_runTranslationsPageUriSeoFixer&externalBaseUrl=https%3A%2F%2Fen.krystalmagick.com&fileId=fa5fcabe.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-platform&originalLanguage=zh&pageId=7d14e7_1865d80ef52d0dd9afa78b17103a8a74_107.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a00443dd-3758-46c7-9241-094e16b19582&siteRevision=107&staticHTMLComponentUrl=https%3A%2F%2Fen-krystalmagick-com.filesusr.com%2F&viewMode=desktop
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
d66866f26f4cbe8a9a6ade4046febb2129f6a6c3c5837a22a13377291b5dc747

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377hrZQ/7KPXPsS1JaHBNUHe,ZUT6NeJ/NsDmQ9DMGnwT1CIjmOzmapZydGfiqJCxYjyMv8lvFVfQpI36tdzdCOCQ
date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
5367
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
862
x-served-by
cache-yyz4521-YYZ
x-wix-request-id
1701427580.708494631928618725
server
Pepyaka/1.19.10
x-timer
S1701432948.673774,VS0,VE1
etag
W/"a90-6SFiOeEuFBCbXxY8dm0SWZP4OD4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-cache-hits
1
thunderbolt
siteassets.parastorage.com/pages/pages/ 		48 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%221005%22%2C%2214271d6f-ba62-d045-549b-ab972ae1f70e%22%3A%2218%22%7D&beckyExperiments=specs.thunderbolt.supportSpxInEEMappers%3Atrue%2Cspecs.thunderbolt.one_cell_grid_display_flex%3Atrue%2Cspecs.thunderbolt.MediaContainerAndPageBackgroundMapper%3Atrue%2Cspecs.thunderbolt.catharsis_theme_optimize_css%3Atrue%2Cspecs.thunderbolt.backgroundColorPerBreakpoint%3Atrue%2Cspecs.thunderbolt.edixIsInFirstFold%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.native_css_mappers_popups%3Atrue%2Cspecs.thunderbolt.wowImageRelayout%3Atrue%2Cspecs.thunderbolt.useElementoryRelativePath%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.enableTriggersOnDynamicMount%3Atrue%2Cspecs.thunderbolt.DDMenuMigrateCssCarmiMapper%3Atrue%2Cspecs.thunderbolt.responsiveShapeDividersPublic%3Atrue%2Cspecs.thunderbolt.compsMeasuresCss_catharsis%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.url_hierarchy%3Atrue%2Cspecs.thunderbolt.scaleprop%3Atrue%2Cspecs.thunderbolt.interactionsOverrides%3Atrue%2Cspecs.thunderbolt.displayRefComponentsAsBlock%3Atrue%2CuseTranslatedUrlSlugs%3Atrue%2Cspecs.thunderbolt.responsiveLayout_optimize_css%3Atrue%2Cspecs.thunderbolt.theme_fonts_colors_catharsis%3Atrue%2Cspecs.thunderbolt.catharsis_fontFaces%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.2748.0&editorName=Unknown&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_compFixerPropertySplit%2Cdm_fixVectorImageModesProperties%2Cdm_linkTargetDefaults%2Cdm_removePageDataUnderTranslations%2Cdm_runTranslationsPageUriSeoFixer&externalBaseUrl=https%3A%2F%2Fen.krystalmagick.com&fileId=fa5fcabe.bundle.min&formFactor=desktop&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&migratingToOoiWidgetIds=14fd5970-8072-c276-1246-058b79e70c1a&module=thunderbolt-platform&originalLanguage=zh&pageId=7d14e7_f95212023695187f16699d5f6717b478_107.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.11509.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.238.0&siteId=a00443dd-3758-46c7-9241-094e16b19582&siteRevision=107&staticHTMLComponentUrl=https%3A%2F%2Fen-krystalmagick-com.filesusr.com%2F&viewMode=desktop
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
1a4c99d9bbd7b858e388b892d2afc5e2cbc4415c2a7aae78da923b320f5bb573

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377hrZQ/7KPXPsS1JaHBNUHe,ZUT6NeJ/NsDmQ9DMGnwT1CIjmOzmapZydGfiqJCxYjxCsKVs6mH/U/TuXAbpTSo6
date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6848
x-served-by
cache-yyz4521-YYZ
x-wix-request-id
1701432947.748495318176618725
server
Pepyaka/1.19.10
x-timer
S1701432948.673622,VS0,VE85
etag
W/"c1d9-315jYYK7h0tvvdrtk9kWooMTdFo"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
age,via,x-cache-status,X-cache-status
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*,x-wix-client-artifact-id
x-cache-hits
0
thunderbolt-commons.42d9e385.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-commons.42d9e385.bundle.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
3c623b5494cb657bed8ac695860daf590697e50b8495964bd89c9087d86c5133

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
x-amz-version-id
BUgJvyzT8__bFvCH_68OUStWXFO8F_J4
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1354750
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26455
x-served-by
cache-yyz4527-YYZ
x-wix-request-id
1700128704.894325183895228883
last-modified
Wed, 15 Nov 2023 19:39:49 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.669827,VS0,VE0
etag
W/"af766e36c9b9d7cdd161ef6966f33964"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
72
main.0c93ca04.bundle.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		166 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/main.0c93ca04.bundle.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
dd76419d50dc3b85c73a1f4b8fbdf7ab4aa98a09e9ebe15ab8d90cd01cfd1b66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
Zre27rwCyPp3iNQMAxb4g_hHLl.xUrUs
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1059069
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
44820
x-served-by
cache-yyz4527-YYZ
x-wix-request-id
1700375552.268363787761518881
last-modified
Sun, 19 Nov 2023 04:24:26 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.670727,VS0,VE0
etag
W/"43cfd711fbe99aa433dafaa1fae372e5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
73
lodash.min.js
static.parastorage.com/unpkg/lodash@4.17.21/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/lodash@4.17.21/lodash.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
2835558
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25102
x-served-by
cache-yyz4527-YYZ
x-wix-request-id
1698742458.118531705207226801
last-modified
Sat, 28 Oct 2023 19:19:08 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.670623,VS0,VE0
etag
W/"9becc40fb1d85d21d0ca38e2f7069511"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
86
react.production.min.js
static.parastorage.com/unpkg/react@16.14.0/umd/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/react@16.14.0/umd/react.production.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc5vmOqEUAvpMT8wVYFcODYEQXT2AyjWfyxKagyd4/pDD
date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
230363
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4703
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1701329562.1344988526201129602
last-modified
Sat, 25 Nov 2023 01:23:55 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.642143,VS0,VE0
etag
W/"63d498e143f421cc44dfb64f22fef270"
access-control-max-age
3000
access-control-allow-methods
GET, GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
65
react-dom.production.min.js
static.parastorage.com/unpkg/react-dom@16.14.0/umd/ 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVc5vmOqEUAvpMT8wVYFcODYEQXT2AyjWfyxKagyd4/pDD
date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
1624807
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
36048
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1699958855.9112925498083426803
last-modified
Wed, 01 Nov 2023 05:26:45 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.643333,VS0,VE0
etag
W/"c5abc87541fe6bb0f43f22af475a8b20"
access-control-max-age
3000
access-control-allow-methods
GET, GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
67
bt
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_hit&dc=42&microPop=fastly_g&et=1&event_name=Init&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&pn=1&sessionId=9b66f974-977b-4a36-ae09-282ee86d207d&siterev=107-__siteCacheRevision__&st=2&ts=56&tts=220&url=https%3A%2F%2Fen.krystalmagick.com%2F&v=1.13164.0&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&_brandId=wix
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
bt
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_hit&dc=42&microPop=fastly_g&et=12&event_name=Partially%20visible&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&pn=1&sessionId=9b66f974-977b-4a36-ae09-282ee86d207d&siterev=107-__siteCacheRevision__&st=2&ts=58&tts=221&url=https%3A%2F%2Fen.krystalmagick.com%2F&v=1.13164.0&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&_brandId=wix
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
SlGUmQSNjdsmc35JDF1K5GR1SDk_YAPI.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/ebgaramond/v12/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/ebgaramond/v12/SlGUmQSNjdsmc35JDF1K5GR1SDk_YAPI.woff2
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
f6b2854eec8fac48964da257b70b229819a77fc9341330e0a44abacbf83ea2f1

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
date
Fri, 01 Dec 2023 12:15:47 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
249505
x-cache-status
HIT
x-cache
HIT
x-envoy-upstream-service-time
18
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
39408
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1701244500.430477972043018881
server
Pepyaka/1.19.0
x-timer
S1701432948.642192,VS0,VE1
access-control-allow-methods
GET, OPTIONS, POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
-W_7XJX0Rz3cxUnJC5t6fkQLfr8nfiI.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/kellyslab/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/kellyslab/v10/-W_7XJX0Rz3cxUnJC5t6fkQLfr8nfiI.woff2
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
edbe30dfafbb914c4c35c54ef54af14648658a9f33864e9862924287e23e6da7

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
date
Fri, 01 Dec 2023 12:15:47 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
241741
x-cache-status
HIT
x-cache
HIT
x-envoy-upstream-service-time
55
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9996
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1701253525.0724978415672215300
server
Pepyaka/1.19.0
x-timer
S1701432948.642172,VS0,VE1
access-control-allow-methods
GET, OPTIONS, POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
7nLfsQCzhQW_PwpkrwroYw.woff2
static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/lato/v14/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/tag-bundler/api/v1/fonts-cache/googlefont/woff2/s/lato/v14/7nLfsQCzhQW_PwpkrwroYw.woff2
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
fefa9f00668720df39f013b8fa87f9d43f48863260bba6367ff060e83900d951

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
date
Fri, 01 Dec 2023 12:15:47 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
2151843
x-cache-status
HIT
x-cache
HIT
x-envoy-upstream-service-time
108
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24488
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1699342784.5981781071800115299
server
Pepyaka/1.19.0
x-timer
S1701432948.642248,VS0,VE0
access-control-allow-methods
GET, OPTIONS, POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
2
PacificaW00-Condensed.woff2
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/fonts/Pacifica/v1/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/fonts/Pacifica/v1/PacificaW00-Condensed.woff2
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
14d31e4fe7492568397f464521aca05afb6030ac6dc64a1fd2d3883d95a7d3e2

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
BY3vo9ufh7VJHmNAM2zc_CxUXU08MPqU
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
938246
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8300
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1700515997.438375410194868725
last-modified
Sun, 19 Nov 2023 14:14:44 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.642212,VS0,VE1
etag
"155b8fda9d5e60c2fac9b38ed0a1ea32"
access-control-allow-methods
GET, OPTIONS, POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
clientWorker.315bbd37.bundle.min.js
en.krystalmagick.com/_partials/wix-thunderbolt/dist/ 		445 KB
123 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://en.krystalmagick.com/_partials/wix-thunderbolt/dist/clientWorker.315bbd37.bundle.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
cf2acd7bd94a32f5383ca07d5d660eb943b68f18f2bf0c458881669c427ff250
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
7qb_AmxHlMxxS00FWChjv7VzkYAofuXZ
content-encoding
br
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 12:15:47 GMT
via
1.1 google
strict-transport-security
max-age=300
age
88677
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
server-timing
cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_g
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125907
x-served-by
cache-iad-kjyo7100174-IAD
x-wix-request-id
1701427580.65911691117319010468
last-modified
Tue, 28 Nov 2023 08:01:09 GMT
server
Pepyaka/1.19.10
etag
"c4ac054be89af2656a5fa94e9f5360f7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by
yvSunuo/8ld62ehjr5B7kA==
bolt-performance
frog.wix.com/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=42&microPop=fastly_g&is_cached=false&msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&session_id=9b66f974-977b-4a36-ae09-282ee86d207d&ish=true&isb=true&isbr=plugins-extra&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&caching=miss,miss_hit&pv=visible&pn=1&v=1.13164.0&url=https%3A%2F%2Fen.krystalmagick.com%2F&st=2&ts=2&tsn=165&name=partially_visible&duration=1701432947627&pageId=vo17a
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:47 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
siteTags.bundle.min.js
static.parastorage.com/services/tag-manager-client/1.820.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/tag-manager-client/1.820.0/siteTags.bundle.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
ca3396f3825bb4251ac34b999ddc5f589ef860b95e3667d57ee26e3061503ca8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc/5LLToOojZxL2HBjY1XAnAghGES6Jsix+7j8qfOfk1L
x-amz-version-id
MOl93v1tYXR3lDybq01dYy.kcD3jPxUf
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
4938282
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2862
x-served-by
cache-yyz4527-YYZ
x-wix-request-id
1696499858.1991214911212611800
last-modified
Wed, 04 Oct 2023 23:35:35 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.670646,VS0,VE0
etag
W/"7145d37309f2d1ad0f961c6c0a0db191"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
72
wix-perf-measure.umd.min.js
static.parastorage.com/services/wix-perf-measure/1.1095.0/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-perf-measure/1.1095.0/wix-perf-measure.umd.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjMXxQm1EY0IGoQ+Aul+AXR,aVxMblM8KFG3we5NLvyVc5a79avpR2DZCk9xnuoLql1jPZTuGyYqVhtmEIgJUb4w
x-amz-version-id
d_65nj5pIwn6CoD0aRGfXMjjwX8shxmq
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
3976271
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11261
x-served-by
cache-yyz4527-YYZ
x-wix-request-id
1697612568.748232619396214945
last-modified
Mon, 02 Oct 2023 07:39:57 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.670668,VS0,VE0
etag
W/"5e646fa090a760653cfa56c727bb5a13"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
75
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 		398 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9052924711808125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
882fc549b691097da943b2a10070952919b1ec5a6018877409acc0d317c75ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137624
x-xss-protection
0
server
cafe
etag
1937663209165140100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:47 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 5E2E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9052924711808125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
58096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:07:31 GMT
etag
12051592065903069241
expires
Thu, 14 Dec 2023 20:07:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
thunderbolt-components-registry.bde3051a.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
bd9885cb2cb1ebb67d96ef927f1e6286ecca16539e16c3dd29a3e5e82a7410a1

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
L6tVf4E0RbmZvxw82BJLjAvSLyr5EzMX
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1542564
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6313
x-served-by
cache-yyz4579-YYZ
x-wix-request-id
1699945116.7663022716170115300
last-modified
Mon, 13 Nov 2023 15:30:39 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.835473,VS0,VE0
etag
W/"f045702df90df45ab600ca6750ad45a9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
355
group_2.c20fb983.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_2.c20fb983.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
dbafbc8362375463324406393d7e956969a80e6d8aa152af7188cb6e48ac4105

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
Xy0FWWBaf04XgF6hx8_5uBJkyqM5rfhj
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1640734
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14730
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699852787.7132729285161126801
last-modified
Sun, 12 Nov 2023 12:28:51 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.880878,VS0,VE0
etag
W/"7ffb3c4d0c431937b868f78792f7dde7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
5349
group_3.c75cf014.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_3.c75cf014.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
65b4c43dad09bdb044c2095174f9372af641ab965ddb39374112ec7031b33585

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
x-amz-version-id
1BGkKxl_lgwRaOepeS.vAo5w91gxb9Ck
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1059050
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
20574
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1700375552.545354207618718725
last-modified
Sun, 19 Nov 2023 04:24:24 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.881057,VS0,VE0
etag
W/"53c3c5d19c6167416091405047250c3b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
374
group_7.3cc53e2d.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_7.3cc53e2d.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
30a6463eada75fa12b521af9389560c5405310906830a04fd4432e2ab141c0a1

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
Sg9ykPxPz2RXW52LaUDtXDPqLB0MfSqW
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1533475
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21495
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1700036882.608297266652918725
last-modified
Mon, 13 Nov 2023 17:01:52 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.881682,VS0,VE0
etag
W/"96d0ec8931620427ae3c1dcc214fcd1f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
355
group_4.2692b7a2.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_4.2692b7a2.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
5556205d245b9becc81725d12346610e27710c5f92e1b7faeaa07553f221552b

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcwnP9a1Ia0LRvqhhntyPznoQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
e_x9_L.0fglgWP5gCOH_JuOyHLCWMiy4
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1640734
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9752
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699852787.7182844758874115299
last-modified
Sun, 12 Nov 2023 12:28:52 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.882307,VS0,VE0
etag
W/"e5865df67c9d3bbcc3e087a477f5cf47"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
367
group_5.c278e99e.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_5.c278e99e.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
b3030dafbeb5a3dd4636a9d3e15b7affa1ca86c946df408ab0f2a504ecc6d997

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVc5vmOqEUAvpMT8wVYFcODYEQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
ZSWfQQq_wHRkhTZcqKfE7I0OnkCPSBiJ
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1533482
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11852
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699954553.1812918556284126801
last-modified
Mon, 13 Nov 2023 17:01:52 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.883078,VS0,VE0
etag
W/"aced6e6ea93ab75418e3a66c3c6b018a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
365
group_44.45eac5e0.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_44.45eac5e0.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
cd6ab582120b590ced2e9ab7e535882de12127724bb3cf99576ec1e5f32f4ed4

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
jqhyag61WARYTai0xtppaRedJEEkQNf.
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
2217818
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1401
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699261989.117147489170018881
last-modified
Sun, 05 Nov 2023 19:05:53 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.884153,VS0,VE0
etag
W/"e5860e99503bd08a4dc0d5ed6845f4d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
2
group_42.903b3092.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_42.903b3092.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
a42fa5a9ee1b926a07d8b932427ec9a2ced510facd2e7e2a2fee5ef427fb259c

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
LQNCoEmjZF95O8M16Hge3izhZql4y2xb
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1919745
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2809
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699518354.5722177201207126801
last-modified
Thu, 09 Nov 2023 05:09:31 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.884490,VS0,VE1
etag
W/"3c620d2dbdf5c3fda6ced9e2bac13403"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
cyclicTabbing.706f48fd.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		518 B
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/cyclicTabbing.706f48fd.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
b64e86e941cc14c1a001fcbd277ae8415afc54320549cddf2f583e97feb6e999

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
PudOvTEKwry4o8Xg7A4ZPdJ6TdKbZ0Bz
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
2237488
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
320
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699261905.3241551850200115299
last-modified
Sun, 05 Nov 2023 14:38:00 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.886462,VS0,VE0
etag
W/"7bb89668165137b46d01be3a83d11c79"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
358
panorama.0c8dbd44.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		623 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/panorama.0c8dbd44.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
f57713920154b2612094ff9bafe2d79d0e9ad439e4c9d69781f2359155cfd937

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
823iZ2Mn3tKpRDzexUlQaSsofIDqwzCb
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
2237488
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
387
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699261905.324147470057018883
last-modified
Sun, 05 Nov 2023 14:38:01 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.886845,VS0,VE0
etag
W/"f82f93b196407a9172cf5d745946da0d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
353
group_6.2a3f0b32.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		259 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_6.2a3f0b32.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
064a623be16004d0d562e940e71e80a2f88b8ba908c0a0c211642db03591655a

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
BUOq8jPvE._O0uT8lBE1O0ahQZkzXJDR
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
2054484
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
61524
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699427719.1281939496729126801
last-modified
Tue, 07 Nov 2023 17:27:51 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.886827,VS0,VE0
etag
W/"d3882c06445561800f230a6e8487d97b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
366
siteMembers.251a816e.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembers.251a816e.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
6f869f5de2f4e36edfbca858d90d68fbcb469d675cb2acd10f931dc3fbea0fa6

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
VGWda37L_lfg9iEuKfwctUjxDKj5wvJr
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1544355
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3479
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699954553.1802934769267129601
last-modified
Mon, 13 Nov 2023 15:13:15 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.886828,VS0,VE0
etag
W/"d68e8a141a908b954954e378ed8f5786"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
358
group_8.00993193.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_8.00993193.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
64debc7ec6f54bdd0d56789e035f157dc81908ffc0eab3a197a219407cf19ffe

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
j49BZVqU3QnmE2DF61DaWBuZx17977jT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1098522
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14332
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1700375552.5173675464445129601
last-modified
Sat, 18 Nov 2023 08:45:52 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.887044,VS0,VE0
etag
W/"0e00f79a780157c02ac7ef41ec4fb147"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
361
975.467efbd5.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/975.467efbd5.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
f10288136e462405e0bb3e8030c214b1f8343a84e8e77765e0ccb82c1917d523

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
x-amz-version-id
dBUVfhOAtAjW5gTS.Vk.Sz5sCrhdiqaV
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1098522
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12054
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1700375552.538363787788318881
last-modified
Sat, 18 Nov 2023 08:45:50 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.887332,VS0,VE0
etag
W/"279a4a0cdb02a9a16f0d34c69a4916f7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
85
tpaCommons.095c50a7.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/tpaCommons.095c50a7.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
e6464d6639c08f5dfb6af4763d1271a2bc7225f76c622c82ebd0cb427af48388

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
WsLh07KdhiWWNCR6DYx2QW3PY80pJQz5
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
2054486
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1340
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699427719.1401953757870129601
last-modified
Tue, 07 Nov 2023 17:27:53 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.888834,VS0,VE0
etag
W/"bf9b4f6c23c592fad017651f468b3c11"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
10015
group_22.9a9c1e76.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_22.9a9c1e76.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
23d35d1fbdfb79d2dc1f8cb43ddd41b0885f5bb55057ea53b83c32eaad3a7b9c

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
Yb8rHSzwCXdMgq0t.BCUMsYBtreibbDn
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:47 GMT
age
1542563
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1058
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1700035343.3203186144765115300
last-modified
Mon, 13 Nov 2023 15:30:35 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.889047,VS0,VE0
etag
W/"c63852bd8ad3d136074f4e50eb870b16"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
305
site-members
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/site-members?_msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&_av=thunderbolt-1.13164.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=625&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=4d3f8794-54ae-4e6e-96eb-11e6b8747276&_siteMemberId=undefined&bsi=2f4e5371-b483-4ab7-ad4d-f6a4f0b16c27%7C1&src=5&evid=698&biToken=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&context=undefined&ts=461&viewmode=undefined&visitor_id=4d3f8794-54ae-4e6e-96eb-11e6b8747276&site_member_id=undefined&site_settings_lng=en&browser_lng=en&lng_mismatch=false&layout=undefined&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17014329480070
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.0c93ca04.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:48 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
ads
googleads.g.doubleclick.net/pagead/ Frame 85C3 		514 KB
122 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&adk=1812271804&adf=3025194257&lmt=1701432948&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432947735&bpp=4&bdt=212&idt=283&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5823599517550&frm=20&pv=2&ga_vid=2137318846.1701432948&ga_sid=1701432948&ga_hid=1837765268&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C44809314%2C31078297%2C31079860%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=4087991418844724&tmod=95544401&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
056810a26bd9c47c4be873a3597570be400074f7305e4c621c2947d4c1f3235d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
124850
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:48 GMT
expires
Fri, 01 Dec 2023 12:15:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5f41d86b-d2a0-45ae-9c11-ad6a516abcc7
en.krystalmagick.com/_api/tag-manager/api/v1/tags/sites/ 		2 KB
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://en.krystalmagick.com/_api/tag-manager/api/v1/tags/sites/5f41d86b-d2a0-45ae-9c11-ad6a516abcc7?wixSite=false&htmlsiteId=a00443dd-3758-46c7-9241-094e16b19582&language=en&partytown=false
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.820.0/siteTags.bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.87.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.87.149.34.bc.googleusercontent.com
Software
Pepyaka/1.19.10 /
Resource Hash
2d70a0bdba33ad41875016099e878d11f6a5d93762c50e3fb75742cd25ca86cc
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://en.krystalmagick.com/
accept-language
en-US,en;q=0.9
authorization
8VokxQQ1-wNWCNEbdfOUw5zbCZ3YB2DjUzUxeX1GO4I.eyJpbnN0YW5jZUlkIjoiNWY0MWQ4NmItZDJhMC00NWFlLTljMTEtYWQ2YTUxNmFiY2M3IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWY0MWQ4NmItZDJhMC00NWFlLTljMTEtYWQ2YTUxNmFiY2M3Iiwic2lnbkRhdGUiOiIyMDIzLTEyLTAxVDEyOjE1OjQ3LjU4NVoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjRkM2Y4Nzk0LTU0YWUtNGU2ZS05NmViLTExZTZiODc0NzI3NiIsInNpdGVPd25lcklkIjoiN2QxNGU3MjUtZWM4YS00Y2FkLWE1N2YtZTU2MDkxZTk0NTNjIn0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

date
Fri, 01 Dec 2023 12:15:48 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=300
via
1.1 google
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-iad-kcgs7200119-IAD
pragma
no-cache
x-wix-request-id
1701432948.090116886191883774
server
Pepyaka/1.19.10
etag
W/"729-55A1BnOdhC0ng27bz2U8G6Zwsbs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache
accept-ranges
bytes
x-seen-by
yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,qYxvFa0bBL43z6b6TutC4e8Een60raHnMPCUBIuj2nX2yA0PmNvCx+p/utQWuT8AwhCy+1mLUuqrS4B/6nJNVA==,+RU6gN20lYgYLQRPkek48sC0KDNALW+9XuGDH8MMZz8=,MDFDoTqjWxpWhAuWfTm+PErZ+9+QudTF8HynSySdl+LFsVsZFSAo9ts6lh3Ebt7awMyd13JDRLm+6xxhVJl+Bw==,oqivlSf2oGP5JUGIXCsPPHHj5wQFHYOEiOOd89T6URY=,IvIbE49CVD1WhlRwgKvFRXyua9udTLDAWCT/lapBuLs=,mvxQ9qSAmY38asKjFCcmG4XQupyfb5LSZTLK8/bNKtESngYp3+pwTFGZq9FDOGgAfK5r251MsMBYJP+VqkG4uw==,pe8YFrilpgjqnbl0pbMw2F71Z16ZuSmv2uEmf+Ff6zs=,tznMqpp3e1oucszW+OT1FGnoK+maqTiBg0XopTAdNWWFsfZjmeE1i4+kJCmvjDDPlZo63YqnQXgBbKWncmccekeu4fi0kXI7bw/mjrQyf4I=,CErqGP3SNUzfdrZ3ex8kN4/KHDAz6ADnHb2BlliwsqU=,g+dVzGc2iJCx2nR64BGlAeVhMs1h0RsYAcx4oMYsyhqQvWcUs9DN32RDhH/T7drBJFSTgRdw4LvExwwgim19YOblOmX6PhvOJ/Hm2boLBx4=
reporter-api.03c44ab8.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/reporter-api.03c44ab8.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
fedbf70125e3cf328cd0cf21b8ee2929897936b60f1ec4e73331c73bdcc30ff2

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
zYHlBB.nz6yr7sfkpxJx.5J3.ln4Yh79
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2237483
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7508
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699261905.527147470105418882
last-modified
Sun, 05 Nov 2023 14:38:02 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.075751,VS0,VE0
etag
W/"bacb900c856111cad36ac770a2740d48"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
351
group_0.64f1d520.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		901 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_0.64f1d520.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
15c16908f12a3e99756a6448d4cd78269f09fa99ca45d43921c63bccf4db099d

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
6CbxSPJNMUzBvglXhY70lmibZBdsl_Ve
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2237482
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
423
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699261905.5771487789605129602
last-modified
Sun, 05 Nov 2023 14:38:00 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.075910,VS0,VE0
etag
W/"2bde70639c9ab15d15baf14c20c2417f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
356
bpm
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.0c93ca04.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://en.krystalmagick.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:48 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
rb_wixui.thunderbolt.manifest.min.json
static.parastorage.com/services/editor-elements/1.11509.0/ 		38 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements/1.11509.0/rb_wixui.thunderbolt.manifest.min.json
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
4792633dfe283d3fdcff9826daad6daec90055d90004d411dc58241fb2f9d6a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
G5fzaZrNVztmbb.yixpkEwWzJd6eWWdO
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
333373
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9893
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701257227.652480631507118881
last-modified
Thu, 23 Nov 2023 22:59:49 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.167376,VS0,VE0
etag
W/"fd56033f3bad1222b4c44f5c607319ee"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
66
rb_dsgnsys.thunderbolt.manifest.min.json
static.parastorage.com/services/editor-elements/1.11509.0/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements/1.11509.0/rb_dsgnsys.thunderbolt.manifest.min.json
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
11610771e78fa5aeca50691b17f79157755f2df50787c5f585e3079b317b93d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
c4DrcBSj.CXuNl37kOavuinFALBqlEuT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
333373
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1308
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701176054.693454136705918725
last-modified
Thu, 23 Nov 2023 22:59:49 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.167989,VS0,VE0
etag
W/"f3fa03e0abaf74db79ba0e96fee5452a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
65
group_27.f9ba969e.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		852 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_27.f9ba969e.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
dbe49e1b084d0e9414aa0af59e4353e6627c2e11e4adfea46e8cb1437bed61a4

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
ngcXR6_GvUqus54Om_g8EUXJRvg7pUlE
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2234939
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
501
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699261989.742147489294818881
last-modified
Sun, 05 Nov 2023 15:23:39 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.167970,VS0,VE0
etag
W/"5e2327ea6626b97443e978039c82c9f4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
34
group_28.c950959a.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		724 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_28.c950959a.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
a3f0f7eb8ccfb89b902c69d4afd7d2dc0814645f8e6bd95256b432c2cd7230b3

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
IuBLRua.t8tSO2.bthq33LxgDBA06RAq
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2234940
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
448
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699261989.7541476442537126801
last-modified
Sun, 05 Nov 2023 15:23:39 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.167959,VS0,VE0
etag
W/"47f3fac69fb4fe4482f142663dcbb00d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
59
group_14.414f4dc8.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_14.414f4dc8.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
797c9f5dc2e2767952612967c275b966298dd6a43f8ccee7bad15f3fe7fc55ea

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
x-amz-version-id
kFQiUHXG0GFjVn3uNmg2vsm7LJTJKJ_Z
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2054485
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1524
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699427720.8081953762845129601
last-modified
Tue, 07 Nov 2023 17:27:50 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.167937,VS0,VE0
etag
W/"b26e6912eeeed6eb0a5582b5c302ca33"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
9220
group_10.b16101fd.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		945 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_10.b16101fd.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
38d8745b509afb6644ecff4ab9d2e41288f8b42c984120964a86e448a30f4df9

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
d6ZTdt5LwhYu24aAv5EzyH95GpXMBz9Z
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2234938
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
553
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1699346951.8211790869941215300
last-modified
Sun, 05 Nov 2023 15:23:38 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.176107,VS0,VE0
etag
W/"cb7c6f05d4eb326854019a181c8ad622"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
9110
group_32.469cae3f.chunk.min.js
static.parastorage.com/services/wix-thunderbolt/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/wix-thunderbolt/dist/group_32.469cae3f.chunk.min.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
bddf67cc085cf58d8f877fd2f97d9c65dd77a6600a4887a62dd432cbf302c9a4

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
z0SocjklvVyrd2vHamZA1UyLq_wqqlmx
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
323962
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1761
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701259172.209467913169228725
last-modified
Mon, 27 Nov 2023 17:40:45 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.181524,VS0,VE0
etag
W/"fdeb1a72bbeef7875f4563e9a67f40ad"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
13
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P5XVKGG5WX
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.820.0/siteTags.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8f918db1c454d1e1d9363045d0853cf1c5a61c3edee614f724d70bcc3c8c6c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93787
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 12:15:48 GMT
9075dacf-5c05-4a42-a000-acc536cd41f8
https://en.krystalmagick.com/ 		655 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://en.krystalmagick.com/9075dacf-5c05-4a42-a000-acc536cd41f8
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.820.0/siteTags.bundle.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68699fe8348e5ce7f40e4cb73ebca8d0273d3d99d3e4111768d6fc0b9f928144

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
655
Content-Type
text/javascript;charset=utf-8
rb_wixui.thunderbolt_bootstrap-responsive.4b961fe0.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-responsive.4b961fe0.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
174984fd5a84a046a0293aff5b72fc285d64c7cc5255f7007f0452c82a02d325

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
EhjorWtYHtxXUzmCOoU9XqNoi_zAhDl4
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
334913
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
PENDING
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6553
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1701250588.3784832303816129601
last-modified
Mon, 27 Nov 2023 15:13:44 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.232095,VS0,VE0
etag
W/"64360e613a80e5a77f11480913078e63"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
4
rb_wixui.thunderbolt_bootstrap.35b757cc.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap.35b757cc.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
7f458769c771f2ef21c8ce87e08971e487078b9379f1c92886f9f4264015fcf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
SLF9RYhFDmMX5AxTLrdy9MEvLCziS7MI
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
1901975
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14033
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1699537711.3652232746876229601
last-modified
Thu, 09 Nov 2023 11:51:57 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.232291,VS0,VE0
etag
W/"fe086f3fc4f1a132b97d4d9951ae60c1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
9
rb_wixui.thunderbolt[HtmlComponent].dffd4bd2.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[HtmlComponent].dffd4bd2.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
da0971e3fa55251074c4d58a9e7bc669683217da11cfe08a3a57cc47d02b60fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
2kWmsuoV57PkFHhzLyf6re9BcwGACQNg
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2655205
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1723
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1698824054.262695267826326801
last-modified
Tue, 31 Oct 2023 18:19:27 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.232794,VS0,VE2
etag
W/"4b29f04b7fe33b7a5cd4bfaa1445f27e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
rb_wixui.thunderbolt_bootstrap-classic.49ef5420.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt_bootstrap-classic.49ef5420.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
77f28f3e68f1aa57497d5640860df98bfff02988fdb3572bcc58d891f36d88c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
BmBilAaxzq0ocKCDfqgMxDJ7X2TIALM2
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
1901914
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12577
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1699537711.426215444911218725
last-modified
Thu, 09 Nov 2023 11:51:57 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.233405,VS0,VE0
etag
W/"fce740e26e00161155374e4729aa0c4f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
9
rb_wixui.thunderbolt[MeshGroup].d1ba6157.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[MeshGroup].d1ba6157.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
84582e9a340e6504e58f083a0f701e28a0e86df7c81d27ca0edad54e6844bde3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
_IMqKani68dluII8S0jxRYGCzBbLqrgh
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
226910
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1282
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1701255111.1884981824063115299
last-modified
Tue, 28 Nov 2023 19:51:09 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.234032,VS0,VE0
etag
W/"0fc11e5174b340e8ff6090b617cfadd7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
4
rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[SkipToContentButton].a2d57d10.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
x-amz-version-id
yCfbkE7E4DY50RxLcJbXNrnaD705s4U6
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
6966702
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1228
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1694589001.063509592689316549
last-modified
Mon, 11 Sep 2023 19:14:38 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.234359,VS0,VE0
etag
W/"62bf38eeb5f26768463d6a50d5235f11"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
10
rb_wixui.thunderbolt[FiveGridLine_DoubleLine].772d5853.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[FiveGridLine_DoubleLine].772d5853.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
1405e04ca5acfb3ddd7eac24d417ffbb69a226f7714816253b58625d05f3d86a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD
x-amz-version-id
OWMdu4_FUX0wUgdvUMVvf0rPLgZ7Xt4d
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
2346798
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1202
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1699086323.664115160142318881
last-modified
Sat, 04 Nov 2023 00:53:08 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.234806,VS0,VE1
etag
W/"d703a2240d9ebd41d1fff18736ac1ca1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
rb_wixui.thunderbolt[Container_DefaultAreaSkin].cf68b0a7.bundle.min.js
static.parastorage.com/services/editor-elements-library/dist/thunderbolt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/editor-elements-library/dist/thunderbolt/rb_wixui.thunderbolt[Container_DefaultAreaSkin].cf68b0a7.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-components-registry.bde3051a.chunk.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
11b6cc08aae07278a1b04dfc341ef216e762daba18e3ef0156b105421cf5b27c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc5vmOqEUAvpMT8wVYFcODYEQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
AFh86yCXTkT3Tlug7wbdMxAboXmIF4zw
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
3330298
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2184
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1698141121.2901194699358115738
last-modified
Mon, 23 Oct 2023 20:58:40 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.235154,VS0,VE0
etag
W/"2020eb12888cd61aef48ae0e7d11c4c2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
7157
requirejs.min.js
static.parastorage.com/unpkg/requirejs-bolt@2.3.6/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/thunderbolt-commons.42d9e385.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
date
Fri, 01 Dec 2023 12:15:48 GMT
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
1954717
x-cache-status
HIT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6191
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1699597082.1812433583263215300
last-modified
Thu, 24 Jan 2019 14:24:53 GMT
server
Pepyaka/1.19.0
x-timer
S1701432948.249339,VS0,VE0
etag
W/"18823f6a6d208ee1e361bb266ab794d5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
5
PostListViewerWidgetNoCss.bundle.min.js
static.parastorage.com/services/communities-blog-ooi/1.1214.0/ 		720 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
d90c6120fcf9983966427aabb958b051608d7ee99a8308ab9d92462ee217981c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
w1KXCfp8HMWDyycFVK_M9uJUUVH0KthB
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:48 GMT
age
257558
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
188204
x-served-by
cache-yyz4537-YYZ
x-wix-request-id
1701178355.205454419857738725
last-modified
Tue, 28 Nov 2023 05:44:12 GMT
server
Pepyaka/1.19.10
x-timer
S1701432948.281582,VS0,VE1
etag
W/"49ecd9495ece944e53bb298302a6c12f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81c0ae98ae4be6771313b595ec953d889f9cd2513fd5d473f3d5db2b00451d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12186
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js?bust=31079860
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9860951c57ca2abad2bbcfe243b04c29d3c5328a326f1b89209abe13f78cf79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55924
x-xss-protection
0
server
cafe
etag
18093471375343742557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 12:15:49 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame F6E3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
23553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 05:43:16 GMT
etag
12051592065903069241
expires
Fri, 15 Dec 2023 05:43:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 4341 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
23553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 05:43:16 GMT
etag
12051592065903069241
expires
Fri, 15 Dec 2023 05:43:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 64EE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
23553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 05:43:16 GMT
etag
12051592065903069241
expires
Fri, 15 Dec 2023 05:43:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 0C59 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js?bust=31079860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
23553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 05:43:16 GMT
etag
12051592065903069241
expires
Fri, 15 Dec 2023 05:43:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame F6E3 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:32:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 12:15:49 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame F6E3 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:33:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
81747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6758
x-xss-protection
0
server
cafe
etag
13232977368472197749
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 13:33:22 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame F6E3 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
48958
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9189
x-xss-protection
0
server
cafe
etag
14682237860056745894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:39:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D52B 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNVcrE9rIzkWGWL0xJXbC6aFZl3SjmubcTgD0jUwZhk4xxI4Hc0mdOURh4f_3Y3Edp-Mb-tju3qjqLl-DhfHrCp9NIAN1w
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:49 GMT
expires
Fri, 01 Dec 2023 12:15:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 9B59 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
49186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:36:03 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 9B59 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
67097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 17:37:32 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9B59 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:20:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
154520
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 17:20:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9B59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
16857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 07:34:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9B59 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
58442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:01:47 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9B59 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B59 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CY5ZSmcdkulaIH1awXE_5fpRKiTDYLIM7DzhZmHVLd1pFeXlFoDbtNpavacKeArtfZMGKmAGsvp3d5pgbkDw8yWwMM3aavqgFyFPUwF7Yc_LHme2U
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8276187446365717456
s0.2mdn.net/simgad/ Frame 9B59 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8276187446365717456
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c97b4fd610e1a33b23b8731a314b6c1f4a98daa5de7cbd55637b5e5719c4b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 12:13:28 GMT
x-content-type-options
nosniff
age
86541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93817
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 21:40:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 12:13:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FD55 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNWuikfInbXNjE7quxtzgN-gjXVH1Z2LScAcod4UV0vkapD8Y8kE__ekleMb17JBX1KzrkYn5a1sHf3NCiJPxBgd7cvIeQ
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
8276187446365717456
s0.2mdn.net/simgad/ Frame B047 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8276187446365717456
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c97b4fd610e1a33b23b8731a314b6c1f4a98daa5de7cbd55637b5e5719c4b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 12:13:28 GMT
x-content-type-options
nosniff
age
86541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93817
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 21:40:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 12:13:28 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame B047 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
49186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:36:03 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame B047 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 17:37:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
67097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 17:37:32 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B047 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:20:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
154520
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 17:20:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B047 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
16857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 07:34:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B047 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
58442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:01:47 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B047 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B047 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZU53zxbZFBq16LoFUpxdU9WiACYD0RAAW_t67l2R1Soom_QatWkVFBuB7Huwoq7tTB4M3Y7DEl5_H8IAiUFjMDjb8R73ImupHaw9eXLCiMjnjlS8
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 0C59 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 10:31:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 12:15:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0C59 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
58954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:53:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0C59 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
58954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:53:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0C59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
16857
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 07:34:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0C59 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
58442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:01:47 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0C59 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:49 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 0C59 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:53:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 16:53:35 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/12134908086368072386/ Frame 0C59 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12134908086368072386/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea2254988b99dfd6c13142671f111027c061b2158485a0333f8eb673fcd5b474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68108
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 22:44:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Nov 2024 12:15:49 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13535650105528527782/ Frame 0C59 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13535650105528527782/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3103996562faf5430c62ec598d8e717ca8751cc14a1d9b668751f7ead60d5222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2218
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 22:43:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Nov 2024 12:15:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21DE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
58034
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:08:35 GMT
expires
Fri, 29 Nov 2024 20:08:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8702 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
962326337a4645b580c46696a4558c5d1f03668613836d921d95473e39df660a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tsx1Cc2MUuzOQDvQKuPyzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Tsx1Cc2MUuzOQDvQKuPyzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:49 GMT
expires
Fri, 01 Dec 2023 12:15:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame D52B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNVcrE9rIzkWGWL0xJXbC6aFZl3SjmubcTgD0jUwZhk4xxI4Hc0mdOURh4f_3Y3Edp-Mb-tju3qjqLl-DhfHrCp9NIAN1w
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Wz2FdsBA4K555b2YfTAn14GxHft3UdovFR2%2FEFfpgdWxLZRwr%2FnnzxpYlvpzrvznfrf71WGXaUiE8RUTf83rlktZmMddy39%2Fn6%2BRoDIwBzTRos8j5Do1625zlKNkNeyXjdVrUukoaJ%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb41fddc2e36c0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D52B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWnOdXXrNXMXsdhPIIfIBgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNVcrE9rIzkWGWL0xJXbC6aFZl3SjmubcTgD0jUwZhk4xxI4Hc0mdOURh4f_3Y3Edp-Mb-tju3qjqLl-DhfHrCp9NIAN1w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zyuZMarPHwXavjmZ9DcxzJbRbu7Wp8tBCPC5BKsvy2SdaEe7Cu0EhwT8SJTQ2S62gfY4OYsOk1sFTXnBnhq%2BW8csN534jf9olIEaKJBheWPbJn56jSUKeRrgfNO0TC3Jt8Ky09hHLDcpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb41fefa1ba24c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D52B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNVcrE9rIzkWGWL0xJXbC6aFZl3SjmubcTgD0jUwZhk4xxI4Hc0mdOURh4f_3Y3Edp-Mb-tju3qjqLl-DhfHrCp9NIAN1w
Protocol
H2
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
an-x-request-uuid
1a9daa42-c697-450c-897c-d16ed2bcf17c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D52B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNVcrE9rIzkWGWL0xJXbC6aFZl3SjmubcTgD0jUwZhk4xxI4Hc0mdOURh4f_3Y3Edp-Mb-tju3qjqLl-DhfHrCp9NIAN1w
Protocol
H2
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
an-x-request-uuid
4157e0a0-018b-48ab-9b9d-5f5e37de9092
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FD55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNWuikfInbXNjE7quxtzgN-gjXVH1Z2LScAcod4UV0vkapD8Y8kE__ekleMb17JBX1KzrkYn5a1sHf3NCiJPxBgd7cvIeQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FyzWxbT2LVsn821dPRybgITy2tijloNx6DPfWzOT6tps6Q8QBdOfzyvJtOR9lq6h2E7xM5SbAk4%2FF7iv%2Byz%2BnLzUZHHEolWE42ZNFvIE07mEGsE3fSxg9FzSSCUQuH%2FkS2SzAZyG7drBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb41fddc3036c0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FD55
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWnOdXXrNXMXsdhPIIfIBgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNWuikfInbXNjE7quxtzgN-gjXVH1Z2LScAcod4UV0vkapD8Y8kE__ekleMb17JBX1KzrkYn5a1sHf3NCiJPxBgd7cvIeQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XO7pTDgMIWotr71bPm755awLx5WRz1rjkkg7Iv1LTO0TfM53p%2FEeV1nxuSS6yLtqsFN9KKXNb0V5Ki655hoNUImo2Dukwv2Z94IaJJoIq87atfVG5PdkxuInyJ3tQMFHFYB4KB6lRsOuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82eb41fea9aea24c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELIODtM6Ysx28kvaQa8jhc4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FD55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNWuikfInbXNjE7quxtzgN-gjXVH1Z2LScAcod4UV0vkapD8Y8kE__ekleMb17JBX1KzrkYn5a1sHf3NCiJPxBgd7cvIeQ
Protocol
H2
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
an-x-request-uuid
a2723ea3-f02c-40c0-ae4b-5c919a17cd46
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtd-9-xxTXrOq7NdW7M8e4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FD55
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGMfr2-0BMAE&v=APEucNWuikfInbXNjE7quxtzgN-gjXVH1Z2LScAcod4UV0vkapD8Y8kE__ekleMb17JBX1KzrkYn5a1sHf3NCiJPxBgd7cvIeQ
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
an-x-request-uuid
dd1fe44c-fb85-4864-91e3-fd8d2fd42849
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk0NDcwODAxNjg1MTc2NDU1Mw%3D%3D
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1533 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
21779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:12:50 GMT
expires
Sat, 30 Nov 2024 06:12:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame EEEC 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
58954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:53:15 GMT
css
fonts.googleapis.com/ Frame EEEC 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:26:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 12:15:49 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EEEC 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 23:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Nov 2024 23:42:18 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame EEEC 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 15:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Nov 2024 15:12:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EEEC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
58442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:01:47 GMT
collect
www.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P5XVKGG5WX&gtm=45je3bt0v9169733286&_p=1701432948228&gcd=11l1l1l1l1&dma=0&gdid=dYzMzMD&cid=2137318846.1701432948&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=1&sid=1701432949&sct=1&seg=0&dl=https%3A%2F%2Fen.krystalmagick.com%2F&dt=KrystalMagick&en=ad_impression&_fv=1&_ss=1&ep.query_id=CIH169Ob7oIDFeoCaAgdMbwMOQ&tfd=2019
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5XVKGG5WX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://en.krystalmagick.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2161.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/2161.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
3b48fa8e9151004249c274ae7595409030dbbc11c5353bf905624d0d9122dc17

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
XDvrWvXl0HuMk5peiEByXWIch46cjVFo
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1581
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701337809.145482359391118725
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.10
x-timer
S1701432950.525164,VS0,VE1
etag
W/"6f5d0cb96125597620b725f03acd2403"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
5569.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/5569.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
588f719c5ed3c2405105beed213eb413263c79f1132376a8abc0b4374c3e5cc2

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
rgg32.eJnlfkaBlhWGyXWJfXs.MRKJrR
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4417
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701250630.412479283935118881
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.0
x-timer
S1701432950.525516,VS0,VE1
etag
W/"885847b3166d9a29a1d7fe2d8b887900"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
9223.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/9223.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
f00f00f5a802c3de445678f3ca9e5e3c7b0d68dfb4067adbfaf8b39356259f28

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
U_qsJUrsFrJUsP2d1Y5juUAawtKDDBBb
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266861
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4747
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701178583.8814847820685215299
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.0
x-timer
S1701432950.525811,VS0,VE1
etag
W/"9cc4d2ddf0ead1a46690bd843b1230a5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
8593.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/8593.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
2564d8cbcde740e207e10b56757cd2762832a50489a1c319100132553ae8ba0e

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
_gWjXUBOK.RQj.ZnRiwrNq6mK94qfx_d
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
15869
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701247397.601478580180518881
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.0
x-timer
S1701432950.526411,VS0,VE1
etag
W/"cbd99ebc9d960bc0808b35ea392dce48"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
698.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/698.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
bbe8dcc7b560754d0e67ea62a24e22c5b4e2eeb08d9c3bfaa3ccd3f169b3eabf

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcwnP9a1Ia0LRvqhhntyPznoQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
p_MXYQAyM34FwFiHUCgM3C9BNPMYNocP
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7851
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701178583.8814847771945415299
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.0
x-timer
S1701432950.526746,VS0,VE1
etag
W/"a817bcf3c99ae19809c0a0724b70e3c8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
8176.chunk.min.css
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		33 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/8176.chunk.min.css
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
b6fa4195e3358205c0d2e88b7a6b9307e585acda52d62db49d346aa88e3071cb

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchKVvYscdIVMke6BmYfLrVd,aVxMblM8KFG3we5NLvyVcyFnHBhHpEHZUin4+lJSndwQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
H.rm1u8xw3VmKpPD1Lm38u7aUkwK0uIR
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3849
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701178360.1344688845444126801
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.10
x-timer
S1701432950.527005,VS0,VE1
etag
W/"d1f46e2a47a2bab4f03286a9cb1fff53"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
8176.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		109 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/8176.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
04cba17646f3dec2e89e63b3d8b057a111b21505bfabf81481a817351c7b7035

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
mnEgXzUFMPo8Wk4E5JTN9lTJVMhfCQKA
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
28786
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701257154.4774845750916229602
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.10
x-timer
S1701432950.528671,VS0,VE1
etag
W/"5550e5ad500b7ec5d93288d9e8ec32ae"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
2930.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/2930.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
a8a42e4f3dd14c51c2ec496d615f5754ad4d3f8f172346c36c2ca3f89d9df553

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchJ84HhGNpA1cFmE5Eqskia,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
NhJz9zOeTY_XCwMo7c.lw81er.TZw7sg
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
15503
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701259351.9174679131692108725
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.10
x-timer
S1701432950.528947,VS0,VE1
etag
W/"3b3e9ef5cb09c367cc7f7088b6a66495"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
7526.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/7526.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.10 /
Resource Hash
4bdf73d4a143a1079d1c4f68163291a06b3a1b772393abfaf36d013198be18c4

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP
x-amz-version-id
2H.Z2W_5xGWCVN3TMBw8Cans8b8vulQC
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266860
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10738
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701328785.5194987258507129601
last-modified
Tue, 28 Nov 2023 05:36:48 GMT
server
Pepyaka/1.19.10
x-timer
S1701432950.528926,VS0,VE1
etag
W/"baada7a8df8bf1e5481b047da005b3ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
wix-ricos-viewer.chunk.min.js
static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.parastorage.com/services/communities-blog-ooi/95f4587bfa665638c5f6be0281f5dfb7d64bb383f9ab00fdac6109a7/client-viewer/wix-ricos-viewer.chunk.min.js
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.1214.0/PostListViewerWidgetNoCss.bundle.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Pepyaka/1.19.0 /
Resource Hash
623ffcb3b6b0d92389096753ec832901cc4249a8007905cb6f7aa65814d24132

Request headers

Referer
https://en.krystalmagick.com/
Origin
https://en.krystalmagick.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-seen-by
zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD
x-amz-version-id
8V7k.ybOYELRloA6XosSm35Wpw_1.Ezg
content-encoding
br
via
1.1 varnish (Varnish/6.0), 1.1 varnish
date
Fri, 01 Dec 2023 12:15:49 GMT
age
266861
x-amz-server-side-encryption
AES256
x-cache-status
HIT
x-cache
HIT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
710
x-served-by
cache-yyz4563-YYZ
x-wix-request-id
1701178583.8814847784231215299
last-modified
Tue, 28 Nov 2023 05:36:50 GMT
server
Pepyaka/1.19.0
x-timer
S1701432950.529179,VS0,VE1
etag
W/"7bc7cbfa7b4de20b2381d006287e14f5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7776000, immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-cache-hits
1
7d14e7_cf8fd86f21500c2291da6c479b72db89.html
en-krystalmagick-com.filesusr.com/html/ Frame 1C23 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://en-krystalmagick-com.filesusr.com/html/7d14e7_cf8fd86f21500c2291da6c479b72db89.html
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@16.14.0/umd/react-dom.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:6400:0:7dcd:9780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
b70ac3d04efd2b20fe31682d747b98ec6bd70d2b58d872107a1788eb7ac7a254

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
19382
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=15552000, immutable
content-length
1317
content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 06:52:47 GMT
etag
"cf8fd86f21500c2291da6c479b72db89"
expires
Fri, 01 Dec 2023 07:52:47 GMT
last-modified
Wed, 01 Nov 2023 12:02:28 GMT
server
openresty/1.21.4.1
timing-allow-origin
*
via
1.1 google, 1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
x-amz-cf-id
O4cwflC-2b8cz8Xc6NitcD5yrt6qDqvb5zVQUfCnx-W1LPuOviT46A==
x-amz-cf-pop
JFK50-P4
x-cache
Hit from cloudfront
x-seen-by
gcp.us-central-1.media-router-f89dc7b48-xbgms
7d14e7_cf8fd86f21500c2291da6c479b72db89.html
en-krystalmagick-com.filesusr.com/html/ Frame 056D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://en-krystalmagick-com.filesusr.com/html/7d14e7_cf8fd86f21500c2291da6c479b72db89.html
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@16.14.0/umd/react-dom.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:6400:0:7dcd:9780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
b70ac3d04efd2b20fe31682d747b98ec6bd70d2b58d872107a1788eb7ac7a254

Request headers

Referer
https://en.krystalmagick.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
19382
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=15552000, immutable
content-length
1317
content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 06:52:47 GMT
etag
"cf8fd86f21500c2291da6c479b72db89"
expires
Fri, 01 Dec 2023 07:52:47 GMT
last-modified
Wed, 01 Nov 2023 12:02:28 GMT
server
openresty/1.21.4.1
timing-allow-origin
*
via
1.1 google, 1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
x-amz-cf-id
iPAhLsl7NsRD92hJZNR4eAJ_8RGjEl18RKXrHOYLpViNJoPfjmhM8Q==
x-amz-cf-pop
JFK50-P4
x-cache
Hit from cloudfront
x-seen-by
gcp.us-central-1.media-router-f89dc7b48-xbgms
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1ABD 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
21779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 06:12:50 GMT
expires
Sat, 30 Nov 2024 06:12:50 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bt
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_hit&dc=42&microPop=fastly_g&et=33&event_name=page%20interactive&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&pid=vo17a&pn=1&sar=1600x1200&sessionId=9b66f974-977b-4a36-ae09-282ee86d207d&siterev=107-__siteCacheRevision__&sr=1600x1200&st=2&ts=2094&tts=2257&url=https%3A%2F%2Fen.krystalmagick.com%2F&v=1.13164.0&vid=4d3f8794-54ae-4e6e-96eb-11e6b8747276&bsi=2f4e5371-b483-4ab7-ad4d-f6a4f0b16c27|1&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&wor=1600x1200&wr=1600x1200&_brandId=wix
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:49 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
truncated
/ Frame 0C59 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
125004c2f74bad2da43229f2cb6898faf09a60f92e3aac2feed577a16edd5829

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P5XVKGG5WX&gtm=45je3bt0v9169733286&_p=1701432948228&gcd=11l1l1l1l1&dma=0&gdid=dYzMzMD&cid=2137318846.1701432948&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701432949&sct=1&seg=0&dl=https%3A%2F%2Fen.krystalmagick.com%2F&dt=KrystalMagick&_s=2&tfd=2344
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5XVKGG5WX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://en.krystalmagick.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://en.krystalmagick.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pa
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/pa?_msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&_av=thunderbolt-1.13164.0&isb=true&isbr=plugins-extra&_brandId=wix&_siteBranchId=undefined&_ms=2329&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_visitorId=4d3f8794-54ae-4e6e-96eb-11e6b8747276&_siteMemberId=undefined&bsi=2f4e5371-b483-4ab7-ad4d-f6a4f0b16c27%7C1&src=76&evid=1109&pid=vo17a&pn=1&viewer=TB&pt=static&pa=editor&pti=vo17a&uuid=7d14e725-ec8a-4cad-a57f-e56091e9453c&url=https%3A%2F%2Fen.krystalmagick.com%2F&ref=&bot=true&bl=en-US&pl=en-US%2Cen&_isca=1&_iscf=1&_ispd=0&_ise=0&_=17014329497271
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.0c93ca04.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:49 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
csi
csi.gstatic.com/ Frame EEEC 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpml8y5m&c=7870165984102&slotId=3935082992051&qqid=CID169Ob7oIDFeoCaAgdMbwMOQ&fb=outstream-lima&sei=44752538%2C44807615%2C45401791%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:80d::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EEEC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CrrfadM5pZYDrBeqFoPMPsfiyyAOzlKrEdMbBpNr6EWQQASCY78KTAWDJ7o6LwKSMEKABztaZvgLIAQWoAwHIA5sEqgT-AU_QJdtYxE_wIUnYSkmRuTrXQgEBJbvp4xZ140No8mLbUbCb0mvDxiF_u3zM02scazbEwUcBJPlk8rbFBIk8mDV0-Bs4AF7x0k2IZjIykD0Mg65rh5WVJO8VkajuED9GQl6mBbN8m9MfQB521QI2KDAVyTm8j9KjO64Wb2TzTJvuALIFJx-ciL2K4In0TY3gt3M-7d-0PJD2U6oLnpJ_pZeD-f6xVfxODwmcoBMLou5vm1dKbK0z0k4RMzFNjzqriVCAtvRD_wV3y1LGH_I76Iip8uR2-CM1fUffuJD9y14Nk_zaJHPbNB9qPbRCqj8CUrxpddWgHCWLcL8rG9mAwATIl7322gTgBAOIBeLqkcRNkAYBoAZOgAeaqebBAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljezOvTm-6CA4AKAZgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJVU7ATk8ffFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1701432949747&ai=CrrfadM5pZYDrBeqFoPMPsfiyyAOzlKrEdMbBpNr6EWQQASCY78KTAWDJ7o6LwKSMEKABztaZvgLIAQWoAwHIA5sEqgT-AU_QJdtYxE_wIUnYSkmRuTrXQgEBJbvp4xZ140No8mLbUbCb0mvDxiF_u3zM02scazbEwUcBJPlk8rbFBIk8mDV0-Bs4AF7x0k2IZjIykD0Mg65rh5WVJO8VkajuED9GQl6mBbN8m9MfQB521QI2KDAVyTm8j9KjO64Wb2TzTJvuALIFJx-ciL2K4In0TY3gt3M-7d-0PJD2U6oLnpJ_pZeD-f6xVfxODwmcoBMLou5vm1dKbK0z0k4RMzFNjzqriVCAtvRD_wV3y1LGH_I76Iip8uR2-CM1fUffuJD9y14Nk_zaJHPbNB9qPbRCqj8CUrxpddWgHCWLcL8rG9mAwATIl7322gTgBAOIBeLqkcRNkAYBoAZOgAeaqebBAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljezOvTm-6CA4AKAZgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJVU7ATk8ffFdATANgTDYgUAdgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame EEEC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpml8y5x&c=7870165984102&slotId=3935082992051&qqid=CID169Ob7oIDFeoCaAgdMbwMOQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1bd&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:80d::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame EEEC 		30 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BmPNrFFZIG2KtOg77A58xjbZ_9-TGwf4M5kExE8v0dUmAqWedBqSI8Sv28WR8EzLLrKS8cw9N7G8ab7vRQQw51oxNGxQ&cry=1&dbm_d=AKAmf-C-D_t_4OVNHrosbunxBYXJnY3iGn6c5or4buuoXoKqZKMPJHRaqjBW-fUsEUG7pwJXz-4cm37Q1ivhVr3a7OzUPeI7M0HlP0Whd9bs2E0NY2cg_o0dlAhpso_5xlQ4Sw_ahIdDUTGVrV2RWu4jhcfHJZ-YhSlkFJdHFsEX2sJHYKvB5aKzAcrQDq1iUKTXorFiEn760pshZNEfuDid-otcpgFpwDum_e1k0mN_7UrBwSQ3N_kg3xm6-civEABtRJL7_cziT1DDzzz3NZRr95nMi_oXkO2wCU3gN7vVKUD3MfZwR_DS9nTSd0j8eYRIdXjTm65xTIR0AYdoLutAibK463fW_HedtsGE4sBFPwq5Yv6pzYF0PrLCtA0zSgbArljeB96zT1sPlAFckKOXk41KJLYD0_VwU-7QdsTAmhOT5JLbHIhrHfKPeOuKobCtdHykQnX8ubNIfVDBTUkDRCoc953gaqaX2kI-5ib046othZtA636BAhCAL4ELSbjSDpgmbn1TAp4DK1Occs7LKmV2WItQuq5np0xtri1lyCUI9XfUMRO-0sCjzfp-ytlBu9T30F51g3xN43rDuDTQiTjMqgBFJ___bxZi88KNajw1wTJT1caCEoUYUldwZpUNQ4j3edxCUVothtRCUKpR9tss4zmJXh9IwYsSfkndepvajhEUY5snm8V9_lGHsn4i6_AjyVDezM_gzGNhpcoiIlOVByyenM2zcvzB0Y49uPuxgBW7dTYg9PxuZNQCMpSKA62AiC84GNauEtWLUy61DmrAJKLBxpXI0eAeK5Ftrxutbc-ShNV0XGvY9Wm5w4inJAj4GqpTGayY8oRWISyegoPQadZ3UG2Hjc8ExnPdUJA4l8osvwxbW0NnChZHnE7I5PEN5qrHOUEgdzmC1KaTY5RZuRsZraFh-qGoIl75ZP1gwMK6pBw-cI3Jlu055ea-y_16KK1CnVo3Z3jT-6z4M_Y-MgWTt1B1bnSC4yAuRNn-z0WUpL5iOYaoRT7jgAjZcL1Mc3hC2Olla6pjnyVn0P4fn1_LQIKEqlmvK-t583kI1vBcmAAZItneHohM328TgdoaIcIHG7Ds8zQCw-hhjGuUmHZcA1d1JMdbcaQB_gqwN8LSbisG_FO6mWwtKMOqpTBE_T0x91wFXU58n0NArZT7FdSBBkoCRd7zBaZshU3mZGVHmeQ1HQsMXELIPVzRmq3Tej9Abo37w4zPzK7nMz-dc7LPHppGyk7h_UY-PDLJ6AgbpcEuZ3vS43vXwGsMVdHxn3iw_KnNysN7nIHau7vPaaQf4rQI76Osxkd6phApdH_hSjcS3NoWhf-ZyL_Bjp2jlksCMS-Ukc7wd8ycZllO-ERKewXh_J1RQpXYFYrsoAa6e7Vbd0kPYtv3riwc6O_fHLxMCPqxNsIYKijgkUFRnggQdLPXOlqM8URRf05lkY9eO85uWijmcNhxoCU9VtBJtJ_CVbhTt0pPO_pNQeK69jmxfD2v9wrxcgWx7V0Mvq6gr1Ay2cDuM2sDYVfKJeZbeJxk3Qr_tMBW0UIVWe0CVYZ0GER43WgV-qTlxyOlUACgV3dEItOwygfWDrQ37i64M-QFgQHYFeylggeQhAbm2FB9VbPnffOWzLbPb_XoxE68ulJfvnbkU0y4FtmIefyDNxe4taI9DkFoHyb5Fqq5KqfzSugSQipsWjSXHmQjbypD1jylSI6RnzQJhH2wHY3ME8y-6CaFlCFUJd4lOg0-fbtHPBonyE4SB29L46BR2CVSExwXy3Kg5TIJNZSp0pu3F84eOvgfQVN05pnpufZcoEbySPxXWmUqkih2gEfNcHv1Ar_dU1JNEJ0zMK0Dn028fRY-eINaxFMb_HEgSt0QPdRUiDB62klarYe53uOFPfJ7wJ-fzSaSjmlVyXadi2Y-KX767S4zoMSYrAx6scYEQ_m0mEqZaoUyeiN3btdvcIdxZjYcuQPWNU99PkWk9eHxOt4pHa_7fVCvVB7EpvAlDzrhxeMU8Hpmpo0gFdpV42Nrui1cpEKMTWpTUknx7v2tHevlkJqhOxP7EKPPKpGO9AfY1uySGVsVI3GLL7G3fqBYHFELqTM_hl_JzDHGnGCNJ9utRL1f1RPGYyb6_aeqUhQUgBivP9GHfH_zNCndqxjsPAWAH1yA6ZxtmOBaxVKDybv-4biSMvqFFr2HKMdceGomTKyjC6oxmP_TKdNIY3h_Sb61D0wXPZuUE_zCWHaMoAmSf_RjIDkQDeydryh8u0LKif_iw-D0EXTqtr8LnRGTAtyw34xgayRVsYii-yN4fN2bHlysd87xok3ZxhlzDp3n_vZlJgPxov3ge3CR5VWAPCzo5Ph2EXCedV4G8T8ZAIwSxifzWeIEaKEF5AP53dWvalh3tIRwPSao5MpdAfjVjuDrIdG0mkGwLvfoweWtc1F_q02czMzSuJVXrVF6MXNPigt-9KJUdZwfJudsFgEXuuKruYIF5hjzl83FeAJN5AxlqBoV5wyoUkNh5aTgrZRtG7Qzbn8I0yEAu4usxoZ0OSOMsIshDJ6qM4-g5ygA49Ip3uMLkoOEbvB7v4nS9YAoq2VFx8Yk0i_is-ikYq9LuRZQGLOkwjxghZvrl1rBhJxL2E5dTddUqGnP-EBTsxwT7ZvZvqSgPvncLtA6oe3oucFoIuXO-PuEsHONS5f9rjGmzZ6Uw9Qr_6U_nsDDzc6eqIhT19EgZc6v-_aNBvkUylTrBEV_fAd4kpNCRuW-MCRji-bsc4Q-5-xwrPsIfnv4dYd4boAkIw3Iv_Wg8sWjauV2A7OHSSwVI1-67SNk5Rx4ejb8PypBcmUyO_M06Yh6YHv6WUmVc-7IdKqqMOomd-QsEJn2_P49kj6QvhJmBEfgHBQJQeGy7N8OTHT0hKTFsfphJOhBsK8LTLAUCegsaiW2NebLn3kRKfdJ8ZeOKba2Bo6CY5rhNB2cuTTWKZuCpxdrlSWnEO2Z2jLpm0wQBriat23SknCMV4CpTAHbs2hHHISK9GBPvodYhI3hB1Jhu2m2FWOdPUS--2mWl07-wXLQfSDBilDckBFgEUVjEPGaylNRBnn9Z9V3i7SqFoR1fEMIzYaEfIePY_1Jn3LupnKThMO4q-gWRkO1LWj8lg0EfnOR5nOmITDe63bpChEy3Zbi7tlzqUaB-wrgdQR3bBPjp5sB13s6SFhSbgFnfflS_fnIB_5472OwTuds-5vj33IUwBP_Qa3DB7Yu9Yxp75KqsEvWQKaiEQlxtiyszfyh2lAY1UZ05O3S9ytAGAkAaKsoD3BJY7lTAtUQ5eZqDCpLa0eIsRwYwDlWPmYsznLWEJHLp2jZ-TmsCDzWarADBnoNeKY7shRPnY1Et_pcRxilWHQtlcKfvgcVA6pGee97c3-RN9C6ni5ZNhQEej3DF6xC65pUp4APH5Q6ultu_4w3kRGylvZr7iV9Ov3K1H917ACGkswvIdUCfrEAaA9R_WAshK_C9iAHczfWN3-SVO6T4FZi01zCyYygh7gIe_9eWbNcpoZZGpmF-d7oE23U0i699IUC4h_tp3GatHKZ9UygnCNjyQfKfMORxY6TNO5b&cid=CAQSTwDICaaNk1iLW6z5GbRCG0EXewytw2IB6TwEQ4ZBvanUya1dej68Ze8Igx0DoBPs0Vfm3hoYNsjsuWBE1Vbrr07N5AQi-GzZZlL686viRwEYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
9d3cad6da04d70dd53eb1e06495a8e27f44a972e3cf7b93ac558580d461fd599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17639
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C59 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20231129&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1C23 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: en-krystalmagick-com.filesusr.com
URL: https://en-krystalmagick-com.filesusr.com/html/7d14e7_cf8fd86f21500c2291da6c479b72db89.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
baaa4f6d37f424694baab029e9b2ea0b322cadf5f8adf56b9347772a5f69020d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52620
x-xss-protection
0
server
cafe
etag
10037158469878041582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 056D 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: en-krystalmagick-com.filesusr.com
URL: https://en-krystalmagick-com.filesusr.com/html/7d14e7_cf8fd86f21500c2291da6c479b72db89.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4257bedb8bc12e94a5f19311b4f7a4b1f38d01807dbd2ff6952fb0bafc32768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52615
x-xss-protection
0
server
cafe
etag
10520494952505889310
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8702 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=4087991418844724&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1533 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 12:02:58 GMT
truncated
/ Frame 9B59 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6087db99f0b5734c52f47e37518bc9561f2b23c80e4ea9ccdbc28a010ce0024a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C59 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 02:01:08 GMT
x-content-type-options
nosniff
age
123281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 02:01:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C59 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:56:27 GMT
x-content-type-options
nosniff
age
15562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 07:56:27 GMT
truncated
/ Frame B047 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dfeb0a7c65fe0b76617b2d3984ce6466012db18c4467b92b8406af179e800a3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 9B59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssM2gW_52zVNxpJ_Q_eZj-81WSCLAGzfm_05uQDRacpQuskb6QiP4Q1iyS-0PUQ_FKxpHiQIM_Y_TB9uajy5M1WtKD0-YH92PgUikwur2TaXgzHqZbAs6kLV8meU1EurscJUqgaKflhnRJtHlQc-njbME-xLgSp7Gxgdaz76SYKIgMw3VtsbQd6shx1mfgs_faVr6DcbSATlVAwGIKgnf8mHt9OIA5-9NDNgnwOX_8cMrDkPMYqagbqty4t666h5QxCPZt7dSBEW2-7eoEPBa-vesSez9dpzXJCWQhSyiRPhaJZCb2GQucMNT0xJQXOybCPd6ry0boZDjQmGmBpdrN80YblZnS6hpTteaasG1tNCeCkD1xOwyrpaLvJaXSphgUGjD-T_qdoGHjzD1td0VFvXwGjtxNHY8v4qKgqCQZ4_CeiTLahNkkxZwcN_qFd4nDNfM2clcuNqJKxvnnoFZrTSU6XCStVdJGTnAsFwfAs9pgRCEkvSd3F6P-4EgIv6CcrIVuhl9IPKD4s8CPksAwLU50159eOxPHJBChybcr5yCrxifL_5R9WTFvkXcRR2dvv_ufUchxp_iwHCi7sDptcob1kJid-LYEO6lIsJtGBzx3c6cfvQlJQ_dCt2jNryjp71jEhhlBPqygJGK7nLmydBhY3HvDlUG4yC18P66ddKqTfEDVZj0Wwg-3qq2zyz8JgwNqYjr7iudjZHtR3Ui7uz5SSl1KvlbOGAJUgmo3e48IWin0HUSMU3st2g6DDkQ9-1HjKVM0mtwtw3ZEs2BGJrhWVjwKa5JC8VgrKHf6rCoC_zqLThEErUfTH-4GMA9kCqz5dnvkSJMeF-i2n8AHFoIjbP2hYbVp96Km2S_tyCG6eswWIKcS5ar89mIQ17LMjIXMNuOvTZ7jaXWab8cl9sDeu6LDRckttokrcRC9PpXdDGcfVl1ErXWLprYFCutgTFyo2ZA_X2sGT5JTZKMh54wZc8axouUsuhYEavwvqp4aSqiGwdBcXpHmY57QuOn4Dq2qnUAe89S8b4ybRsJJo2ohYGNGW6Qo6dmFtlOPKUr9IB1i0KrZONDY1-QVp_R9Ahs4IErSvJtGmZlNEACk_TJblANER5oWOyF5nfvQksBgBn2v-tMnB_FrqeL38w0UD_jI4hAoyXgt25o-fLClN0zgxX8-VAy9IiBjWARq7Gu_3N-4MD5_krj4lDtau4UGwsRpQDu4NiidIFQq761FmtGJeDlq_cJ3WZdDXSS83J_RfJ43fwBfYQ8z8TxZlUmN5Gdkg0pGTmhzOXDKG8qeyZ6Rv_nVAHPkVbT220Rcc9JR7kf1ZtQcf12mgoY9XITrqWTpdpVLrwMNn2HHEVxaZ7c_0qbuxOo8TbcGapKGR89IY4DmThA&sai=AMfl-YSSbymBM7jrz8iaO3u-Jzc5SWwfwzbHUIUjKaN2mZAQp3ztDL6dR_UgvX52KKw2kO5Tvd_lboRN30LI-CvtKJodwGE_FwOIoGHHo0Xm74XvycWbGgMR0laoAEgtwjsgSDWmJhmEXD5N0b7N_LUQ8PMagODhjcHhtLLxGoa4sOBc1-ERdDZAPPIsG8qzc2StQpNLhKE1jy2DDQMY3AP7heTx9cF43eqGrEMM2JDtdwNvn8jewGl1RpriU3Tkb86Ag-qN6Xfp3ku9hpnABPFcbFEKHFdKJmGDKOOLrwwEwjhV77-RU2YxuuTOe_Io2JthmxtueUeAwQOWteJNNfWbWQ_OOYTodrTe-hpjcxUOyqUrNhOUh5XJ0pxOcj40l3Y_noHEXOJOh3jC0s8_U3uWyPnlFPIXBBaUnvQkZhB-gM34DvGmDECEC03TddWtKhPsDbQzPchY0d01_Jz3Az-FWh2Ceg9Z74KG1v9PRUXEAEMdxRlzh5P4MuB1g53jc_sw3f1F2FtWtStjbg&sig=Cg0ArKJSzAGlpPv0W09pEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=696&cbvp=2&dett=2&cstd=0&cisv=r20231129.19636&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 21DE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 12:02:58 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P5XVKGG5WX&gtm=45je3bt0v9169733286&_p=1701432948228&gcd=11l1l1l1l1&dma=0&gdid=dYzMzMD&cid=2137318846.1701432948&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&dp=%2F&dt=KrystalMagick&sid=1701432949&sct=1&seg=1&dl=https%3A%2F%2Fen.krystalmagick.com%2F&en=page_view&_ee=1&_et=1&tfd=2507
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5XVKGG5WX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://en.krystalmagick.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1ABD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 12:02:58 GMT
view
ad.doubleclick.net/pcs/ Frame B047 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuxmTrxtqpyYKuEVpHXjDiV8QE1mWcD6sRAtu2W0dwFB2QOtLkvTRskgZI1BfljNwoSyBC0PEUwJZBXi569JTcpRzibwDsdxFdFq5bRa9fH6buhP_nU5uYWSeG3baP93O5DEj79Pr0CIQK4jvVZcBSD_XBo_Q1lkXB-WrTTZFnj4k6SPM9YlWsqUEvw1ia_NWA9JxK8IIf1ZeZF5jQA9UwbYDWQZEJ2QwqpLkSYSI4GqPJX5iTQcBoe98zSxk09M-zD7z26PnPiBPe3CCK-W9-5sc8v_l9MGS4BxmWAmpeEUl-iM528oX2U_57jChECPYcX4LXDcJg-MpSU-XQWUVo6f5ySfoSeKgs6gbB6XHbFhUH-duriuZNBzJIko7O8y5OS81UhyBcJ4xuAVHKlQGWcO4C2TAhE9Ie9oqzTEbRnr9SYCiqvdNp1pOb2nlj7f5EVd-0YWgFNDiTUHZ0XX74EpUiqvlOASA83KI-8fox8HuWPuX6Wba8DtI4gaQNs4zYj9Cy3H0eT-jxMYgxvBYwf_Qm8ykkVAt5OWJq_vVAH70U_Ny1QNi8DVLnHqZDzca8W-xvXTdw9NdoNwgOeeRutDsmKZcJeBleEBDnqqvbuJDQYYc8_PL5710xd046XIha3RiZ0xGEUWPrnNAsCfbVkoYj9f5dUPmMmf1mtYTw8asD0htZlqzC-M9HYaPrpzeC1ZMPC7niwjGPQQanT0Tz-hv2YS_eqBZSuqq7JATVypQNqNjGwie_MMQ9JqhUHgf6uXtUHmgV72udVQCXMRLh3H-5zYv2Vq97cRJrHNwcR9NRUKp7_ENB_YzGopfbK8_fOUfnkH8OPGptHHA_p7XngYBrhlC-QEk5ZXkWE5lNw-m0p8EBnutrFU1NQ1R1pth587mhUb5x2wjiy7Y64uEr9XHdOofugGEKhHPaAWFMA06qMrQZh49I0R8q9zfYXxTh6rDbpL48N8jIKuLdMcC_9Nm9ge2I417fCifngFGHhcY8Weu5wppUX6k3AX2xIZZmrVlwsgAOZLy5ITaj09aVBEbhcHtNzcNMOhqE7ywbLwIEgaBx7gKWlJn1N_8VgJpUqXO8qoqEKR1pUyLM8jEKdJGNjxqvDXQoQZltNX7nawQSBCbbQUlzpmwuiRR4VAEa6k4Qql7mfXYcpMRu_xeHzRoMKxEJgNw7WH8D6tWIVdEB-HI__4GZziA2dUfW8ZLj9sWhpdUHqRVyPKM97jPIliwWfMzI8tjOZAZL-H1NU3gNLttaYOVMOdiwOgPoErmefWNhX-yoHf-E_O981ugf6nGLTJqPleOPaYVOE6jONv7p4BZEa6X9wuuthGHh5hb3SzOloZfPmWMmsW_s5wP96-HIdLkarWPj3jPo2pGnJrPTg7LCdvQ&sai=AMfl-YR6sZ0rKj9rKjBz6Xs1en0qeaqeDvezz20WOg8Jgbmh3H7beAAplmgaVH7NY_hWuUX3AeocDxlWDUr3Dw1BJAUtSYzLW9Td6RcWKHjUA1Ygza01iFNeGvZE78SbZW39KO4n8UeomL88HQWYQRjfepT7dPS1_iJTwoYH7lshTC63eHOz8uEYvdrBZjc5ABJnWoRenaV8HBBUzhgWGkBbhF4jLQOuhm0yObr84NNCVZctybzAeir9TScC0_Di798nIprIKuUo-QlaNHmdRftSSxPEW-XwtKQRYwwP6t0AGxHQRecvTYQBVHngd5xmDpImIFWVUdjV7a7WsXEFPQ90xveuXY46rCNxNnbjgkiWj7uw2Y-kj5VJKGi2EG_xJNxog8SulDDpq1qH0LHYJ0xuiiM4h8lBiOKU18fRYYJXSh9yoEhdEW4w2nteBTfTMY_oswIPx-VsN8cSk1PZ3pleeA1OwvRdIhbmH0fZSJvLVHu_xQuxaApG9qyfk91ty_yIZs6CyTk2TcMNXg&sig=Cg0ArKJSzHSEwnp-SsUIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=685&cbvp=2&dett=2&cstd=0&cisv=r20231129.60785&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 12:15:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame EEEC 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpml8y6f&c=7870165984102&slotId=3935082992051&qqid=CID169Ob7oIDFeoCaAgdMbwMOQ&fb=outstream-lima&vast_v=2.0&vmfc=9&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:80d::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame EEEC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 22:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
393864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Nov 2024 22:51:25 GMT
file.mp4
r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame EEEC
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/75E63E77A3C44FFF2CAA6DE7FEB7D5705DE046C8.646169A0E2F5C6EAC5B228D72086C7809380DFB4/key/cms1/cms_redirect/yes/mh/cu/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1701431871/mv/u/mvi/1/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2607:f8b0:4006:15::6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:15:50 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
9319103
Last-Modified
Thu, 30 Nov 2023 17:44:27 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 01 Dec 2023 12:15:50 GMT

Redirect headers

date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/75E63E77A3C44FFF2CAA6DE7FEB7D5705DE046C8.646169A0E2F5C6EAC5B228D72086C7809380DFB4/key/cms1/cms_redirect/yes/mh/cu/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1701431871/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame 1C23 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
304f1aa5ba30cc12caa47c5ef42ec5c55522ebc1c4fb7a9ff277c61b0b35fb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137246
x-xss-protection
0
server
cafe
etag
15100199377806260819
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:50 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 0C59
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ck3VgdM5pZYPrBeqFoPMPsfiyyAPv28zLc7WNqPjzEdeSgcWODhABIJjvwpMBYMnujovApIwQoAHcxs2qKsgBCagDAcgDywSqBOUBT9AJIABqnx7ofoJ-qSKAOJ2vz2MTFTR7IwOQ_3z5j0t...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcba5377a39bff7de0000000000000000%22,%222%22:%220x6b970fb65b739a870000000000000000%22,%223%22:%220x15b59d...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcba5377a39bff7de0000000000000000%22,%222%22:%220x6b970fb65b739a870000000000000000%22,%223%22:%220x15b59dcc6448f5e00000000000000000%22,%224%22:%220x70d11800079cd9ad0000000000000000%22,%225%22:%220x8c27c91f090020160000000000000000%22},%22debug_key%22:%2210689299592189576291%22,%22debug_reporting%22:true,%22destination%22:%22https://lovingsunshinereadings.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211363640156%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22721910400620498289%22}&andc=true
Protocol
H3
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xcba5377a39bff7de0000000000000000","2":"0x6b970fb65b739a870000000000000000","3":"0x15b59dcc6448f5e00000000000000000","4":"0x70d11800079cd9ad0000000000000000","5":"0x8c27c91f090020160000000000000000"},"debug_key":"10689299592189576291","debug_reporting":true,"destination":"https://lovingsunshinereadings.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11363640156"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"721910400620498289"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Dec 2023 12:15:50 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xcba5377a39bff7de0000000000000000","2":"0x6b970fb65b739a870000000000000000","3":"0x15b59dcc6448f5e00000000000000000","4":"0x70d11800079cd9ad0000000000000000","5":"0x8c27c91f090020160000000000000000"},"debug_key":"10689299592189576291","debug_reporting":true,"destination":"https://lovingsunshinereadings.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11363640156"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"721910400620498289"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bpm
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.0c93ca04.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://en.krystalmagick.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:50 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame 056D 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
304f1aa5ba30cc12caa47c5ef42ec5c55522ebc1c4fb7a9ff277c61b0b35fb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137246
x-xss-protection
0
server
cafe
etag
15100199377806260819
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:50 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 7DF8 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: en.krystalmagick.com
URL: https://en.krystalmagick.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:48:29 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 2025 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 11:48:29 GMT
expires
Sat, 30 Nov 2024 11:48:29 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcba5377a39bff7de0000000000000000%22,%222%22:%220x6b970fb65b739a870000000000000000%22,%223%22:%220x15b59dcc6448f5e00000000000000000%22,%224%22:%220x70d11800079cd9ad0000000000000000%22,%225%22:%220x8c27c91f090020160000000000000000%22},%22debug_key%22:%2210689299592189576291%22,%22debug_reporting%22:true,%22destination%22:%22https://lovingsunshinereadings.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211363640156%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22721910400620498289%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 12:15:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 286E 		120 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf793e28bf946ce6c598d7913af1a45542d89caa7ccccca94d8bee17400d562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en-krystalmagick-com.filesusr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
42232
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6E01 		120 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8406d0ccb23d146b4a4d9fd43dad2a9c5213be371fc5d1c7d67849c6628bd4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en-krystalmagick-com.filesusr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
42351
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2025 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 12:02:58 GMT
file.mp4
r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame EEEC 		659 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-ab5sznzy.c.2mdn.net/videoplayback/id/7a40342bd4697b28/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3845814439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/75E63E77A3C44FFF2CAA6DE7FEB7D5705DE046C8.646169A0E2F5C6EAC5B228D72086C7809380DFB4/key/cms1/cms_redirect/yes/mh/cu/mip/2602:ffc8:2:104::16/mm/42/mn/sn-ab5sznzy/ms/onc/mt/1701431871/mv/u/mvi/1/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:15::6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range
bytes=0-

Response headers

expires
Fri, 01 Dec 2023 12:15:50 GMT
date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-9319102/9319103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
9319103
last-modified
Thu, 30 Nov 2023 17:44:27 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
generate_204
tpc.googlesyndication.com/ Frame 21DE 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AMcmoA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1533 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1hWtdM5pZYHrBeqFoPMPsfiyyAMAAAAAOAHgBAI&bg=!KimlKWbNAAY3kmNgF5I7ADQBe5WfOK2hjIAwxCNLJVbIvLAmFD71NaipDaQMqICozxH0UWZRC09zO-3YCiHvO3HK_uhWAgAAAhNSAAAABWgBBwoAC7FWoqPSZxCDGRK1mQMKP8KqvJWREQV8icgMlj78_c0csTAgyXPKe8QCu_CUoLSdOCWWXONUhtP-cmup21AKICkOdsmiGGg50ZV7IcQOws8nULlgvTNY-5fhJrb9dywRpKTdlnj8BneN7RE6JlWhRGqrVQn0WBjsb7GCFYMo7ediSm-h9ZbDSnsIK59l8vgRDxQbeqMonT7R1S28Ax9hNRFKTC622y95IoE9CKonH9KloNS6uQTDrczreo4Es_OAhTBgjHbTLMCwC4XQ8kcOVDnXfis0NgdJEcVk9s8BJWPZN9DkH07ow2YW1nMmAM6qnkDWPQuQWsxpsdiW8f-40slhIPmH-G5K18--yaI8WJVjueba_yJZqi5Spx7FTGBYWK8RzeWwcrcc5V8wnirm69O4U9Pg5N68OMMnchzbgMDn1Wi8uEc8qXCEjSWvpC2T-kR-wGf3mJBHKLAkrWiCYojNZ39SFETqk2zNt7DhWEj3xTrkjM5UKDSsRDoHvEAZyV3bvD0jCKoF6j7MLZjCQkraYg1jWn2SrZfyKjIX5QMg-t_vCsOKApIiASLXMI_0TCYwX6XJtGs9C5JblUikUSt3J6n8G_pk4B8eidUuStbHBSFt_jjtYUQ-PAHkKrgGUT5IndCHLdOKGjaQNFxUCtPQta8veQq7k5g_F5DWny-hEfzDh3cV2vB7USqvEuiDlnNfyyTfAV3ryav1yU3iFyRXvxYVemaEphMR6VtHF_GN92PIPbrTfR7HMIKpfP1M9Yc1lnbmBWZ7E2nIS6Or5higKYstWzTOxOC8Tkgna-v2pxrQtWPsyaO6DbmB3JLf4GM4yJp66zfbZUh3LVmrdAy4YcXAFQlXVwBVFz4rGtHsY5wbK_iFEKXENW6LxowH9ypbzqd8JrEpa-4Kt6YNoM-YLb-j-Mfcl3HeindZHdMUVBMTjK3KQceS362xh4ETLqZzQAwadueiKK5orkGwY4VmdMEif0_h7WoKxoKiMLMTwcgUpld_5uIj3o3LM9CRAT-Ze5tybDflxb_7ssxEeN-qZEAM9WzN-A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ABD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKamtdM5pZYLrBeqFoPMPsfiyyAMAAAAAOAHgBAI&bg=!Tk2lTQLNAAY3kmNgF5I7ADQBe5WfON3sbqcMLF5paM7bOkqhtmfHnHGgA7M0LlORU9ImA8DEnbNAMgMyq3FXhzIpY-5uAgAAAc5SAAAABWgBB5kDBTT3nkkkaZY2vzfA_k9Sk9rKF6aUl1QaRbfKFwCtq-M4lQO816p9dz0dE6Be-Z8JjFJUw1SXDVklWjzyyDcgw8m-TQlGcl64Y0eX3m3z3x1X557xtZcs-KW0mqTpYYtYTlJeNJFPLHKGd-tDkrIXCLu--9T6MwTKSjtIKoS_ZHP-AaO9GmidYVZ5VSC_nxUObyRuxlSCF9l2S3wAPiS7Cm_V5l9ze4_c0ZghJdLfD59-S5RGvHCYZUCk4DUvnTeLzgAkGsYoN1VwlakRHwLK_EKK5jMSUCXlhQHNkO5-Q0P-B63h3TOE1PjNIFH2GLvnTt2L2QSYFLZ7K2-Iun1riKqeI60A83qrqOIwKl2dMHaTW-KxZ1tpCSpROjr--YAoBBstuYDFUMj0A11zjBttko3lD6FVgqvgKqDeGa_wurbMdju7p-tYKQAbT0M39sc7Za-sV1Sgvxsqcw2t_BHlGBCfzPNZw3ubZ8ow7KiU4jvLFzMhPJwgVyQde2uNz1k0Fc6tbIBpL6fNsStz8N5z4OpoDn_ZVd4Flb-aG5MUZ09ZNqI6I-LkrY3fGZahKx_KNRwwIrfqT4rGFxfis_dRJNANwpFYa9mSxGFIWJklLWhBK_M8ZUy5UlfIQzlN6mXi53Y74FKIPGeP8XDvSK-LMVnRljDCpYJvzvPJke0RfbkCIFo0lnhkdkbySr3ByeKgEEjSKubEFnysHx0Wltd1o5pCIPmk2ZzNhGeL9Zfga-8yXxLepp_FrZ6BnjdvmjU_4p4dE-xt_vdkwSBlE5P1uIRUYPi3y9qVHYkU3-USJs3k44ofLHad6JbRpZNBA8ZAmcPOA9r_cOcVl82XTrY9EZQF4JyUrA3seC-qza-xW8yYzj7ffJ5XXuN5G0OvotKdZsptW1gl-AmZnC8o0l8YG1HvbYswt3DcK798BRhngFXXlJRILR9TSl3iAvJlJ1s_3zF14q-nm6GOAwjBnZzUZ9JL_UpIWhi_HPONZvzLQnOPZ1tnpR-yr2uWjakn35GsED3SsBFN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2025 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BHa5ldc5pZffANvKunboPneSuyAkAAAAAOAHgBAI&bg=!urmlufbNAAY3kmNgF5I7ADQBe5WfOB8lhIAZNPNbybXafggA_u-hEue6h_gjI8A7H7GIRLjU6mEFgdlj9VIQGXIBjvRyAgAAAJ9SAAAACWgBBwoAS9ONo5zVwZPaJXR2JZpaR_n-uHKc3NebfKs7z2_vriO07ZHmfjfq9MAdPA4ykYsWUbj91Xo0lKXdopyRXXJp1kCIxJGOWYEjSxQu4JkDFS-myjW0b5BIZC466uvUmzzrFL4iw71n4-cefif8nWwBvp6L-i0IlGsGoAm-kCz2YjT_uhusTEUDR_c9P9wWcaYADOILZamlj9HHfvdTsRkRY5fz5Zf1hxO6wrw-SOwoH_LoAQo4jBCa7cQxPC3Zfkh9GgZ-SwY6-zY8_J2HXxY9KtywfGC_ZW6SWP2pLLwLA9bz2ePBZ9K1a_qWbvonS6dfSlxIiotvMe6ItAqvLsPlwIwpqfsljv8Dfyn24g-mFWVOShybHEpExJCbLVOtyBUn_LwTYYs6U_1usUo69Dq7G2LFFYfYk2kI4JVkJH4LTxjWo2KkDxvHFSLyx26C-AXGIVp_7M4Y2JKiVPOKDmSfuN_6KIFbOl_8EVhgVbO1tdSx0qTxhu7BHIWivC-0SOvwCF4pitdAcMAOFQ0wj9iPWzKb0d9RH0yeZiYXll6gvHJfhns7fdCJhhROxTFaAko3z-eksxCO9oS1tGdQ73D3qRb9QlPL7C0_TkPTRJw-6tTWo1hhdloJK9JTr_A1yX7FqbAAc-xECLXXL8H02r6PltN0Cdrf6--mCbp6BbSSXLQOdPbg7rPO9TMJj_yV1Xbb8nUSadwNK2i8W9jVffpliQkBE8bggEIENaPKd03So9wHGZj4qwsd0MP9PdPx9GBtert2GIBWqQM_T6FCzC9KfAApDbAySKRVIsOARgqRpB-9o4CYbgElJQmece0HqCDkj_kN8HsyfpvmKvX_YUXg-xpMUAtQxLM-ZKbg0t7DJpe3zHn_Ayd_ShhTwTlEknJZIz1kvUwTr1jHSccK7sv4OhIAWnPPE7qWYAh4wFPrw_bkDrejqhjXDkrf8jBrIm7sp5z852KNyMux13tAYX3R0AsqnVEgwzysq4Uamu7nXMWRAxct99v6UNmOnwpU23t-SKiCJdopUBrv4POqvax0wzMnkHBYROBTe5idd-k4e_zDPkeaS642_7te2Kqm3nmXmx4lnIY4CyXWyPeTZueFZOdyUEdP1uEJl_g2n74GcIYhkkTpw_rSQwsuMy2yEvU5hGOJIg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 286E 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 12:12:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 12:15:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 286E 		2 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
58955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:53:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 286E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
58955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:53:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 286E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
16858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 07:34:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 286E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
58443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:01:47 GMT
l
www.google.com/ads/measurement/ Frame 286E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyheKR9glO5VimUa_kdYAg2E6ToCIPTNs49Yki9wIifdAVUb6B1pkgY_ZUAXz-Xtt53IUgiJMmcfJeWRNjVd0M2q0xtQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 286E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:50 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 286E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:53:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 16:53:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 84FA 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:05:06 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 12:05:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/13486307058385083967/ Frame 286E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13486307058385083967/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27317178516d5f04969a5a9e3697468dfc2f694cae97683636f7968fd6a1b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25211
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:59:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Nov 2024 12:15:50 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10943860953770422326/ Frame 286E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10943860953770422326/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41599d746af4d6097c5448fa20552132fb0b12065fbbf586123c2460232731ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2492
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 06:11:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Nov 2024 12:15:50 GMT
truncated
/ Frame 286E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3c0fbd155a9ccaae25d79211b396e2352e117789e60b6a0532a4c7e06d574fe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B59 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIQBmKAGKPyAnXueIeMJmTL4KKGsSMU-pHbr1qCPE1XobAfSGsf1sZLGVZPc2mMnmgA7iAwSrDYvVg0MkKLzc5sCk8F7D9hsPOaytYHgB68jZdAwIf99Q6q-Cu4qe0LrIPkydI8HJnKQ&sai=AMfl-YSPxOngisd91HbzBMpgDaXnl-sUt2P9l50gMLZANwTxCdyu50tstcfhL7eQekeoA-_yxCjC9ISVgYXV4XE-oFljol0nNe-5UTR3523Ks5ih_hPIc2X0siXs81t5rlUcijGZ8QhmjGrDHYyegz0zw17xOoh9_mD9Czl_&sig=Cg0ArKJSzOhN6bgoNU4CEAE&cid=CAQSTwDICaaNk1iLW6z5GbRCG0EXewytw2IB6TwEQ4ZBvanUya1dej68Ze8Igx0DoBPs0Vfm3hoYNsjsuWBE1Vbrr07N5AQi-GzZZlL686viRwEYAQ&id=lidar2&mcvt=1005&p=0,0,600,160&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701432949155&rpt=543&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 6E01 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 12:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 11:24:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 12:15:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6E01 		2 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
58955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:53:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 6E01 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
58955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:53:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6E01 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
16858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 07:34:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6E01 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
58443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:01:47 GMT
l
www.google.com/ads/measurement/ Frame 6E01 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmm2BDkqTuSjPVzSGV1GIANzaxp4nLPgoWh4LO--gQGUBTfZpnjl4tMxCVWhIbbJZXILzASwR45Z6tX6j8VBqYGo8vsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6E01 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 12:15:50 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 6E01 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:53:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 16:53:35 GMT
pixel
cm.g.doubleclick.net/ Frame 84FA
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_cver=1&google_push=AXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O6rNzepWxcEpWmDqFwltbBiDuIIkR7q86w
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O6rNzepWxcEpWmDqFwltbBiDuIIkR7q86w&google_cver=1&goo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O6rNzepWxcEpWmDqFwltbBiDuIIkR7q86w&google_cver=1&google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_hm=UTc1NDcxOTM1MTE2MTgzOTE5NTA=
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 01 Dec 2023 12:15:51 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmTGyMY36x9SV5Mg-FPBr7g59V8II_x4TzHqPakZJRcpYbLZJq7qT1o3_qdUHpE2O6rNzepWxcEpWmDqFwltbBiDuIIkR7q86w&google_cver=1&google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_hm=UTc1NDcxOTM1MTE2MTgzOTE5NTA=
Content-Type
text/html
Cache-Control
max-age=11497
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 84FA
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOhLDUtDNwqvnnalDVQ2bpE&google_cver=1&google_push=AXcoOmQKQ9wfXSwWWPKTwT4yEf0-vWUYxch_QjcJMd0b0lOoukb3SMt...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=615629f6c7ca140f&is_secure=true&networkId=14000&version=1&google_gid=CAESEOhLDUtDNwqvnnalDVQ2bpE&google_cver=1&google_push=AXcoOmQKQ9wf...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_NFAVvc19QN9g99nAAAAAAA&expiration=1701519351&google_cver=1&is_secure=true&google_gid=CAESEOhLDUtDNwqvnnalDVQ2b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_NFAVvc19QN9g99nAAAAAAA&expiration=1701519351&google_cver=1&is_secure=true&google_gid=CAESEOhLDUtDNwqvnnalDVQ2bpE&google_push=AXcoOmQKQ9wfXSwWWPKTwT4yEf0-vWUYxch_QjcJMd0b0lOoukb3SMtj-Ftq20q77p9YvmonnpJ5qQ0XssdQHDQGYooa895wQo1Dag
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAG_NFAVvc19QN9g99nAAAAAAA&expiration=1701519351&google_cver=1&is_secure=true&google_gid=CAESEOhLDUtDNwqvnnalDVQ2bpE&google_push=AXcoOmQKQ9wfXSwWWPKTwT4yEf0-vWUYxch_QjcJMd0b0lOoukb3SMtj-Ftq20q77p9YvmonnpJ5qQ0XssdQHDQGYooa895wQo1Dag
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 84FA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGoRUio1ruLkt7Odw3UwRlA&google_push=AXcoOmSXvSsAyBN62UcjsxYRtnb-jvJmNcL7cYqs_GV9d85fv-OMY11IG_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGoRUio1ruLkt7Odw3UwRlA&google_push=AXcoOmSXvSsAyBN62UcjsxYRtnb-jvJmNcL7cYqs_GV9d85fv-OMY11IG_H8fi0a42HsOps8AuRxn9phYCVctndeL-9F4KxJqRiHmA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4567-YYZ
pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701432951.986695,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGoRUio1ruLkt7Odw3UwRlA&google_push=AXcoOmSXvSsAyBN62UcjsxYRtnb-jvJmNcL7cYqs_GV9d85fv-OMY11IG_H8fi0a42HsOps8AuRxn9phYCVctndeL-9F4KxJqRiHmA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usersync.aspx
dis.criteo.com/dis/ Frame 84FA 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS8IjJcFJyU5t0QxrG7B3bmNam_tI94JxSnN3py4nrjxnKNmI0bo_jR02XnPpPYxIRn0hOEIh-W2NKGUoOJewJcy8y3FF1zOA&google_gid=CAESEKPetfq1YEaGDWwHyHVfpm0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
681898
expires
Fri, 01 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84FA
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJk3QbnVUspqSNNG2h9t8a4&c_param1=AXcoOmQ8aIDGDpl9jV9lSmuLtfpGk6sHWZWXb_v0uheXqr_K_zK1Wqx4dcSDHKqHh58ss6mWee0K5PUqBBtq8-W4320WqC0sdFzT&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ8aIDGDpl9jV9lSmuLtfpGk6sHWZWXb_v0uheXqr_K_zK1Wqx4dcSDHKqHh58ss6mWee0K5PUqBBtq8-W4320WqC0sdFzT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ8aIDGDpl9jV9lSmuLtfpGk6sHWZWXb_v0uheXqr_K_zK1Wqx4dcSDHKqHh58ss6mWee0K5PUqBBtq8-W4320WqC0sdFzT
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQ8aIDGDpl9jV9lSmuLtfpGk6sHWZWXb_v0uheXqr_K_zK1Wqx4dcSDHKqHh58ss6mWee0K5PUqBBtq8-W4320WqC0sdFzT
date
Fri, 01 Dec 2023 12:15:51 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 84FA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEpXn59XsdioKTRhLBvx1M8&google_cver=1&google_push=AXcoOmSZLvTiQ8_o8h_dCMNXIe8G30_XZv_J9uAcnC9fnWkLlSHqWVqVZu8pV0dl8DiEDZWHJCz7OcEMMxY27kl...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZSfz20w6V599SbOcGzQRzmAJ-SQ&google_push=AXcoOmSZLvTiQ8_o8h_dCMNXIe8G30_XZv_J9uAcnC9fnWkLlSHqWVqVZu8pV0dl8DiEDZWHJCz7OcEMMxY27k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZSfz20w6V599SbOcGzQRzmAJ-SQ&google_push=AXcoOmSZLvTiQ8_o8h_dCMNXIe8G30_XZv_J9uAcnC9fnWkLlSHqWVqVZu8pV0dl8DiEDZWHJCz7OcEMMxY27kl9wOnpUqluWIgAFQ
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZSfz20w6V599SbOcGzQRzmAJ-SQ&google_push=AXcoOmSZLvTiQ8_o8h_dCMNXIe8G30_XZv_J9uAcnC9fnWkLlSHqWVqVZu8pV0dl8DiEDZWHJCz7OcEMMxY27kl9wOnpUqluWIgAFQ
Date
Fri, 01 Dec 2023 12:15:51 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
report
sync.teads.tv/um/ Frame 84FA
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPF77wHZH5xa...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzFiNTA1YTMtN2Y0OS00ZDQyLTllOGYtZjM0ZjhiOTZhNTg0&google_push=AXcoOmQuMV_DuA7_UlHuP29QQ_Td4jzp7PHmPGW59qpqQtezTE7OBLv98P6JwIgLEGChW...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-155.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 12:15:51 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 84FA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KexRyZCNSt12j2w8QgJzDOFrxe3XcC4Bjru8upQQcUgZm_pk8t9S3eEcBP6Jpai5tln8b63w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame B047 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2Efs2t_wdCNsUsYRntKSsZR8Lue2QR91OmG1wR-VgQeNk0Z1Xj0IoA_0AOdaknKn4s77-N0z-z-X4wzAnDaCGMMiHulI2ccJbmmfsk1Wlhe5GmJbfhxfB7ddK7HtpTEzEW-Bxa-haTA&sai=AMfl-YTEUPqQ8auZ-gIpn9APv-Ya9BzEG_BPgmKQ5dp3UjUblAzTpoNPKnod-3K06eEOGyvRqYJ-GP3Sy0skCSuw9ghwyrFf2nrBWRDo_X15RWr4UzS8hfetyaXNofzGNJWzVmIa7GdMsUToVAHcWXM6YWj0vx89Lrhx73UW&sig=Cg0ArKJSzM6Yx55m0wZtEAE&cid=CAQSTwDICaaNk1iLW6z5GbRCG0EXewytw2IB6TwEQ4ZBvanUya1dej68Ze8Igx0DoBPs0Vfm3hoYNsjsuWBE1Vbrr07N5AQi-GzZZlL686viRwEYAQ&id=lidar2&mcvt=1018&p=0,0,600,160&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701432949211&rpt=484&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E914 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:05:06 GMT
etag
48472445140208031
expires
Sat, 02 Dec 2023 12:05:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame EEEC 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpml8yb7&c=7870165984102&slotId=3935082992051&qqid=CID169Ob7oIDFeoCaAgdMbwMOQ&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=Infinity&br=1458&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1gh~vil.1zu&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4002:80d::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13486307058385083967/ Frame 6E01 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13486307058385083967/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27317178516d5f04969a5a9e3697468dfc2f694cae97683636f7968fd6a1b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:50 GMT
x-content-type-options
nosniff
age
1
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25211
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:59:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Nov 2024 12:15:50 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/11119601221651579403/ Frame 6E01 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11119601221651579403/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e82ac4734cc1d051270d77b520cab583e872db0230e938114aa38f9da1ee994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3419
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 02:09:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Nov 2024 12:15:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 286E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:45:45 GMT
x-content-type-options
nosniff
age
135006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 22:45:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 286E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:56:27 GMT
x-content-type-options
nosniff
age
15564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 07:56:27 GMT
truncated
/ Frame 6E01 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72d3f4a5ba5ca65acd08f94731a6bf80ce71f92af620c035af84e0b6e6b09f54

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6E01 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:45:45 GMT
x-content-type-options
nosniff
age
135006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 22:45:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6E01 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:56:27 GMT
x-content-type-options
nosniff
age
15564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 07:56:27 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 286E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CkEW9ds5pZbPFGMuG3rsPjKu2yAufq876ZvbE49zhEcCNtwEQASCY78KTAWDJ7o6LwKSMEKABpIm7kwLIAQmoAwHIA8uEgIAEqgTdAU_Qc-pIgkZaZf3ITpsNiSOC88j7T7FFFKQfZEWouMT...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e5...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e52f9bffe770000000000000000%22,%224%22:%220x33191568df5586640000000000000000%22,%225%22:%220xd61a1efe36cddf340000000000000000%22},%22debug_key%22:%22254076532262281451%22,%22debug_reporting%22:true,%22destination%22:%22https://fieldsoffortunes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22577684644%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221870941720975949185%22}&andc=true
Protocol
H3
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x293d35b7d299b5190000000000000000","2":"0xb20f381ba1ee2480000000000000000","3":"0xe13b6e52f9bffe770000000000000000","4":"0x33191568df5586640000000000000000","5":"0xd61a1efe36cddf340000000000000000"},"debug_key":"254076532262281451","debug_reporting":true,"destination":"https://fieldsoffortunes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["577684644"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"1870941720975949185"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Dec 2023 12:15:51 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 12:15:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x293d35b7d299b5190000000000000000","2":"0xb20f381ba1ee2480000000000000000","3":"0xe13b6e52f9bffe770000000000000000","4":"0x33191568df5586640000000000000000","5":"0xd61a1efe36cddf340000000000000000"},"debug_key":"254076532262281451","debug_reporting":true,"destination":"https://fieldsoffortunes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["577684644"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"1870941720975949185"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C23 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7128f66c1a6dc3ca6222cf528c28e3ffd31e937a944ea0e56e491204def39733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12490
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 30B2 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091887&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950011&bpp=6&bdt=210&idt=333&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=7665806168429&frm=24&ife=1&pv=2&ga_vid=165829999.1701432950&ga_sid=1701432950&ga_hid=1051899315&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=311&ifk=91032648&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531705%2C31078301%2C31079811%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=2393292951426304&tmod=1647775439&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C311&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fujy61r8hjwy&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:48:29 GMT
dpixel
cms.quantserve.com/ Frame E914 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFyreQtlz4DoVE97L9328NQ&google_cver=1&google_push=AXcoOmSQ-iTSPlVhs3gCcqRpx2aYyCboVr1yT_pNN4V-q2M7qDRRhYJxSx-avEe6FBX-x84pKAG46aNWjQHID2cZZH7UQOaTl-CoYsAsgXU4seIabIr0Fjqji1Ii40bNqKJw_EbYBJndyldTHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E914
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_cver=1&google_push=AXcoOmR8Igh3Y0_XJwBIcT_rxXcMmefW1Je4yVLlqHD6AV834WM5kbLBhmOIcXhmtlj4FXJPNsR2qRxH-H1y8Q3YQhYfPmIZxiRe0nU1...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR8Igh3Y0_XJwBIcT_rxXcMmefW1Je4yVLlqHD6AV834WM5kbLBhmOIcXhmtlj4FXJPNsR2qRxH-H1y8Q3YQhYfPmIZxiRe0nU1X_E_Hvh3qwv-S0ZO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR8Igh3Y0_XJwBIcT_rxXcMmefW1Je4yVLlqHD6AV834WM5kbLBhmOIcXhmtlj4FXJPNsR2qRxH-H1y8Q3YQhYfPmIZxiRe0nU1X_E_Hvh3qwv-S0ZOtVOBG3UfuTYK8CXlt_v2tV2LNg&google_cver=1&google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_hm=UTc1NDcxOTM1MTE2MTgzOTE5NTBQ
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 01 Dec 2023 12:15:51 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmR8Igh3Y0_XJwBIcT_rxXcMmefW1Je4yVLlqHD6AV834WM5kbLBhmOIcXhmtlj4FXJPNsR2qRxH-H1y8Q3YQhYfPmIZxiRe0nU1X_E_Hvh3qwv-S0ZOtVOBG3UfuTYK8CXlt_v2tV2LNg&google_cver=1&google_gid=CAESELooqO6bRHbKrh2uV-APZiA&google_hm=UTc1NDcxOTM1MTE2MTgzOTE5NTBQ
Content-Type
text/html
Cache-Control
max-age=34508
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame E914
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek5uQXFwejYxUjkycVg1&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&google_cver=1&google_push=AXcoOmRl5qz_groNcDTOYXG87h7k3_-6Y2zhEhd92bAgOhF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek5uQXFwejYxUjkycVg1&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&google_cver=1&google_push=AXcoOmRl5qz_groNcDTOYXG87h7k3_-6Y2zhEhd92bAgOhF6qOHyAaPKHi2uRgNzUfLHD_VSH_zI3z5tX910JKdFlj3xjYppVKWaj1sB5Z7041pNWNfBEUBgRZ6Cx4928fdAxYouUs33MvFb6g
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:15:50 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b82056e4eec92ec6@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ek5uQXFwejYxUjkycVg1&google_gid=CAESEH17BjUvYMyyiV2rif4yf4U&google_cver=1&google_push=AXcoOmRl5qz_groNcDTOYXG87h7k3_-6Y2zhEhd92bAgOhF6qOHyAaPKHi2uRgNzUfLHD_VSH_zI3z5tX910JKdFlj3xjYppVKWaj1sB5Z7041pNWNfBEUBgRZ6Cx4928fdAxYouUs33MvFb6g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame E914 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQZXsf3VWnolwlo6EvqFyx4_feMw6e_pMf-efEDmByTpt5v-OBtoBwpWFu6MaqQdBnm7EB_4AHj-pP38zqXzYTLz1yRzXUVH4FA1PyDDzLgPQpokO3-op74OB1CMtwtENhoIybBO4Iy&google_gid=CAESEKPetfq1YEaGDWwHyHVfpm0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
371560
expires
Fri, 01 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E914
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOrCKQsptkhPcxZNny8KB3I&google_cver=1&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr6urZQ...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOrCKQsptkhPcxZNny8KB3I&google_cver=1&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NjEwMTk2MzIyMjU1MjEzOA&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr6ur...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NjEwMTk2MzIyMjU1MjEzOA&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr6urZQMCeEH-1zzUQRcMJVcXxLAsN4bX-OFC6r7XFvp-GUspc6la5MikxwIRXG_R4LaaJWCA
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NjEwMTk2MzIyMjU1MjEzOA&google_push=AXcoOmQeYafMVeVpbSvvOjXE1MSKJDGqkmYGXNc4XymP-Dch2IJRvMYQU5wVsoZfxNDNwMxbPwr6urZQMCeEH-1zzUQRcMJVcXxLAsN4bX-OFC6r7XFvp-GUspc6la5MikxwIRXG_R4LaaJWCA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E914
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ9qFMu1bSZTvGgub-cplRc&google_cver=1&google_push=AXcoOmTDB2E84myCBK6l47-MPGXHcrTBR17ABJ57Mg-xLuktMqzndq4N-fC892Akqz2NDaRCG1ZlD2s9kaFYg9Oel0...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc5NTkwNTU3NjU0NDA5NTIzNDE&google_push=AXcoOmTDB2E84myCBK6l47-MPGXHcrTBR17ABJ57Mg-xLuktMqzndq4N-fC892Akqz2NDaRCG1ZlD2s9kaFYg9Oel0PB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc5NTkwNTU3NjU0NDA5NTIzNDE&google_push=AXcoOmTDB2E84myCBK6l47-MPGXHcrTBR17ABJ57Mg-xLuktMqzndq4N-fC892Akqz2NDaRCG1ZlD2s9kaFYg9Oel0PBYnUBu2WuEY4bL8vKxyzaOBrsqP6vUkB9R3WqX5hyjvSik6hIz6Hixw
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTc5NTkwNTU3NjU0NDA5NTIzNDE&google_push=AXcoOmTDB2E84myCBK6l47-MPGXHcrTBR17ABJ57Mg-xLuktMqzndq4N-fC892Akqz2NDaRCG1ZlD2s9kaFYg9Oel0PBYnUBu2WuEY4bL8vKxyzaOBrsqP6vUkB9R3WqX5hyjvSik6hIz6Hixw
Date
Fri, 01 Dec 2023 12:15:51 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E914
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEGakp23VRt8u6AZqbBYq4uY&google_cver=1&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquP...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEGakp23VRt8u6AZqbBYq4uY&google_cver=1&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquP...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWVkYzM4MmIwNTFmMTg5ZQ&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquPvfGELnn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWVkYzM4MmIwNTFmMTg5ZQ&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquPvfGELnn2xCozHjWRqk4RA9by_TsHTvj2uijBxXAtpbHwibIc8G0K5t7FqQ
Protocol
H3
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWVkYzM4MmIwNTFmMTg5ZQ&google_push=AXcoOmTuTVvgqSN0soDfrp3u93MrYXToWogvIXgtPGKmfpJpJ1E5LErrefcIvQ5lTp8Me3zwxx4LvfYCXmZbZVquPvfGELnn2xCozHjWRqk4RA9by_TsHTvj2uijBxXAtpbHwibIc8G0K5t7FqQ
date
Fri, 01 Dec 2023 12:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E914 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iouqh2KT19K6inNjKDUY7PAj7zfVERzo5onptcuQR_YcT5MGhENNQcVtdT6flqovhShbGEBA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C59 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv50dlTfUZyuMULwSyhIc5el2wjiMXpAT39yx811NOvA8nes1aMoesUS7hvTV5RWJfTuZee3jIn2RsC5cIDqWPIBGkIsVnsxyXzJNO--a90kKbuNArvWK36bROYJnO_UB5QMUxoLk9wQQ&sai=AMfl-YT_oQCu38ZJ_CuXw8VXTm2IjFU6vBs6bk-hH8h3B-KyuHJRvbdvdt6Cls_f4uz2TV4a0dw4CWvbhJtpjeFJ6GlsT9e1-nq8nIXRRrnvRJ4hZQfj6Ki5AeSRAEeBsg2S252xjmxgt_WxISOpNghcc2Z6cLqJWgZ4_J8Y&sig=Cg0ArKJSzGqLzT4-t1v-EAE&cid=CAQSTwDICaaNk1iLW6z5GbRCG0EXewytw2IB6TwEQ4ZBvanUya1dej68Ze8Igx0DoBPs0Vfm3hoYNsjsuWBE1Vbrr07N5AQi-GzZZlL686viRwEYAQ&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=656,1002,1002,1002,1002&tos=656,346,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701432949101&rpt=951&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6E01
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CCYCuds5pZZ_1G6nMoPMP_5aCsAufq876ZvbE49zhEcCNtwEQASCY78KTAWDJ7o6LwKSMEKABpIm7kwLIAQmoAwHIA8sEqgTdAU_QOmUY6KAL37Dzgt2OADjR9gOFZu_5EhLYPeelDrS47-O...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e5...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e52f9bffe770000000000000000%22,%224%22:%220x33191568df5586640000000000000000%22,%225%22:%220xd61a1efe36cddf340000000000000000%22},%22debug_key%22:%2213630753513616330458%22,%22debug_reporting%22:true,%22destination%22:%22https://fieldsoffortunes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22577684644%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216683477028881254401%22}&andc=true
Protocol
H3
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x293d35b7d299b5190000000000000000","2":"0xb20f381ba1ee2480000000000000000","3":"0xe13b6e52f9bffe770000000000000000","4":"0x33191568df5586640000000000000000","5":"0xd61a1efe36cddf340000000000000000"},"debug_key":"13630753513616330458","debug_reporting":true,"destination":"https://fieldsoffortunes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["577684644"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"16683477028881254401"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Dec 2023 12:15:51 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 12:15:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x293d35b7d299b5190000000000000000","2":"0xb20f381ba1ee2480000000000000000","3":"0xe13b6e52f9bffe770000000000000000","4":"0x33191568df5586640000000000000000","5":"0xd61a1efe36cddf340000000000000000"},"debug_key":"13630753513616330458","debug_reporting":true,"destination":"https://fieldsoffortunes.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["577684644"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"16683477028881254401"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 056D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c2a0cd1a164dc3d85bb7ada0d5b08a7c6b41caef5fb21b03a1fa2953003f9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12164
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame ED8D 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9052924711808125&output=html&h=280&slotname=7155690154&adk=2988518773&adf=142091880&pi=t.ma~as.7155690154&w=964&fwrn=16&fwrnh=100&rafmt=1&format=964x280&url=https%3A%2F%2Fen.krystalmagick.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701432950099&bpp=4&bdt=289&idt=306&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&correlator=8599513998093&frm=24&ife=1&pv=2&ga_vid=996474470.1701432950&ga_sid=1701432950&ga_hid=2052613497&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=980&ish=250&ifk=91032985&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078301%2C44807754%2C44807406%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=3001504312034745&tmod=659211648&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.zcovfkty4kbe&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:48:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=4087991418844724&bg=!BAelB0jNAAY3kmNgF5I7ADQBe5WfOMw0LQAO7tjUAgBdF_FzPSr3okNILDfrcICqHPKneq_V4CxlQvwOyg2RJpdNO2uFAgAAAj5SAAAABGgBB5kC00xrdpoklI4Dv5qHZf2GB2m3WlBRpxgMP7oL7RAk9WeI-MrNcVmfKpV0ZD7CzTPNvj2EkjGm62lq7UnzE4DDJaUsBGjKkHZS3JhH_mdo1aw5cxmYEpbp9IjbPIhWWdsL9e7r-FXSD50kbPGe5zCgTIiuHNAS4aVPe_iENuxDjla6E_8w-ZktYh5UNuptwGWHIUUdV3r_n-7xtpKtTMy8rcM0ECAUzrNxRfUEsFBvwaM1qHY8Sv5xn7LsW_k7MUZJtYwKN8rbeqqTsnTHeAIt8lhNiKj3d6IPtzZQuXLXn24tsTPhXw-TeoImDSsQTD65ra09l2Es42oXHKnVthbvtUo5eERgMtTWVBqRNNeeajHrNaPcsf8CrcChxEdd-f1-8Oz78e--qloBdEF-YfG8GZNmXrDSCfpN4ymydcUPKwqVLOdRbgdNx2OxnnXMVP4RMtskUJ9Wd1QBRmHD9rZSCMmsIYnus8n6lqkqSJIaGiNEb6Ejyr4jq7XxvrD7BFii8pp3a42IvOKPNU74nBK6Y199KrX8-ncvGxzviLYXt2QMIruxuXXSyniMZMyCqZ0TCGbaRRTqTTkffQJ2wnwZxpIIrGW8UXiuLk5VQZUkz2dlKleJMHeIYsBYY6hA-6JhZ6lcI3iHGAN_v_-cZ96yexBZlwOkUTtH3SKOYaiZGmnhqSvivz3lV-1oTHMEGLAfVY9iJf9loApVU0OlThMf9FHJpTu3VdsG-Y2uZuuNAxzMaLWTwjq9aXNLzuiOG3vCD16TJnFlmMmmTMbPtaTqMQZXa2xKLYBJUpg8nUhgrofoEqY0WWEgx1En2O9I34IGkwkPfIS2u8_9LB914Li3kG6KiMzi_VqyxsrluUr5Vc19av4ZbCLmP_5Eyoq49cdt-EvcuYT7qRp_lKMrAMa56gRZXKKGDKcjCZxCvAkAoTnZ0rNFDVqG0pRHfpM5ST9bU7XlnA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C23 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 12:15:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e52f9bffe770000000000000000%22,%224%22:%220x33191568df5586640000000000000000%22,%225%22:%220xd61a1efe36cddf340000000000000000%22},%22debug_key%22:%22254076532262281451%22,%22debug_reporting%22:true,%22destination%22:%22https://fieldsoffortunes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22577684644%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221870941720975949185%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 12:15:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 056D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 12:15:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x293d35b7d299b5190000000000000000%22,%222%22:%220xb20f381ba1ee2480000000000000000%22,%223%22:%220xe13b6e52f9bffe770000000000000000%22,%224%22:%220x33191568df5586640000000000000000%22,%225%22:%220xd61a1efe36cddf340000000000000000%22},%22debug_key%22:%2213630753513616330458%22,%22debug_reporting%22:true,%22destination%22:%22https://fieldsoffortunes.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22577684644%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216683477028881254401%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 12:15:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0691 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en-krystalmagick-com.filesusr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
58036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:08:35 GMT
expires
Fri, 29 Nov 2024 20:08:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1EA5 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a4c40c6009d9d88cae61e457822bfad48cc7d64db6143cd8b1074202aa72f98f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-72vmCA10AGz2_xnCec3HKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en-krystalmagick-com.filesusr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-72vmCA10AGz2_xnCec3HKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:51 GMT
expires
Fri, 01 Dec 2023 12:15:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C564 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://en-krystalmagick-com.filesusr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
58036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:08:35 GMT
expires
Fri, 29 Nov 2024 20:08:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FF12 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce37d8b8f06b92ba8e0378709ae4a723672ac482208da74fc8c66b4d581e1b07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-txjUw2xJJBFXTjQ79sXgsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://en-krystalmagick-com.filesusr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-txjUw2xJJBFXTjQ79sXgsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 12:15:51 GMT
expires
Fri, 01 Dec 2023 12:15:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1EA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=2393292951426304&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FF12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3001504312034745&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0691 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 12:02:58 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C564 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:02:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 12:02:58 GMT
generate_204
tpc.googlesyndication.com/ Frame C564 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zqW-sQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0691 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SxzzuA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:15:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bpm
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm?_msid=5f41d86b-d2a0-45ae-9c11-ad6a516abcc7&vsi=83ada793-b45c-4467-bb24-d12dc7b41acc&_av=thunderbolt-1.13164.0&isb=true&isbr=plugins-extra&ts=4327&tsn=4490&dc=42&microPop=fastly_g&caching=miss%2Cmiss_hit&session_id=9b66f974-977b-4a36-ae09-282ee86d207d&st=2&url=https%3A%2F%2Fen.krystalmagick.com%2F&ish=true&pn=1&isFirstNavigation=true&pv=true&pageId=vo17a&isServerSide=false&is_lightbox=false&is_cached=false&is_sav_rollout=0&is_dac_rollout=0&v=1.13164.0&_brandId=wix&_siteBranchId=undefined&_ms=4490&_isHeadless=undefined&_hostingPlatform=VIEWER&_lv=2.0.985%7CC&_mt_instance=8VokxQQ1-wNWCNEbdfOUw5zbCZ3YB2DjUzUxeX1GO4I.eyJpbnN0YW5jZUlkIjoiNWY0MWQ4NmItZDJhMC00NWFlLTljMTEtYWQ2YTUxNmFiY2M3IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiNWY0MWQ4NmItZDJhMC00NWFlLTljMTEtYWQ2YTUxNmFiY2M3Iiwic2lnbkRhdGUiOiIyMDIzLTEyLTAxVDEyOjE1OjQ3LjU4NVoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjRkM2Y4Nzk0LTU0YWUtNGU2ZS05NmViLTExZTZiODc0NzI3NiIsInNpdGVPd25lcklkIjoiN2QxNGU3MjUtZWM4YS00Y2FkLWE1N2YtZTU2MDkxZTk0NTNjIn0&_visitorId=undefined&_siteMemberId=undefined&src=72&evid=502&_=17014329518712&tti=2148&tbt=53&iframes=9&screens=1&entryType=loaded&lcp=331&lcpSize=21372&closestId=comp-lnrcn786&lcpTag=DIV&lcpInLightbox=false&countScripts=52&startTimeScripts=275&durationScripts=1895&mttfbScripts=28&attfbScripts=33&cssResourcesScripts=&tbdScripts=921241&countImages=3&startTimeImages=2154&durationImages=197&mttfbImages=0&attfbImages=6&cssResourcesImages=&tbdImages=1881&countFonts=5&startTimeFonts=276&durationFonts=38&mttfbFonts=41&attfbFonts=35&cssResourcesFonts=&tbdFonts=108444&duration=1557&ttlb=197&dcl=382&transferSize=123786&decodedBodySize=657591&pageCaching=maybe%20CDN&isSsr=true&isWelcome=false&btype=plugins-extra&bsi=2f4e5371-b483-4ab7-ad4d-f6a4f0b16c27%7C1&ssrDuration=659&ssrTimestamp=1701427580479&isRollout=false&isPlatformLoaded=false&maybeBot=true&cls=17&countCls=4&clsOld=40&clsTag=INS&clientType=ugc&analytics=true&_isca=1&_iscf=1&_ispd=0&_ise=1
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.0c93ca04.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en.krystalmagick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:51 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST
activeview
pagead2.googlesyndication.com/pcs/ Frame 286E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLOuOXwrwliN82FyGzgBNfop6aKMFkc54QlUlwyVGlgEeO-xU1mhd9ozJCBuvOaglMyP8e1CxYtM_dwBodzS7DbrttiWLdz86YVGhTkNgEPjRBRqGXkKWXP2_tVHOXWmzbc6T1G2Z7jwGL&sai=AMfl-YRSDgqDfdflfrHae5nmdzSIh1hn_9I23OpHzBw6W8wNyOYeyuwk5kmFb1BN1oztS7JDBbAu2xlC90H7B2vOsCoEF-V9jakL4PLQj-sK9Qq8KawuKUsGyM-3h0NTawU-gT5dz9TxWQ&sig=Cg0ArKJSzBoXH5Lw4l-jEAE&cid=CAQSOwDICaaNyJr3klyVC7IuDK-vIQaVBzVFrbErILMpgKooEcOQe8nGMrK1nB2e6oihsPDv0DnYtXi7ifNtGAE&id=lidar2&mcvt=1001&p=0,0,280,964&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2988518773&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701432950363&rpt=693&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 12:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 056D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3001504312034745&bg=!39yl3JPNAAY3kmNgF5I7ADQBe5WfOHK3kmOZICxeU4buMlO4vd_4QK6Sm7MSbOUt72ew9hj-yOpSjPtyaXHWS7Cd4QL-AgAAAINSAAAAA2gBB5kC7fSi7SXD5S4tBMH85rLhIzqaiuKMDxDZKc4N_g7XGp7y-RBnmOEqS1Xl32uP5A5h1cqLHeppavGKBoV4szpAhE3QdvVbLKsdQfTUEcT5Ldp1rUzPPN8WzBaUzSF4iShNFfazKSRI85qhlH7okJv0O6wLa6xr9fsNxn3GpqGufUL_fxQI_Un36KLMuvw3LwgiHW-eAGFmKPjYigQ6qh-Q96mnzUSuxifbRhltHSKLUDMFMJKRmbEo9pOz713zG0X1Gf-5GLA9LZt2GJsC1G8S828rWUa0nLE807BcgPP4IltLAIg2mW4B58pNJ48nbIraTQvVTx7G5-wo-YMKinPm0rx7y6P4viSrSCRdac30hJ2JEn7sO5biTNWgiMNfClgAptu_IqJhjfnBe3Zv0wRzxfm2ac7tfjhSOwvMhVD-DzfwEYgWKbKmkGeYcP7UOna_NpwQvEQZnjNsQF0ey5W-_dpmD5A1-R4dheifHpEvNbQFJceDBCigWp83Q18dBCRXqdSoxsLA_X9s4mD-Ol_ELhry5UYXICxy-b-qNRkAZAkLdHvFOJp0b_cWrVZAzWkQiYEodyDX8nQJgfL0zglTNc10EVez-3vHXBSCLADH-gcIe9PxVs7WSzJ_NIPWsoJvspVk3KvIcZk8Rwj-PBij7kdhRTOGVk70H3XtGEMcD1npCgcVFYj8emMeJwbCYOEA-eZ3kf-wF-a4qtfkFQwKRN9W_SectKpnOBR0H3jxfaRmpo-AVJVRLDsMo1FjXTN7AF1jifbq78dwMWesD-fONt4-T-WfjzmoqA-isJj8yGYo1s5eW04LewXtG52iM_U5zKsOLHN8Xtauj5JZKOyOsy6pVsH-OjT6NJtHPSMHAGiceD04415d7FN73gfel6iqNZ3Vbu3y0PuDJ0-YFzwBqLtWpxM2y_hThfe549OaM2i3y6tngPp04N-fyoZET2Wn-YtyfLBC_VBTDiDkrQ-VZqeXZawDJAlHjGL2ua5_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=2393292951426304&bg=!RkWlRQrNAAY3kmNgF5I7ADQBe5WfOAStzDuFD75VjS08aKVTmJlWA8rqjvE582-MxUUlJMdQg56sZIRRPB5zKgRgnFaCAgAAAKtSAAAAA2gBBwoAEdwHscnHmzFGD6PfdH34Zp_8mQLpWyiRjRJRlbRbni81tXDVikXQuok6v-uvCNP6rBnm77a__ruM11NakETxWv476xpUsypncSsdQGYnCnE5R3GTWdd3icExF_A_Rx5-sVGJVHoTfYgw83SyQxe69FS6mluPwHTBWYwLy7p3y0PrJT37J5N8YTwtQZQEOQiku5kGfhhS6j_brt-MkWzFgaVD0DAaRmHWcuxvx7LDnG1oVWTiXcoPeiBILFHE7-V7d5L_Eowx3KFuKvy27Txu_TPbeK7pQLpZUeHySjckMBdip99yEhi9bAS25FAa28ioXuxAtr-GQNSGF-1V0r_UFo-rhgdR2GitDL847eRttgvOxdVoJEIfPJEiIb0PmjNfFpehKxGJ6toXR3pfQ06A7pPNpju_PizNpWMI0W5DrFi_fUy0ButP39s2yt4aRuws9XG3lF2g4FgymxuSDdbZU4d_VMy3WuZRArsMTT6Xgq9ZcywiSrFBPUCnGBjk1-55Khpedu-opdatdoVWkbxMkYv-kokXJP9AcCcmjqjTSw6hBfPKgwH2pFExqfAGI0vTGneUwyXKw58ERzHJKzX45OFeViMeunAonVyXC-MSZYYOu6dSB_KtDH2LSdhBcIo6LByAu_cxUcPMjk5kNz6mSBlB18OzheqzH6zTCf74qDP6yCow7_MYY3sF1WZV5M8IzSCrj3VHDOQIWxnFDu0mpUAk1QDD-0TMOCtxuiFSoXSMMnrtUfggXiNzcRcokUgrpwrzzyEQHCFPPgDa0TpieNhN9oLHDYbrlkEfIgpUMskSkE3wxL9k-m2BJhaBPjTbfVXQCBVbMtdS5wl9_07lR71VkBKFOHpkdFEvi1SZ15mAmV06bX0hwaeOs_iYDdtHKYrvImPg_J5l-8GWKzHgbWZapz20n_xJcPDAciaKsfKtfeF0g55AUWAV20sheisITwZFM89YtpS3kchHw9l5JTw0sznrkE6yWIKSempJnhlntvjhI5e3ukaOTZU_Dg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://en-krystalmagick-com.filesusr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
bpm
frog.wix.com/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://frog.wix.com/bpm
Requested by
Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.0c93ca04.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.23.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-23-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://en.krystalmagick.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://en.krystalmagick.com
date
Fri, 01 Dec 2023 12:15:52 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture object| initialTimestamps string| thunderboltTag string| thunderboltVersion object| fedops function| e function| r object| viewerModel function| fetchDynamicModel object| dynamicModelPromise object| commonConfig boolean| bodyCacheable object| exclusionReason object| ssrInfo object| webpackJsonp__wix_thunderbolt_app object| fastdom object| customElementNamespace object| wixCustomElements object| __imageClientApi__ object| Sentry function| resolveExternalsRegistryPromise function| resolveExternalsRegistryModule object| externalsRegistry object| ReactDOM object| reactDOMReference object| React object| reactReference object| reactAndReactDOMLoaded function| _addWindowMessageHandler boolean| clientSideRender object| bi string| firstPageId object| wixPerformanceMeasurements object| wix-perf-measure object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| _ object| longTasksPerformanceApi object| consentPolicyManager function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| wixEmbedsAPI object| wixTagManager object| wixDevelopersAnalytics object| gsapVersions function| gtag object| dataLayer object| promoteAnalyticsChannels object| rb_wixui.thunderbolt_bootstrap-responsive object| rb_wixui.thunderbolt_bootstrap object| rb_wixui.thunderbolt_bootstrap-classic object| rb_wixui.thunderbolt[MeshGroup] object| rb_wixui.thunderbolt[HtmlComponent] object| rb_wixui.thunderbolt[SkipToContentButton] object| rb_wixui.thunderbolt[FiveGridLine_DoubleLine] object| rb_wixui.thunderbolt[Container_DefaultAreaSkin] function| requirejs function| require function| define object| webpackJsonp__wix_communities_blog_ooi object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| google_llp object| GoogleGcLKhOms object| google_image_requests

41 Cookies

Domain/Path Name / Value
en.krystalmagick.com/ Name: ssr-caching
Value: cache#desc=miss#varnish=miss_hit#dc#desc=fastly_g
.en.krystalmagick.com/ Name: hs
Value: 825999380
.en.krystalmagick.com/ Name: svSession
Value: 2191ec526ae35ccb0b90c13f740381747d02ba1ed800d9aa155da43411f8eb355883805c4dd08ed47e9848780fd3f2221e60994d53964e647acf431e4f798bcdade6c205004cf9c484a391f41f7e54e4cd7b3586dceed2f76e753b6e2948de97cf357211a1cf6fbf51101f3953f55464d48985211e6ba8d261576d67d5cc5888e2446c0edd46ce4676e30355e30a5ef8
.en.krystalmagick.com/ Name: XSRF-TOKEN
Value: 1701432947|_20QKJaYQgcS
.en.krystalmagick.com/ Name: bSession
Value: 2f4e5371-b483-4ab7-ad4d-f6a4f0b16c27|1
en.krystalmagick.com/ Name: fedops.logger.defaultOverrides
Value: %7B%22paramsOverridesForApp%22%3A%7B%22shoutout-react%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22shoutout%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22transactional-emails%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22shoutout-lp%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22shoutout-analytics%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22shoutout-unsubscribe%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22wix-emails-viewer%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22shoutout-regions%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22te-smart-actions-widget%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22shoutout-composer-sidebar%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22shoutout-moderators-bo%22%3A%7B%22is_rollout%22%3Atrue%7D%7D%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUm9m2MsAFvvKz-IygSKJEqrf6Osapf_Zhg5ykwXCGuiCizeo3QNXIsBcdfa
.krystalmagick.com/ Name: __gads
Value: ID=bb64aae2032a546d:T=1701432948:RT=1701432948:S=ALNI_MabBsv6tZxXZ03C2MPeOI36gjbreg
.krystalmagick.com/ Name: __gpi
Value: UID=00000da4f9c26ea4:T=1701432948:RT=1701432948:S=ALNI_MayPUG-0tUjmC12e4-5BI0ZkMMWwQ
.casalemedia.com/ Name: CMID
Value: ZWnOdXXrNXMXsdhPIIfIBgAA
.casalemedia.com/ Name: CMPS
Value: 1326
.casalemedia.com/ Name: CMPRO
Value: 1326
.krystalmagick.com/ Name: _ga
Value: GA1.1.2137318846.1701432948
.adnxs.com/ Name: uuid2
Value: 6944708016851764553
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlgpMKDo!]tbPl1M>e)ZlrFUfJ+tGXxo7<[)`MHJLzg:%5yraV1yAa_aL'Q<:d)gC+$E3If)y3KL9D3I?+bovf[o
.krystalmagick.com/ Name: _ga_P5XVKGG5WX
Value: GS1.1.1701432949.1.1.1701432949.0.0.0
.doubleclick.net/ Name: APC
Value: AfxxVi4Ls6rKEwX6rXP0FbCjM7YRKMk7Fq43cdZ-IfvE9Y7-984GAg
.googleadservices.com/ Name: ar_debug
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWnOdgADtPdWnABU
.owneriq.net/ Name: si
Value: Q7547193511618391950P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.teads.tv/ Name: tt_viewer
Value: c1b505a3-7f49-4d42-9e8f-f34f8b96a584
.dotomi.com/ Name: DotomiTest
Value: 615629f6c7ca140f
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCD3nKerBjABOgSVjvJGQgTOYnQT.%2BgiwZ8wxPOdjJdvyPGZQno3981uZCMETGPZPIcF3Vjo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCD3nKerBjABOgSVjvJGQgTOYnQT.%2BgiwZ8wxPOdjJdvyPGZQno3981uZCMETGPZPIcF3Vjo
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A7959055765440952341
.quantserve.com/ Name: d
Value: EHUBCQHHKoEA
.quantserve.com/ Name: mc
Value: 6569ce77-2baf5-9faec-3c8ed
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.adform.net/ Name: C
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: MWVkYzM4MmIwNTFmMTg5ZQ
.w55c.net/ Name: wfivefivec
Value: zNnAqpz61R92qX5
.uuidksinc.net/ Name: jcsuuid
Value: PJclx1bAPXQIEuJ3O4GG
.adform.net/ Name: uid
Value: 7946101963222552138
.w55c.net/ Name: matchgoogle
Value: 5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
en-krystalmagick-com.filesusr.com
en.krystalmagick.com
fonts.googleapis.com
fonts.gstatic.com
frog.wix.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
pm.w55c.net
px.owneriq.net
r1---sn-ab5sznzy.c.2mdn.net
s.uuidksinc.net
s0.2mdn.net
siteassets.parastorage.com
static.parastorage.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.srv.stackadapt.com
sync.teads.tv
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.65.230
142.250.72.98
142.251.32.98
151.101.129.91
151.101.130.49
151.101.65.91
172.253.122.156
172.64.151.101
174.137.133.49
184.86.146.172
185.167.164.39
23.51.57.155
2600:9000:24f1:6400:0:7dcd:9780:93a1
2606:ae80:1451:17::1370
2607:f8b0:4006:15::6
2607:f8b0:4006:806::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:80a::2006
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80e::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::2004
2620:116:800b:21:c1e8:5385:5098:6bf0
2800:3f0:4002:80d::2003
3.231.23.212
31.220.27.155
34.149.87.45
5.161.204.250
54.210.168.168
54.221.120.232
68.67.160.114
74.119.119.150
04cba17646f3dec2e89e63b3d8b057a111b21505bfabf81481a817351c7b7035
056810a26bd9c47c4be873a3597570be400074f7305e4c621c2947d4c1f3235d
064a623be16004d0d562e940e71e80a2f88b8ba908c0a0c211642db03591655a
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c97b4fd610e1a33b23b8731a314b6c1f4a98daa5de7cbd55637b5e5719c4b85
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11610771e78fa5aeca50691b17f79157755f2df50787c5f585e3079b317b93d0
11b6cc08aae07278a1b04dfc341ef216e762daba18e3ef0156b105421cf5b27c
125004c2f74bad2da43229f2cb6898faf09a60f92e3aac2feed577a16edd5829
1405e04ca5acfb3ddd7eac24d417ffbb69a226f7714816253b58625d05f3d86a
14d31e4fe7492568397f464521aca05afb6030ac6dc64a1fd2d3883d95a7d3e2
15c16908f12a3e99756a6448d4cd78269f09fa99ca45d43921c63bccf4db099d
174984fd5a84a046a0293aff5b72fc285d64c7cc5255f7007f0452c82a02d325
1a4c99d9bbd7b858e388b892d2afc5e2cbc4415c2a7aae78da923b320f5bb573
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
200ed9a8cd6ee9c2420d2cab03a9f445296a309b80c0abf0fbbbcf2b4217a180
23d35d1fbdfb79d2dc1f8cb43ddd41b0885f5bb55057ea53b83c32eaad3a7b9c
2564d8cbcde740e207e10b56757cd2762832a50489a1c319100132553ae8ba0e
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d70a0bdba33ad41875016099e878d11f6a5d93762c50e3fb75742cd25ca86cc
304f1aa5ba30cc12caa47c5ef42ec5c55522ebc1c4fb7a9ff277c61b0b35fb00
30a6463eada75fa12b521af9389560c5405310906830a04fd4432e2ab141c0a1
3103996562faf5430c62ec598d8e717ca8751cc14a1d9b668751f7ead60d5222
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38d8745b509afb6644ecff4ab9d2e41288f8b42c984120964a86e448a30f4df9
3b48fa8e9151004249c274ae7595409030dbbc11c5353bf905624d0d9122dc17
3c623b5494cb657bed8ac695860daf590697e50b8495964bd89c9087d86c5133
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41599d746af4d6097c5448fa20552132fb0b12065fbbf586123c2460232731ed
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4792633dfe283d3fdcff9826daad6daec90055d90004d411dc58241fb2f9d6a0
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bdf73d4a143a1079d1c4f68163291a06b3a1b772393abfaf36d013198be18c4
4c2a0cd1a164dc3d85bb7ada0d5b08a7c6b41caef5fb21b03a1fa2953003f9ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff37800845024456756c5a39ad1c0c47c400c31e69940bd94014f7589b8f326
5556205d245b9becc81725d12346610e27710c5f92e1b7faeaa07553f221552b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57195dc7164b6fefd0b7a709822ebbe4bf229928df2026b36886248c7f4ba53f
588f719c5ed3c2405105beed213eb413263c79f1132376a8abc0b4374c3e5cc2
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5e82ac4734cc1d051270d77b520cab583e872db0230e938114aa38f9da1ee994
6087db99f0b5734c52f47e37518bc9561f2b23c80e4ea9ccdbc28a010ce0024a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623ffcb3b6b0d92389096753ec832901cc4249a8007905cb6f7aa65814d24132
63f71023f3b6b9f39f7133f47c40bac372024142a124856036eb4fdc44e7364f
64debc7ec6f54bdd0d56789e035f157dc81908ffc0eab3a197a219407cf19ffe
65b4c43dad09bdb044c2095174f9372af641ab965ddb39374112ec7031b33585
68699fe8348e5ce7f40e4cb73ebca8d0273d3d99d3e4111768d6fc0b9f928144
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6f869f5de2f4e36edfbca858d90d68fbcb469d675cb2acd10f931dc3fbea0fa6
70ce13c80a0477d869bd31760b537e2398bb0b2d061510c4826a48cc399dbfe5
7128f66c1a6dc3ca6222cf528c28e3ffd31e937a944ea0e56e491204def39733
72d3f4a5ba5ca65acd08f94731a6bf80ce71f92af620c035af84e0b6e6b09f54
77f28f3e68f1aa57497d5640860df98bfff02988fdb3572bcc58d891f36d88c4
797c9f5dc2e2767952612967c275b966298dd6a43f8ccee7bad15f3fe7fc55ea
7dfeb0a7c65fe0b76617b2d3984ce6466012db18c4467b92b8406af179e800a3
7f458769c771f2ef21c8ce87e08971e487078b9379f1c92886f9f4264015fcf9
81c0ae98ae4be6771313b595ec953d889f9cd2513fd5d473f3d5db2b00451d64
8406d0ccb23d146b4a4d9fd43dad2a9c5213be371fc5d1c7d67849c6628bd4d6
84582e9a340e6504e58f083a0f701e28a0e86df7c81d27ca0edad54e6844bde3
882fc549b691097da943b2a10070952919b1ec5a6018877409acc0d317c75ad0
962326337a4645b580c46696a4558c5d1f03668613836d921d95473e39df660a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d3cad6da04d70dd53eb1e06495a8e27f44a972e3cf7b93ac558580d461fd599
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3f0f7eb8ccfb89b902c69d4afd7d2dc0814645f8e6bd95256b432c2cd7230b3
a42fa5a9ee1b926a07d8b932427ec9a2ced510facd2e7e2a2fee5ef427fb259c
a4c40c6009d9d88cae61e457822bfad48cc7d64db6143cd8b1074202aa72f98f
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
a8a42e4f3dd14c51c2ec496d615f5754ad4d3f8f172346c36c2ca3f89d9df553
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3030dafbeb5a3dd4636a9d3e15b7affa1ca86c946df408ab0f2a504ecc6d997
b3690e0f91d39036bc6030bf5838b275ca3f3e2efc6b53b5907efbcd4a4e3bda
b64e86e941cc14c1a001fcbd277ae8415afc54320549cddf2f583e97feb6e999
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b6fa4195e3358205c0d2e88b7a6b9307e585acda52d62db49d346aa88e3071cb
b70ac3d04efd2b20fe31682d747b98ec6bd70d2b58d872107a1788eb7ac7a254
b790d5c543466ddf7faf3e2dd42b971c3bb5687ccd414b8e122b41fd2ec196b8
b9860951c57ca2abad2bbcfe243b04c29d3c5328a326f1b89209abe13f78cf79
baaa4f6d37f424694baab029e9b2ea0b322cadf5f8adf56b9347772a5f69020d
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bbe8dcc7b560754d0e67ea62a24e22c5b4e2eeb08d9c3bfaa3ccd3f169b3eabf
bd9885cb2cb1ebb67d96ef927f1e6286ecca16539e16c3dd29a3e5e82a7410a1
bddf67cc085cf58d8f877fd2f97d9c65dd77a6600a4887a62dd432cbf302c9a4
bdf793e28bf946ce6c598d7913af1a45542d89caa7ccccca94d8bee17400d562
c4257bedb8bc12e94a5f19311b4f7a4b1f38d01807dbd2ff6952fb0bafc32768
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
ca3396f3825bb4251ac34b999ddc5f589ef860b95e3667d57ee26e3061503ca8
cd6ab582120b590ced2e9ab7e535882de12127724bb3cf99576ec1e5f32f4ed4
ce37d8b8f06b92ba8e0378709ae4a723672ac482208da74fc8c66b4d581e1b07
cf2acd7bd94a32f5383ca07d5d660eb943b68f18f2bf0c458881669c427ff250
d0e6054d7b47b8de059e88c419a16a3e745e038b05b75af9d57c2e8593bd1d78
d3c0fbd155a9ccaae25d79211b396e2352e117789e60b6a0532a4c7e06d574fe
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8
d66866f26f4cbe8a9a6ade4046febb2129f6a6c3c5837a22a13377291b5dc747
d8f918db1c454d1e1d9363045d0853cf1c5a61c3edee614f724d70bcc3c8c6c7
d90c6120fcf9983966427aabb958b051608d7ee99a8308ab9d92462ee217981c
da0971e3fa55251074c4d58a9e7bc669683217da11cfe08a3a57cc47d02b60fe
dbafbc8362375463324406393d7e956969a80e6d8aa152af7188cb6e48ac4105
dbe49e1b084d0e9414aa0af59e4353e6627c2e11e4adfea46e8cb1437bed61a4
dd76419d50dc3b85c73a1f4b8fbdf7ab4aa98a09e9ebe15ab8d90cd01cfd1b66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6464d6639c08f5dfb6af4763d1271a2bc7225f76c622c82ebd0cb427af48388
ea2254988b99dfd6c13142671f111027c061b2158485a0333f8eb673fcd5b474
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edbe30dfafbb914c4c35c54ef54af14648658a9f33864e9862924287e23e6da7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00f00f5a802c3de445678f3ca9e5e3c7b0d68dfb4067adbfaf8b39356259f28
f10288136e462405e0bb3e8030c214b1f8343a84e8e77765e0ccb82c1917d523
f27317178516d5f04969a5a9e3697468dfc2f694cae97683636f7968fd6a1b2f
f57713920154b2612094ff9bafe2d79d0e9ad439e4c9d69781f2359155cfd937
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b2854eec8fac48964da257b70b229819a77fc9341330e0a44abacbf83ea2f1
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fedbf70125e3cf328cd0cf21b8ee2929897936b60f1ec4e73331c73bdcc30ff2
fefa9f00668720df39f013b8fa87f9d43f48863260bba6367ff060e83900d951