www.novagenesis.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.novagenesis.shivtr.com/
Submission: On December 05 via api (December 5th 2023, 12:17:29 am UTC) from US — Scanned from US

Summary HTTP 92 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 19 domains to perform 92 HTTP transactions. The main IP is 45.33.21.148, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.novagenesis.shivtr.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on December 4th 2023. Valid for: 3 months.

This is the only time www.novagenesis.shivtr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	45.33.21.148 45.33.21.148	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
14	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
3	52.217.165.248 52.217.165.248	16509 (AMAZON-02) (AMAZON-02)
1 11	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c0b::5e	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4004:c06::84	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
6	23.193.217.21 23.193.217.21	16625 (AKAMAI-AS) (AKAMAI-AS)
9	104.125.88.24 104.125.88.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2607:f8b0:400... 2607:f8b0:4004:c1b::69	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
1	23.37.123.169 23.37.123.169	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.55.235.225 23.55.235.225	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
2 8	142.251.167.156 142.251.167.156	15169 (GOOGLE) (GOOGLE)
1	2600:1f1c:a99... 2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2	() ()
2 2	54.163.200.175 54.163.200.175	() ()
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3 3	35.211.178.172 35.211.178.172	() ()
2 2	52.3.97.218 52.3.97.218	() ()
1 1	31.220.27.135 31.220.27.135	() ()
1 1	82.145.213.8 82.145.213.8	() ()
2 3	2a02:6b8::90 2a02:6b8::90	() ()
92	19

7 45.33.21.148 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li975-148.members.linode.com

www.novagenesis.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.shivtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.165.248 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c07::9c (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.193.217.21 (Philadelphia, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-217-21.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.125.88.24 (Seattle, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-125-88-24.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::69 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.123.169 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-37-123-169.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.235.225 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-235-225.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.167.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.163.200.175 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.97.218 (None, ) 2 redirects

ASN- ()

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (None, ) 1 redirects

ASN- ()

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (None, ) 2 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	440 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	118 KB
15	media.net contextual.media.net — Cisco Umbrella Rank: 665 warp.media.net — Cisco Umbrella Rank: 2561 lg3.media.net — Cisco Umbrella Rank: 6606 hblg.media.net — Cisco Umbrella Rank: 2037 cs.media.net	158 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	75 KB
7	shivtr.com www.novagenesis.shivtr.com static.shivtr.com	221 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	758 B
3	yandex.ru 2 redirects an.yandex.ru	980 B
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
3	amazonaws.com s3.amazonaws.com	852 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	akamaihd.net pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 23105 qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1939	43 KB
1	opera.com 1 redirects t.adx.opera.com	676 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	294 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	539 B
1	quantserve.com cms.quantserve.com	463 B
92	19

	Domain	Requested by
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.novagenesis.shivtr.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
6	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	static.shivtr.com	www.novagenesis.shivtr.com static.shivtr.com
4	lg3.media.net	googleads.g.doubleclick.net contextual.media.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	an.yandex.ru	2 redirects
3	x.bidswitch.net	3 redirects
3	hblg.media.net	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	s3.amazonaws.com	www.novagenesis.shivtr.com static.shivtr.com
2	ads.creative-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.googleadservices.com	www.novagenesis.shivtr.com
1	t.adx.opera.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cs.media.net	contextual.media.net
1	qsearch-a.akamaihd.net	googleads.g.doubleclick.net
1	pxlclnmdecom-a.akamaihd.net	contextual.media.net
1	fonts.gstatic.com	fonts.googleapis.com
1	warp.media.net	googleads.g.doubleclick.net
1	www.novagenesis.shivtr.com
92	28

This site contains links to these domains. Also see Links.

Domain
shivtr.com

Subject Issuer	Validity	Valid
www.novagenesis.shivtr.com ZeroSSL ECC Domain Secure Site CA	`2023-12-04` - `2024-03-03`	3 months	crt.sh
static.shivtr.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.novagenesis.shivtr.com/
Frame ID: 33C6EAF34E77ACEE5CA9F122D2861225
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 13D01FA4E8A714A684F0685375617C82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1701735442&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441982&bpp=5&bdt=851&idt=156&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4432353060727&frm=20&pv=2&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=213
Frame ID: C3EE715B73EE41E41271753DF9C8718F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=670858179&pi=t.ma~as.2876344136&w=728&lmt=1701735442&format=728x90&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441987&bpp=1&bdt=856&idt=217&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4432353060727&frm=20&pv=1&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229
Frame ID: A784DC13AC3F7AB4BC05FE3D0CAB4480
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 72636D24441DD18342488F97490233CE
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5F0269A75174EF87D49C03036F68149C
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B7276EDE7110D6DF177BDB3E20957BBB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 81E449501AA2278E449F90E53C14C2EB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 659F82BBEDC6E729B947523434A91139
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 1A5AC05D5B109056EEA7533968A4EAD4
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2819&&kkdd=3u%7Cu%7CHn9A*3&nI=TMgTM7255522ssU5(Ts&Nf0l=g&Wv08=g&ufn=TT(M&Evu)=w77s&uIf=syGMeMMT6&u0uf=eu~N!dAPR96A*TRRrll9uq%3D%3D&ulIf=27UUss255&vI4)=M(sdFg&uu=G1&vu=XD&ucaW=vWWRWINl8EI!aRE)vE&0If=s.LC5-QMX&E0If=B925U1F&cEE0v=T&lll=E4CrcwuHrws.DENET5HE7~C8155N*QEPr(7HjaMoitiHkPXk*lEE9N%3D%3D&av)=2&Hq=T&PNf=5&8fET=syGGF9jsV&8fE(=s7F(ssU57&Yf8E8=vf(%3DaPHHOIPlHRH%3DTgO!N)l0W%3DghTsOf!WRY%3Dgh27Ovuf%3Da*Ol8)%3Dg%2CgOf!WRH%3D(gOnH(lRvf%3D(g(7T(g5T(OIPlHRY%3DF2sh5sOPlHREbu%3DgOPlHRl(8RY%3DgOvEf%3D(Ts5sgFTg2OWaRY)cRY!!vE%3DghUMOl8E%3Dghggg%2CgOI0%3DTF95B.8Y0ybZITnyxYG24(OiYY%3DT2OYcRIW%3DTUgOlII0P8%3DTg2%2CTg2Olu%3DTOlIvPIf%3Dg%2CgOl0vRvf%3D(g(7T(g5TsOl8fn%3Dghggg%2CgOPlHRY%3DThg5OnH(lRPlHRY%3DgOvWWRql%3DFh(sgsOPlHRH%3DTgOvHn%3D(7h(sONu8E%3D2gTTUTOYY%3DTFUOvWWRWPH%3Dghs7O)l0W%3DghTsOnH(lRPlHRbu%3Dg6gO0vIRu%3D7%2C7%2Cg%2Cg%2Cg%2Cg%2Cg%2CgOYW%3DTO0vIRf%3DgOlb)%3Dg%2CgO870RY%3D2hF7%2C2ThU7Ovf%3DTOPIf%3D(x8tHcA687EH7F2-5)OunH(lRY%3D(hTOYEf%3D7gMFMTMU57(2TFF(TFF((sTM75F(55g5FUs5U27257(sF5FggTU(57Ug2gFgFFTF25sgMTTM7s5gMg5sM(U5(s(T5(g((g27F(TTMMUOPIW%3DgOlbE%3Dghggg%2CgO!Nf(0RY%3DghF2Ovv%3DXSOuu%3DG1OPIq%3DrTOu)%3DgOlun%3D5Th7sOyx%3D7g2TObYRPu%3Dr(OaEv%3DTObYRuubv%3Dr(OuE%3DYPii8H!OYvvRkBQ%3DXS%2CXSOY8vIv(%3DTFUOY8vIvT%3DTFUOYcRvf%3D(g(7T(g5gTOfu%3DsOnH(lRY%3D2hF7OEE%3DgOnqR)du%3DghM5OnIvRvf%3DTgsOPlHRl0vRY%3DT(h(5OYcRu!%3DgOfu(%3DTOnR8va%3D(g(MsOH8vE%3DOun!N%3D(hTOnIvRPlHRY%3Dgh5sOnH(lRIRvf%3D(g(7T(g5T(OnIvRPlHRH%3DgO)E%3D(MOnH(lRIRY%3Dghg(OnIvRY%3D2M(h2OnH(lRPlHRnI%3DT6rTUOPlHREnI%3DgOnn%3DgOunH(lRvf%3DTgsOlin%3D5Th7sOH(lRY%3DTgggOvWWRvf%3D(g(7T(g5T7Ol8f0%3Dghggg%2CgOvIf%3D27UUss255OPlHRl0vRbu%3DgOnqP%3DghM5Of(0RH%3DTgOunH(%3D(hTO70ui%3DTggghg2OfWWRvElN%3DvWWRWINl8EI!aRE)vEOf(0RY%3DghF2Ol0vRY%3D2ThU7OPlHRvl0vRY%3DT(h(5Olbq0%3Dghggg%2CgOlbqf%3Dghggg%2CgOIvC)i%3DgOIvIi%3DgOPlHRl0uRY%3DgOYIf%3DghT2OPlHRl0vRln%3DgOuYf0%3DghT2gOvf%3DTOIE*0)RIf%3DTMOv)HH)lRE8NRIf%3D(Ts5sgFTg2OvP00H*RE8NRIf%3DOf)E)uE)fRE8NRIf%3DOnI)q8YIHIE*%3DghM5O0!v%3DTO8uRE*0)%3DTO8fYHb%3D(Ts5sgFTg2O8W0%3DTO!NYIf%3DghTsgOYiHl%3DghgTgOvPIf%3DyS616VK7)9DUN6B95Wx0ZAR-g-!OfEu%3D)8vERvuOfWWR)l0W%3Di8Hv)OfWW%3DvWWRWINl8EI!aRE)vEOYf0u80f%3DgOf8HN%3DvWWOvNWE%3DH!aNRE8IHRc!W)08N)Ru8Euc8HHOv!Y0%3DOdIf%3DSKpr0PYr(7UMTgsg5s(sM2T2OcEWH%3DTOvWWR80I%3DnTOIYu%3DTOav4%3DTOENv%3DM(sdFgOYvY%3DgOYv0%3DgOEWd%3D(52&aEn=g&WWW=8oysyNF558dSAoKP4t!KR*ML0-AtfYL6bHieftJrF2g%3D&Iq=M(s&Iaxil=T&Yflxf=5Ug&YIf=75FF(g&Wui=UMTTF&*fv0l=T&Y8)=Ad)Ad%2F5)X%2F&b8E0l)=T&u8f!W8Ia=E4CrcwuHrwrV1cX5(rPPifa2Lpc(IygXU~f7(*5x1uZ-LVZRb*Z!4N%3D%3D&*0H0=T&IvIf=2&8fn=xan)vE!l%20j!uPv&vvWulRn)l=2&0NIf=0gT722Ug5s22E(g(7T(g2ggTM&vvHf=%7B%22vvI0%22%3A%22(Ug(%3Aiius%3Aggg(%3Agggg%3Agggg%3Agggg%3Agggg%3Agggg%22%2C%22vvuu%22%3A%22G1%22%2C%22vvvu%22%3A%22XD%22%2C%22vvuE*%22%3A%22YPii8H!%22%7D&0)li=T&cEWHvlu=T&sflct=3761804&ure=1
Frame ID: 60AC2C82C53124FA0BCFB37509FA7610
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: E5995236B2B050FC96D99494E0D0B865
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5E837B64652F94FF60765EA379586E9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 0B9BF505497FB84458BBB73C18D46F3A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C63B439D4CE0872F8A09083BE8777D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80FB07B32D7B9F8FD82FAC1E1DCD17B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nova Genesis - Out of sight, out of mind.

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

92
Requests

91 %
HTTPS

42 %
IPv6

19
Domains

28
Subdomains

19
IPs

1
Countries

2102 kB
Transfer

4582 kB
Size

24
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://shivtr.com/
Title: Guild Hosting

Search URL Search Domain Scan URL

URL: http://shivtr.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://shivtr.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://shivtr.com/legal
Title: Legal

Search URL Search Domain Scan URL

URL: http://shivtr.com/security
Title: Security

Search URL Search Domain Scan URL

URL: http://shivtr.com/help
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 53

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://googleads.g.doubleclick.net/pagead/adview?ai=CKdyrEmxuZd-YD63PoPMPp46p6APPpPuUdMzH8ZyDEtrZHhABINigpgRgye6Oi8CkjBCgAfOP-6kpyAEBqQKCrS7YQCuyPqgDAcgDywSqBJcCT9DZIraSEhUgU_c-YeAVBTzarnWO1Tr_CqfBlly68N0XjFnJB1bl6o_oqSRZuS1meuoP-SQUzReM1ZBKNXg3zbyG-7eo-gZaOpzULC3FVbHrWj2i_4UD1AS-aAcEQQU6ZPXZkci6NJjQdrnoW2zJAiz_858gYlKpeX2kENoeVzNg8cQxZ8FvETpE0aJwcf6TDZGh0WX1cfKO7StarOK0uQ0bXiSnPlnOLfmHY5c5f63PjF3qIUG3o91G031NYG1pQgjRjSPQGYmKReEhoXZwrPzOITUFVybccfD0JIdzLhj8LPXyWLfx8SHJHekUiFXvPi8eLE2gphk48zVPto-VMsiPwFh45Q2mNugzRsjXtWo0U8-WWYUjwAScvaS-3ASIBe2x-NVJkgUECAQYAZIFBAgFGASAB_PHy4kEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ0vUF0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj-v6XEgveCA5oJ5wFodHRwczovL3VzLnNob2Zhc3QuY29tL2Rzcj9xPWNvbW1lcmNpYWwlMjByZWFsJTIwZXN0YXRlJTIwcG9ydGZvbGlvJTIwbWFuYWdlbWVudCUyMHNvZnR3YXJlJmFzaWQ9em13X2NoNDI4JmRlPWMmc2NsaWQ9MC0yNDAxNSZnY2xpZD17Z2NsaWR9JnJhYz1iZXN0JTIwY29tbWVyY2lhbCUyMHJlYWwlMjBlc3RhdGUlMjBwb3J0Zm9saW8lMjBtYW5hZ2VtZW50JTIwc29mdHdhcmUmbnc9ZCZsb2NhbGU9ZW5fVVOACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2gwQCgoQsLG35_nWy4hVEgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMzY3MTA4MDQ4Mjg3NTE1GAA&sigh=7EhZulCuYOM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNmcR1dK_F9vnkd4nxFNfwIhKKy7kLwY_qm4IWWo0Xt6QdCWcuPL2dLyV9SsE8dwaC0C0asDcIAS8jVLhHVb81YWtW2XqzHBG2uSEYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x299ff20ecd89907e0000000000000000%22,%222%22:%220xbc74313476b8e1290000000000000000%22,%223%22:%220x7ce169e68b9453ae0000000000000000%22,%224%22:%220xdbd946c3b14282dd0000000000000000%22,%225%22:%220x7a854b76d91f2c1f0000000000000000%22},%22debug_key%22:%2210699764643089233412%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211283606033945246945%22}&andc=true

Request Chain 67

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ0NzM3MDQ1NjYzNDA3OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAq8dv9aPBIdGFEIKRfX2xQ&google_cver=1

Request Chain 69

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&google_cver=1&google_push=AXcoOmSVIGJ4j4Td_KG018xkG5xUDd7rwe3sff-b7dHZ5nJZeeH-XUhdL52JIboEU0bdMq5qbEUCNsxwYVDqoh0HWFWBbfJPsPGud4Ol HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&google_cver=1&google_push=AXcoOmSVIGJ4j4Td_KG018xkG5xUDd7rwe3sff-b7dHZ5nJZeeH-XUhdL52JIboEU0bdMq5qbEUCNsxwYVDqoh0HWFWBbfJPsPGud4Ol HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c2lIcVUxbEQxUmFqN1Q1&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&google_cver=1&google_push=AXcoOmSVIGJ4j4Td_KG018xkG5xUDd7rwe3sff-b7dHZ5nJZeeH-XUhdL52JIboEU0bdMq5qbEUCNsxwYVDqoh0HWFWBbfJPsPGud4Ol

Request Chain 70

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMil2jj76ym3gXOG-2k-qhs&google_cver=1&google_push=AXcoOmQyP_O1guWYcjn_FwsapiI0-iQ0q67y2keQVpjIinGvPxSOXDVkeIKorvD_1SSo_HzKpd91BDtvLVRFhR6BSuxk7gTna6CbN6I7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMil2jj76ym3gXOG-2k-qhs&google_push=AXcoOmQyP_O1guWYcjn_FwsapiI0-iQ0q67y2keQVpjIinGvPxSOXDVkeIKorvD_1SSo_HzKpd91BDtvLVRFhR6BSuxk7gTna6CbN6I7

Request Chain 71

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM0uoeO8twqWTRjxkCn1jhg&google_cver=1&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3VBH-J4nIx3OKtMtX4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM0uoeO8twqWTRjxkCn1jhg&google_cver=1&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3VBH-J4nIx3OKtMtX4 HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6279bb1e-41c3-445b-af60-8f0db26d85a9&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6279bb1e-41c3-445b-af60-8f0db26d85a9&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=f15cc977-bff9-45bc-aad7-d5a6984d9af1&ssp=google&expires=30&user_group=5&bsw_param=6279bb1e-41c3-445b-af60-8f0db26d85a9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3VBH-J4nIx3OKtMtX4&google_hm=Ynm7HkHDRFuvYI8Nsm2FqQ==

Request Chain 72

https://s.uuidksinc.net/match/47/?remote_uid=CAESEF6NpySVf58VLwgcxIxEus0&c_param1=AXcoOmSCp8CC67afU1xUZ72jrJ7SOQDwrxcdQf1J5LtIEpqtGtW5JtaFT5CjS8fjxq0ahOMNcV7aLRNKODJvI0OEqlJkTqHFwh_EqPjC&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSCp8CC67afU1xUZ72jrJ7SOQDwrxcdQf1J5LtIEpqtGtW5JtaFT5CjS8fjxq0ahOMNcV7aLRNKODJvI0OEqlJkTqHFwh_EqPjC

Request Chain 73

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTxkz5-HOE4OpKoAmuFoyJfDEqQVyV62gJScfbZ0Hs_oxG9sOSLZ_lG1cJO7WMS68Kb-ZGcHhCejLUZWnDA50g8l2JAvzCUa1oCqA&google_gid=CAESEFVBLh7GU3yJ7IZHM09T69o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVBLh7GU3yJ7IZHM09T69o&google_hm=T1BVOWM2MzQ5N2MzNjQ2NDJlYmFlMTUxMWU5MTcxM2ZjMGI&google_nid=opera_norway_as&google_push=AXcoOmTxkz5-HOE4OpKoAmuFoyJfDEqQVyV62gJScfbZ0Hs_oxG9sOSLZ_lG1cJO7WMS68Kb-ZGcHhCejLUZWnDA50g8l2JAvzCUa1oCqA

Request Chain 74

https://an.yandex.ru/mapuid/google/CAESEKCT-_Q98QHLzNd5U4Ze2Qc?ext-param=AXcoOmSJy-MZIOmVeVZUi3UKEW7MlOFT-PU1ZOJ1v6Pd_WoTJJOrQ1ST8obzu7dl9GU0uiWFZJtO8vx8vaSOWrTDHi2-zc00y8taJkIx&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEKCT-_Q98QHLzNd5U4Ze2Qc?redir-setuniq=1&ext-param=AXcoOmSJy-MZIOmVeVZUi3UKEW7MlOFT-PU1ZOJ1v6Pd_WoTJJOrQ1ST8obzu7dl9GU0uiWFZJtO8vx8vaSOWrTDHi2-zc00y8taJkIx&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKCT-_Q98QHLzNd5U4Ze2Qc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

92 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.novagenesis.shivtr.com/ 11 KB
3 KB 300ms
139ms Document
text/html 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.novagenesis.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li975-148.members.linode.com

Software

Caddy /

Resource Hash

6c92bfbcff3e6fdc127e7b14cf77d5ca14cd2c2e70053c09663074c13d3b977d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 00:17:21 GMT
etag: W/"6c92bfbcff3e6fdc127e7b14cf77d5ca"
referrer-policy: strict-origin-when-cross-origin
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 3a5c4fbf-3449-4f37-8303-57d490127c0d
x-runtime: 0.065070
x-xss-protection: 1; mode=block

GET
H2 200 guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
static.shivtr.com/assets/manifests/ 218 KB
37 KB 243ms
113ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/manifests/guild-dc2bc810ec06e8d0c90d72531a06dc285eec9409f9d88120e8b05f5a606674ce.css
Requested by: Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:21 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq4s2q"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 322340-1687776736.css
static.shivtr.com/css-cache/site_themes/ 22 KB
4 KB 187ms
58ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/css-cache/site_themes/322340-1687776736.css
Requested by: Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 2a14afd59068f8abd4ba1521dae83dfd9a2dc03c932eef81bac3a3fac17e783e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:21 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 10:52:16 GMT
server: Caddy
etag: "rx7vj4h95"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js Show response
static.shivtr.com/assets/ 608 KB
166 KB 243ms
114ms Script
text/javascript 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/assets/guild-518b27752212c843cdda21c5e01ffe7de2d0bd28f7100cd01bf329100e3b7457.js
Requested by: Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:21 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgqdcmv"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 155ms
82ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97db4c24409f1c547cb7e6f555157715bd8e6a9fce7616584a3cb2417b76109c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51697
x-xss-protection: 0
server: cafe
etag: 16237792358080696503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:17:21 GMT

GET
H/1.1 200
OK 132353.png
s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/ 1 KB
2 KB 177ms
92ms Image
image/png 52.217.165.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/s3.mmoguildsites.com/s3/favicons/132353.png?1434110766
Requested by: Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 17ec1edb6c24741e065bcc3cca86569b341a1998a53c02ed87122c140bcf9d75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 00:17:22 GMT
Last-Modified: Fri, 12 Jun 2015 12:06:07 GMT
Server: AmazonS3
x-amz-request-id: 7AH3A9SKAN2A7PGN
ETag: "b87f76d1f3250939121a32fc9400ace2"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1310
x-amz-id-2: XX5yKUxLjvwwRgGoIfX3MXWt+2KOo34cw/kba1kyO85fvxoMkRTaXfPzrZ2FjUVORkY9pKQ+qI4=

GET
H2 200 home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
static.shivtr.com/assets/mobile/toolbar/ 250 B
384 B 184ms
57ms Image
image/png 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shivtr.com/assets/mobile/toolbar/home-e4bd7164f7a26fa97379195030ab18fcc8c7a11a5ad318b4065f8e5166b3191b.png
Requested by: Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:21 GMT
last-modified: Sun, 02 Jul 2023 20:26:50 GMT
server: Caddy
etag: "rx6rgq6y"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 250

GET
H2 200 oswald.css
static.shivtr.com/gfonts/ 1 KB
396 B 171ms
169ms Stylesheet
text/css 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/gfonts/oswald.css
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/322340-1687776736.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 7391ae809651713b8793b54cd3784733ac6ef6d860d9d0f5744cd57218bc74b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/css-cache/site_themes/322340-1687776736.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:21 GMT
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 04:24:57 GMT
server: Caddy
etag: "rwy49l10k"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-length: 329

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 80ms
78ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd87155150c9d2eb909a72c934402d2146a8b360a98d51ac2e11ddf49b8edfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51692
x-xss-protection: 0
server: cafe
etag: 7381348330553259340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:17:21 GMT

GET
H/1.1 200
OK 2307710.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 294 KB
294 KB 111ms
103ms Image
image/png 52.217.165.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/2307710.png?1437182777
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/322340-1687776736.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7043b7b8002938339e2f031163be9b5f49f7f528e3c24a1abdb9cf1506c52c90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 00:17:22 GMT
x-amz-version-id: m4em6IhuyvzWnmU0oP2726YiSSDE3t4a
Last-Modified: Sat, 18 Jul 2015 01:26:18 GMT
Server: AmazonS3
x-amz-request-id: 7AHD02ZKC1C401SF
ETag: "ad2df6f68adaf9e3d3c163c8775b1ce8"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 300989
x-amz-id-2: 7rZXnoE/MOWnBDiPAMbQd60mClXiWPj28s6GzUtZSllXM+Nc3xGqf0voW1fxTmU4CFHOAz1AxJM=
Expires: Mon, 21 Dec 2015 18:03:16 GMT

GET
H/1.1 200
OK 2307708.png
s3.amazonaws.com/cloudfront.shivtr.com/theme_images/ 555 KB
556 KB 177ms
89ms Image
image/png 52.217.165.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cloudfront.shivtr.com/theme_images/2307708.png?1437182777
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/css-cache/site_themes/322340-1687776736.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.165.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 86954474e853bfc3537a8c247f974000cb5b09b854f244efcbe4dff5720f4975

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 00:17:23 GMT
x-amz-version-id: QTgWyj0IwcVvluL4JRO43t5t7Yr.jJJu
Last-Modified: Sat, 18 Jul 2015 01:26:18 GMT
Server: AmazonS3
x-amz-request-id: N2T3A90VXNA955KB
ETag: "e37a203bdfeefb7f0344f49c8a27ee45"
Content-Type: image/png
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 568804
x-amz-id-2: tzdfP6fXb6wwhCEIeBGtvlutTF408/o8DjqalbQsLJhpiTSyZnbCB9lMNDSSSpIBIyaA0p4I9Ow=
Expires: Mon, 21 Dec 2015 18:03:18 GMT

GET
H2 200 oswald-400-latin.woff2
static.shivtr.com/gfonts/ 10 KB
10 KB 199ms
59ms Font
font/woff2 45.33.21.148
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shivtr.com/gfonts/oswald-400-latin.woff2
Requested by: Host: static.shivtr.com
URL: https://static.shivtr.com/gfonts/oswald.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.33.21.148 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li975-148.members.linode.com
Software: Caddy /
Resource Hash: 81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Request headers

Referer: https://static.shivtr.com/gfonts/oswald.css
Origin: https://www.novagenesis.shivtr.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:22 GMT
last-modified: Wed, 28 Jun 2023 04:24:57 GMT
server: Caddy
etag: "rwy49l7lc"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 9840

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 74ms
72ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b446ba86d09a887f03e811879f364b745e47dd158012fbd54fd3ccdafba92ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137525
x-xss-protection: 0
server: cafe
etag: 16109552368062180092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:17:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 13D0 9 KB
4 KB 126ms
35ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.novagenesis.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:12:38 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 05:12:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3EE 351 KB
83 KB 617ms
616ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&adk=1812271804&adf=3025194257&lmt=1701735442&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441982&bpp=5&bdt=851&idt=156&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4432353060727&frm=20&pv=2&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=213

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d50d10d88d12973de194fb002ef6315bd5fe89d0f40db6efbbf182cb8d2d1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.novagenesis.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 84464
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:17:22 GMT
expires: Tue, 05 Dec 2023 00:17:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 62ms
61ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=status_bar_position&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A784 49 KB
21 KB 840ms
802ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=670858179&pi=t.ma~as.2876344136&w=728&lmt=1701735442&format=728x90&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441987&bpp=1&bdt=856&idt=217&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4432353060727&frm=20&pv=1&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c34095c26da430d0303af6ab8332845759cd55836dcf1a6db5dbf05b455f87a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.novagenesis.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21341
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:17:24 GMT
expires: Tue, 05 Dec 2023 00:17:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 76ms
76ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38c8e7d308221669970718c01dc8fd2aebc1c44f60452f5833967e655b0ecd64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55937
x-xss-protection: 0
server: cafe
etag: 2484618829131723365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:17:23 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 7263 9 KB
4 KB 49ms
38ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.novagenesis.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 21:49:25 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 21:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 5F02 9 KB
4 KB 36ms
34ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.novagenesis.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 21:49:25 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 21:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7263 4 KB
1 KB 180ms
55ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 00:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 23:58:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 00:17:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7263 205 B
295 B 197ms
75ms Image
image/png 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:40:53 GMT
x-content-type-options: nosniff
age: 30990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 15:40:53 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7263 604 B
920 B 194ms
73ms Image
image/png 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:18:05 GMT
x-content-type-options: nosniff
age: 201558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Dec 2024 16:18:05 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 7263 16 KB
7 KB 171ms
50ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:50:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 7263 22 KB
9 KB 154ms
33ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9196
x-xss-protection: 0
server: cafe
etag: 14855042226819348905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 12:50:11 GMT

GET
H2 200 b1fdc9f83bbec90a172a8086cc6d7abe.js Show response
www.gstatic.com/mysidia/ Frame 5F02 9 KB
4 KB 189ms
72ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 20:36:49 GMT

GET
H2 200 beed761f93b6ef70a78de0a9e5a40959.js Show response
www.gstatic.com/mysidia/ Frame 5F02 11 KB
5 KB 151ms
34ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/beed761f93b6ef70a78de0a9e5a40959.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b15bc8303c5f68394630427c547e815dc9437fdfd1cee76b9caa3d690f9f2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4899
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 20:50:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5F02 14 KB
1 KB 170ms
56ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 00:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 23:52:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 00:17:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 5F02 2 KB
903 B 182ms
68ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 03:38:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 5F02 24 KB
9 KB 190ms
77ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:55:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 5F02 3 KB
1 KB 189ms
76ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:02:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 5F02 20 KB
8 KB 166ms
54ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:55:45 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F02 202 KB
64 KB 166ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:17:23 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 5F02 37 KB
15 KB 149ms
49ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 20:47:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B727 14 KB
1 KB 50ms
48ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 00:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 23:51:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 00:17:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B727 2 KB
856 B 35ms
34ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 03:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 03:38:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame B727 24 KB
9 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:55:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 81E4 143 B
166 B 40ms
37ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 99
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:15:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B727 3 KB
1 KB 43ms
41ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:02:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B727 20 KB
8 KB 46ms
44ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:55:45 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B727 202 KB
64 KB 49ms
47ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:17:23 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame B727 37 KB
15 KB 41ms
40ms Script
text/javascript 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 20:47:41 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11872093617410350534/ Frame 5F02 6 KB
6 KB 43ms
41ms Image
image/png 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11872093617410350534/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0598e6a9cc1efff51791bf0e4bf98a0880e6f9fbeff4edfba867ea4d000aefee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:46:24 GMT
x-content-type-options: nosniff
age: 365459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6167
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 23:21:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 18:46:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 659F 143 B
166 B 38ms
34ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:15:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5F02 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 212d98fd397705ba5dd23914977cfbb6846300266b0fd8bc6e84c86d6ce0852a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame A784 105 KB
40 KB 239ms
100ms Script
text/javascript 23.193.217.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=670858179&pi=t.ma~as.2876344136&w=728&lmt=1701735442&format=728x90&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441987&bpp=1&bdt=856&idt=217&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4432353060727&frm=20&pv=1&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.217.21 Philadelphia, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-217-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11e77de144acdec2c8fe7018f32ca3ec5f683da0277f05c3e7adaf35dffec399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-mnt-h: 21-g4dd
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 05 Dec 2023 00:17:24 GMT
server: Apache
etag: "ea2bc7aad27203eb99e9d8f0fdbf2360"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-s1v0
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:22:24 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame A784 72 KB
25 KB 273ms
88ms Script
application/javascript 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Tue, 05 Dec 2023 00:17:24 GMT
x-guploader-uploadid: ABPtcPqodS28iCHTIeotkFK_FAJyrWHRCWSTCK5gY1_F0XDddmBED8Wll3OOdNQwp2XkQQU7WA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Tue, 05 Dec 2023 01:17:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame A784 3 KB
1 KB 45ms
41ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:02:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame A784 20 KB
8 KB 45ms
43ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:55:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A784 0
0 139ms
48ms Image
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQI8oFJDrbbBbBqYDx-LxujCIUdGJSjTD39QPEyxcRob3zdtIAtyTHnR4gtjH23M-XBeCz9xPBDyS2hOd0TMWTJmiuSag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=670858179&pi=t.ma~as.2876344136&w=728&lmt=1701735442&format=728x90&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441987&bpp=1&bdt=856&idt=217&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4432353060727&frm=20&pv=1&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A784 202 KB
64 KB 89ms
88ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 00:17:24 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 81E4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
44ms

Document
text/html

2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:17:24 GMT
expires: Tue, 05 Dec 2023 00:17:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:17:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A5A 51 KB
19 KB 40ms
38ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 05:44:15 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5F02 33 KB
34 KB 115ms
37ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:27:55 GMT
x-content-type-options: nosniff
age: 359369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 20:27:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 659F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
52ms

Document
text/html

2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:17:24 GMT
expires: Tue, 05 Dec 2023 00:17:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:17:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame A784 131 KB
42 KB 449ms
66ms Script
text/javascript 23.37.123.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.123.169 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-123-169.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 920e0c120ac075a4196ad4ac66ed27c4d19516712b2cbf53fd098e937a2aaba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 00:17:25 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive, Transfer-Encoding
Transfer-Encoding: chunked
Expires: Tue, 05 Dec 2023 00:22:25 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame 60AC 75 KB
31 KB 350ms
347ms Document
text/html 23.193.217.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2819&&kkdd=3u%7Cu%7CHn9A*3&nI=TMgTM7255522ssU5(Ts&Nf0l=g&Wv08=g&ufn=TT(M&Evu)=w77s&uIf=syGMeMMT6&u0uf=eu~N!dAPR96A*TRRrll9uq%3D%3D&ulIf=27UUss255&vI4)=M(sdFg&uu=G1&vu=XD&ucaW=vWWRWINl8EI!aRE)vE&0If=s.LC5-QMX&E0If=B925U1F&cEE0v=T&lll=E4CrcwuHrws.DENET5HE7~C8155N*QEPr(7HjaMoitiHkPXk*lEE9N%3D%3D&av)=2&Hq=T&PNf=5&8fET=syGGF9jsV&8fE(=s7F(ssU57&Yf8E8=vf(%3DaPHHOIPlHRH%3DTgO!N)l0W%3DghTsOf!WRY%3Dgh27Ovuf%3Da*Ol8)%3Dg%2CgOf!WRH%3D(gOnH(lRvf%3D(g(7T(g5T(OIPlHRY%3DF2sh5sOPlHREbu%3DgOPlHRl(8RY%3DgOvEf%3D(Ts5sgFTg2OWaRY)cRY!!vE%3DghUMOl8E%3Dghggg%2CgOI0%3DTF95B.8Y0ybZITnyxYG24(OiYY%3DT2OYcRIW%3DTUgOlII0P8%3DTg2%2CTg2Olu%3DTOlIvPIf%3Dg%2CgOl0vRvf%3D(g(7T(g5TsOl8fn%3Dghggg%2CgOPlHRY%3DThg5OnH(lRPlHRY%3DgOvWWRql%3DFh(sgsOPlHRH%3DTgOvHn%3D(7h(sONu8E%3D2gTTUTOYY%3DTFUOvWWRWPH%3Dghs7O)l0W%3DghTsOnH(lRPlHRbu%3Dg6gO0vIRu%3D7%2C7%2Cg%2Cg%2Cg%2Cg%2Cg%2CgOYW%3DTO0vIRf%3DgOlb)%3Dg%2CgO870RY%3D2hF7%2C2ThU7Ovf%3DTOPIf%3D(x8tHcA687EH7F2-5)OunH(lRY%3D(hTOYEf%3D7gMFMTMU57(2TFF(TFF((sTM75F(55g5FUs5U27257(sF5FggTU(57Ug2gFgFFTF25sgMTTM7s5gMg5sM(U5(s(T5(g((g27F(TTMMUOPIW%3DgOlbE%3Dghggg%2CgO!Nf(0RY%3DghF2Ovv%3DXSOuu%3DG1OPIq%3DrTOu)%3DgOlun%3D5Th7sOyx%3D7g2TObYRPu%3Dr(OaEv%3DTObYRuubv%3Dr(OuE%3DYPii8H!OYvvRkBQ%3DXS%2CXSOY8vIv(%3DTFUOY8vIvT%3DTFUOYcRvf%3D(g(7T(g5gTOfu%3DsOnH(lRY%3D2hF7OEE%3DgOnqR)du%3DghM5OnIvRvf%3DTgsOPlHRl0vRY%3DT(h(5OYcRu!%3DgOfu(%3DTOnR8va%3D(g(MsOH8vE%3DOun!N%3D(hTOnIvRPlHRY%3Dgh5sOnH(lRIRvf%3D(g(7T(g5T(OnIvRPlHRH%3DgO)E%3D(MOnH(lRIRY%3Dghg(OnIvRY%3D2M(h2OnH(lRPlHRnI%3DT6rTUOPlHREnI%3DgOnn%3DgOunH(lRvf%3DTgsOlin%3D5Th7sOH(lRY%3DTgggOvWWRvf%3D(g(7T(g5T7Ol8f0%3Dghggg%2CgOvIf%3D27UUss255OPlHRl0vRbu%3DgOnqP%3DghM5Of(0RH%3DTgOunH(%3D(hTO70ui%3DTggghg2OfWWRvElN%3DvWWRWINl8EI!aRE)vEOf(0RY%3DghF2Ol0vRY%3D2ThU7OPlHRvl0vRY%3DT(h(5Olbq0%3Dghggg%2CgOlbqf%3Dghggg%2CgOIvC)i%3DgOIvIi%3DgOPlHRl0uRY%3DgOYIf%3DghT2OPlHRl0vRln%3DgOuYf0%3DghT2gOvf%3DTOIE*0)RIf%3DTMOv)HH)lRE8NRIf%3D(Ts5sgFTg2OvP00H*RE8NRIf%3DOf)E)uE)fRE8NRIf%3DOnI)q8YIHIE*%3DghM5O0!v%3DTO8uRE*0)%3DTO8fYHb%3D(Ts5sgFTg2O8W0%3DTO!NYIf%3DghTsgOYiHl%3DghgTgOvPIf%3DyS616VK7)9DUN6B95Wx0ZAR-g-!OfEu%3D)8vERvuOfWWR)l0W%3Di8Hv)OfWW%3DvWWRWINl8EI!aRE)vEOYf0u80f%3DgOf8HN%3DvWWOvNWE%3DH!aNRE8IHRc!W)08N)Ru8Euc8HHOv!Y0%3DOdIf%3DSKpr0PYr(7UMTgsg5s(sM2T2OcEWH%3DTOvWWR80I%3DnTOIYu%3DTOav4%3DTOENv%3DM(sdFgOYvY%3DgOYv0%3DgOEWd%3D(52&aEn=g&WWW=8oysyNF558dSAoKP4t!KR*ML0-AtfYL6bHieftJrF2g%3D&Iq=M(s&Iaxil=T&Yflxf=5Ug&YIf=75FF(g&Wui=UMTTF&*fv0l=T&Y8)=Ad)Ad%2F5)X%2F&b8E0l)=T&u8f!W8Ia=E4CrcwuHrwrV1cX5(rPPifa2Lpc(IygXU~f7(*5x1uZ-LVZRb*Z!4N%3D%3D&*0H0=T&IvIf=2&8fn=xan)vE!l%20j!uPv&vvWulRn)l=2&0NIf=0gT722Ug5s22E(g(7T(g2ggTM&vvHf=%7B%22vvI0%22%3A%22(Ug(%3Aiius%3Aggg(%3Agggg%3Agggg%3Agggg%3Agggg%3Agggg%22%2C%22vvuu%22%3A%22G1%22%2C%22vvvu%22%3A%22XD%22%2C%22vvuE*%22%3A%22YPii8H!%22%7D&0)li=T&cEWHvlu=T&sflct=3761804&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.217.21 Philadelphia, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-217-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

2ca6be624c9359db914ea6c19113ff2351a287d795e17bb2abcbac531c2702e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 31367
content-type: text/html
date: Tue, 05 Dec 2023 00:17:25 GMT
expires: Tue, 05 Dec 2023 00:17:25 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-spqn

GET
H2 200 bping.php
lg3.media.net/ Frame A784 35 B
176 B 99ms
86ms Image
image/gif 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2603&&vgd_cdv=1127&vgd_cage=3&vgd_tsce=L338&vgd_mcf=67119&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=536688544&vi=1701735444558864218&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=170785191&r=1701735444615&rrr=tzR-hLcl-L8PYtgt14lt3qRaS44gyWtu-23lFn7MfGflKuNKyrttJg%3D%3D&requrl=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.uW~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuf9Huf~8xLjMGviXW.HW~xLjM7UNv9~xLjMLf1MGv9~Q7OvfuWHW9iu9X~YzMGJwMGmmQ7v9.Fh~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuX~GwM8YvuF9~L88Ex1vu9X%2Cu9X~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAuf9HuW~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~QYYMBLvi.fW9W~xLjMjvu9~QjevfA.fW~yN17vX9uuFu~GGvuiF~QYYMYxjv9.WA~JLEYv9.uW~ejfLMxLjMUNv949~EQ8MNvA%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvX.iA%2CXu.FA~QOvu~x8OvfV1ZjwR41A7jAiX%2FHJ~NejfLMGvf.u~G7OvA9hihuhFHAfXuiifuiiffWuhAHifHH9HiFWHFXAXHAfWiHi99uFfHAF9X9i9iiuiXHW9huuhAWH9h9HWhfFHfWfuHf9ff9XAifuuhhF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LNevHu.AW~%3DVvA9Xu~UGMxNvof~z7Qvu~UGMNNUQvof~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~GwMQOvf9fAuf9H9u~ONvW~ejfLMGvX.iA~77v9~eBMJ-Nv9.hH~e8QMQOvu9W~xLjMLEQMGvuf.fH~GwMNmv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyvf.u~e8QMxLjMGv9.HW~ejfLM8MQOvf9fAuf9Huf~e8QMxLjMjv9~J7vfh~ejfLM8MGv9.9f~e8QMGvXhf.X~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvu9W~LkevHu.AW~jfLMGvu999~QYYMQOvf9fAuf9HuA~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~eBxv9.hH~OfEMjvu9~Nejfvf.u~AENkvu999.9X~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iX~LEQMGvXu.FA~xLjMQLEQMGvuf.fH~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uX~xLjMLEQMLev9~NGOEv9.uX9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfuWHW9iu9X~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.hH~EmQvu~1NM75EJvu~1OGjUvfuWHW9iu9X~1YEvu~myG8Ov9.uW9~GkjLv9.9u9~Qx8Ov%3DK4b4qrAJ63Fy4_6HYVEdRM%2F9%2Fm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGofAFhu9W9HWfWhXuX~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfHX&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Gxkk1jm%22%7D&vgd_bid=349920&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1701735444156522872&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pgid=p01355604855t202312050017&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%2C%22PRLG%22%2C%22URLDC%22%5D&hvsid=00001701735444601016112663409725&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Tue, 05 Dec 2023 00:17:24 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 05 Dec 2023 00:17:24 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame E599 27 KB
10 KB 84ms
81ms Document
text/html 23.193.217.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.217.21 Philadelphia, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-217-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5eead67e8a06eee515a7126d544630c4a0eef8913e86a5b4cdb4c8ca771db7d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9623
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 00:17:25 GMT
expires: Thu, 07 Dec 2023 00:17:25 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame A784 35 B
191 B 134ms
114ms Image
image/gif 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=5916&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=Wsf0TpqO8uCR3PlgvDa7rw&vid=Wsf0TpqO8uCR3PlgvDa7rw&dn=novagenesis.shivtr.com&rawDn=novagenesis.shivtr.com&requrl_dn=novagenesis.shivtr.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fwww.novagenesis.shivtr.com&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NY&ct=buffalo&zip=14202&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-54477f9df5-xdgr9.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=716&sckfl=1&suid=CAESEHD3eJY6gETJ4mIpjB_V0Vo&sckfl2=0&smbrid=adx-1&cxtSgmt=long_tail_homepage_catchall&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm4iij9OEer_n8JSPB38WEEDx57Xq-UK5M8tMU9wd9Qb978xGG7rNa5ecgTwd40Hdgp_&pexid=ADX-pub-2367108048287515&geoll=false&is_ortb=false&commit_id=3abc4605&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-04+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=49&req_tid_present=false&pvid=460&prvAccId=536688544&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=839288643&prspt=headerBid&prvReqId=47846344744158_1530782349_8392886434601&size=728x90&chnl=smm_migration_test&bdp=0.180&bid_uuid=28cf07a812c2ccee5f9f993cd76c8960&cbdp=0.15&og_cbdp=0.180&ogbdp=0.18&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.15&dsrc=-2&dp=0&dbf=1&epc=536688544&s=1&snm=SUCCESS&pcrid=8CU7Q771E-536688544-49-5&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=74&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1701735443525&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.18&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807684000728009000059500&strg=smm_migration_test&vls=0&scrid=1700080807684000728009000059500&mang=1&pvdTmax=245&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=728x90&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=c41da5497d&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23prll_req%3Atrue%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=e698be9bb283078f6a3b0d0f3bc1b6dd&rtime=28.0&wsip=mowx-lite-6c6d6644d4-sh2hl&ltime=38.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&adblk=2184809105&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=e698be9bb283078f6a3b0d0f3bc1b6dd_1&policy_enf=2&pub_blk_enf=1&req_size=728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=Wsf0TpqO8uCR3PlgvDa7rw_1&supplyTagId=2184809105&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&mp_seg%3C%3E=100273&debug_ts=2023-12-05+00%3A17%3A23&__expireat=1701736043776&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.180&lo_cbdp=0.15&actltime=38&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.18~dom_b%3D0.53~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2023120412~iurl_b%3D958.48~url_tkc%3D0~url_r2a_b%3D0~std%3D2184809105~mn_beh_boost%3D0.67~rat%3D0.000%2C0~ip%3D19J4TPabpCkji1vCIbU5z2~fbb%3D15~bh_im%3D160~riipua%3D105%2C105~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023120418~radv%3D0.000%2C0~url_b%3D1.04~vl2r_url_b%3D0~smm_wr%3D9.2808~url_l%3D10~slv%3D23.28~gcat%3D501161~bb%3D196~smm_mul%3D0.83~erpm%3D0.18~vl2r_url_kc%3D0E0~psi_c%3D3%2C3%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~rke%3D0%2C0~a3p_b%3D5.93%2C51.63~sd%3D1~uid%3D2IaGlhBEa3tl395V4e~cvl2r_b%3D2.1~btd%3D3079717643251992199228173492440496846535432894900162436050909919548071173840704872642821420220539211776~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.95~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rcv%3D41.38~CI%3D3051~kb_uc%3D-2~nts%3D1~kb_ccks%3D-2~ct%3Dbuffalo~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~bh_sd%3D2023120401~dc%3D8~vl2r_b%3D5.93~tt%3D0~vw_exc%3D0.74~vis_sd%3D108~url_rps_b%3D12.24~bh_co%3D0~dc2%3D1~v_asn%3D20278~last%3D~cvog%3D2.1~vis_url_b%3D0.48~vl2r_i_sd%3D2023120412~vis_url_l%3D0~et%3D27~vl2r_i_b%3D0.02~vis_b%3D572.5~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D108~rfv%3D41.38~l2r_b%3D1000~smm_sd%3D2023120413~radp%3D0.000%2C0~sid%3D536688544~url_rps_kc%3D0~vwu%3D0.74~d2p_l%3D10~cvl2%3D2.1~3pcf%3D1000.05~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.95~rps_b%3D51.63~url_srps_b%3D12.24~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.15~url_rps_rv%3D0~cbdp%3D0.150%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D2184809105%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.74%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D2184809105%7Eamp%3D1%7Eogbid%3D0.180%7Ebflr%3D0.010%7Esuid%3DCAESEHD3eJY6gETJ4mIpjB_V0Vo%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Esgmt%3Dlong_tail_homepage_catchall%7Esobp%3D%7Exid%3DADX-pub-2367108048287515%7Ehtml%3D1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D245&utime=1123&sf=0&cpr=0.6771690469123002

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:24 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 05 Dec 2023 00:17:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F5E8 1 KB
643 B 74ms
34ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 20669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 18:32:56 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 18:32:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A784 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00fb853a2d82cfbfe152c7b69b73c3ab9b9cc7c314b9eb69594ad62cb2e2304e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A784 0
19 B 68ms
67ms Image
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnihgE2xuZbvsFJTc6gTWybiwBr6VpK9s99rS06wMwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMjM2NzEwODA0ODI4NzUxNcgBCagDAcgDAqoEgwJP0IDbiIMPS5SbB7b_z35jWDsTUpku7vWVZnbFhPlkk7mCQ2hqWcqZxH8R7n_2ok3uBUrxuP3jcv4NXrypZ2_HiKqkozOJybYN5MI8y7b-gPxBsKmgASh04_bkINXZ8RfVswCbI-NyGm6Ld6DCF0aiXRiv-5jqwewDCVgu_8E6Kbdhs5HSO7El4y-Vz9t_R9J_Mx1XLlHfk1G5HKo9zPyKLLAIGsxVkpAAv1XkPWCyT8qHb4jpFvnRXmC4Pw0XIG3J1baNZibuxWoHtvfkTNLfXGLMDfdQ3Hij6B5xsBM5vo5Rg9oIc8M8OVvkobkxiuUvkoXIZpHi3itdCA4sak3v8kdzgAaH8a-Tq_iYozmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WOnx5MSC94IDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIzNjcxMDgwNDgyODc1MTUYAA&sigh=iV3ciH5NKM8&uach_m=%5BUACH%5D&cid=CAQSPADICaaNma5dKlwUqxefPFKAZmJ4KheEPVljUHcMnbhbKqUyTMA7yLhybW_GsIZB39Bw-ZUjLu7lLZpZJRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=670858179&pi=t.ma~as.2876344136&w=728&lmt=1701735442&format=728x90&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441987&bpp=1&bdt=856&idt=217&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4432353060727&frm=20&pv=1&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 00:17:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame A784 35 B
191 B 78ms
77ms Image
image/gif 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjQ3ODQ2MzQ0NzQ0MTU4XzE1MzA3ODIzNDlfODM5Mjg4NjQzNDYwMUBlNjk4YmU5YmIyODMwNzhmNmEzYjBkMGYzYmMxYjZkZJgHCtejcD0Kxz9EaHR0cHM6Ly93d3cubm92YWdlbmVzaXMuc2hpdnRyLmNvbQRVUwDoAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2LG5vdmFnZW5lc2lzLnNoaXZ0ci5jb20SOENVVTlKRjhICAw3Mjh4OTAIMC4xNQ5lYXN0X3NjBkFEWAgIbnVybAAAAAAAAIBSQIqxsfWGYwIxAAAAAAAA8L9AcnRiLWFwcG5leHVzLTU0NDc3ZjlkZjUteGRncjkuU0M-MTcwMDA4MDgwNzY4NDAwMDcyODAwOTAwMDA1OTUwMAIQM2FiYzQ2MDUCZAI&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:24 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 05 Dec 2023 00:17:24 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame A784 35 B
296 B 291ms
60ms Image
image/gif 23.55.235.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=e698be9bb283078f6a3b0d0f3bc1b6dd&bdp=0.1800&bidfp=0.0100&cc=US&cid=8CUU9JF8H&crid=839288643&ct=buffalo&dc=east_sc&dn=novagenesis.shivtr.com&iwb=1&ogcbdp=0.1800&other_bids=0.18&other_prv=460&pbshr=100.0000&requrl=novagenesis.shivtr.com&sat=1&sc=NY&sc_pvid=460&send_erpm=false&server=6&size=728x90&strg=smm_migration_test&totalTime=1296570&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2023-12-05%2000%3A17%3A23&seat=BID_API&itype=adx&req_id=Wsf0TpqO8uCR3PlgvDa7rw&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.199%20Safari%2F537.36&br_ver=119.0.6045.199&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&seg=long_tail_homepage_catchall&f_seg=long_tail_homepage_catchall&ogerpm=0.18&ogerpm_used=false&rawbid=0.18&totalTimeBucket=1&sub_bidder=196&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.74&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&bdp_wider_bucket=1&adblk=2184809105&advurl=related.investorfocus.net%2F&bdr_typ=1&clisp=rtb-appnexus-54477f9df5-xdgr9.SC&dmm_m22=0.1800&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807684000728009000059500&zone=d&rc=-1&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-6c6d6644d4-sh2hl&djvm=9.5.8&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367108048287515&output=html&h=90&slotname=2876344136&adk=2184809105&adf=670858179&pi=t.ma~as.2876344136&w=728&lmt=1701735442&format=728x90&url=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735441987&bpp=1&bdt=856&idt=217&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4432353060727&frm=20&pv=1&ga_vid=1861842573.1701735442&ga_sid=1701735442&ga_hid=1726763931&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=449&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C44798934%2C44807764%2C44808149%2C44808284%2C44809071&oid=2&pvsid=2273848749008554&tmod=722571102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.235.225 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-235-225.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 00:17:25 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Tue, 05 Dec 2023 00:17:25 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5F02
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CKdyrEmxuZd-YD63PoPMPp46p6APPpPuUdMzH8ZyDEtrZHhABINigpgRgye6Oi8CkjBCgAfOP-6kpyAEBqQKCrS7YQCuyPqgDAcgDywSqBJcCT9DZIraSEhUgU_c-YeAVBTzarnWO1Tr_Cqf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x299ff20ecd89907e0000000000000000%22,%222%22:%220xbc74313476b8e1290000000000000000%22,%223%22:%220x7ce169...

0
0

144ms
58ms

Fetch
text/css

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x299ff20ecd89907e0000000000000000%22,%222%22:%220xbc74313476b8e1290000000000000000%22,%223%22:%220x7ce169e68b9453ae0000000000000000%22,%224%22:%220xdbd946c3b14282dd0000000000000000%22,%225%22:%220x7a854b76d91f2c1f0000000000000000%22},%22debug_key%22:%2210699764643089233412%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211283606033945246945%22}&andc=true

Requested by

Host: www.novagenesis.shivtr.com
URL: https://www.novagenesis.shivtr.com/

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x299ff20ecd89907e0000000000000000","2":"0xbc74313476b8e1290000000000000000","3":"0x7ce169e68b9453ae0000000000000000","4":"0xdbd946c3b14282dd0000000000000000","5":"0x7a854b76d91f2c1f0000000000000000"},"debug_key":"10699764643089233412","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"11283606033945246945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 00:17:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 00:17:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x299ff20ecd89907e0000000000000000","2":"0xbc74313476b8e1290000000000000000","3":"0x7ce169e68b9453ae0000000000000000","4":"0xdbd946c3b14282dd0000000000000000","5":"0x7a854b76d91f2c1f0000000000000000"},"debug_key":"10699764643089233412","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"11283606033945246945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B9B 51 KB
19 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 05:44:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 151ms
59ms Preflight
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 00:17:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

cksync
cs.media.net/ Frame E599
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ0NzM3MDQ1NjYzNDA3OTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAq8dv9aPBIdGFEIKRfX2xQ&google_cver=1

53 B
445 B

167ms
141ms

Image
image/gif

104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAq8dv9aPBIdGFEIKRfX2xQ&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-125-88-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Tue, 05 Dec 2023 00:17:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAq8dv9aPBIdGFEIKRfX2xQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F5E8 35 B
463 B 306ms
89ms Image
image/gif 2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMo7m_dWzd6oHWpn-RemGPQ&google_cver=1&google_push=AXcoOmQGZAjHNYgRTB-9m1WAamUmBYR3P0-ylKnjKwcxP9D8LeAnnHd8wqRbFleVXgei8G3IEtPB7Z0pPosRsH6w-P-DRmjPUc2TEEI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5E8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c2lIcVUxbEQxUmFqN1Q1&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&google_cver=1&google_push=AXcoOmSVIGJ4j4Td_KG018xkG5xUDd7rwe3sff-b7dHZ5nJ...

170 B
232 B

62ms
61ms

Image
image/png

142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c2lIcVUxbEQxUmFqN1Q1&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&google_cver=1&google_push=AXcoOmSVIGJ4j4Td_KG018xkG5xUDd7rwe3sff-b7dHZ5nJZeeH-XUhdL52JIboEU0bdMq5qbEUCNsxwYVDqoh0HWFWBbfJPsPGud4Ol

Requested by

Protocol

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 00:17:25 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-00d1d893641ec12f8@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c2lIcVUxbEQxUmFqN1Q1&google_gid=CAESEH9mBEkUC6li4TXAYAsRq8E&google_cver=1&google_push=AXcoOmSVIGJ4j4Td_KG018xkG5xUDd7rwe3sff-b7dHZ5nJZeeH-XUhdL52JIboEU0bdMq5qbEUCNsxwYVDqoh0HWFWBbfJPsPGud4Ol
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5E8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMil2jj76ym3gXOG-2k-qhs&google_push=AXcoOmQyP_O1guWYcjn_FwsapiI0-iQ0q67y2keQVpjIinGvPxSOXDVkeI...

170 B
243 B

54ms
51ms

Image
image/png

142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMil2jj76ym3gXOG-2k-qhs&google_push=AXcoOmQyP_O1guWYcjn_FwsapiI0-iQ0q67y2keQVpjIinGvPxSOXDVkeIKorvD_1SSo_HzKpd91BDtvLVRFhR6BSuxk7gTna6CbN6I7

Requested by

Protocol

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-yyz4526-YYZ
pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701735445.363403,VS0,VE21
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMil2jj76ym3gXOG-2k-qhs&google_push=AXcoOmQyP_O1guWYcjn_FwsapiI0-iQ0q67y2keQVpjIinGvPxSOXDVkeIKorvD_1SSo_HzKpd91BDtvLVRFhR6BSuxk7gTna6CbN6I7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5E8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM0uoeO8twqWTRjxkCn1jhg&google_cver=1&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3VBH-J4...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEM0uoeO8twqWTRjxkCn1jhg&google_cver=1&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6279bb1e-41c3-445b-af60-8f0db26d85a9&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6279bb1e-41c3-445b-af60-8f0db26d85a9&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=f15cc977-bff9-45bc-aad7-d5a6984d9af1&ssp=google&expires=30&user_group=5&bsw_param=6279bb1e-41c3-445b-af60-8f0db26d85a9
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3VBH-J4nIx3OKtMtX4&google_hm=Ynm7HkHDRFuvYI8Nsm2F...

170 B
188 B

48ms
48ms

Image
image/png

142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3VBH-J4nIx3OKtMtX4&google_hm=Ynm7HkHDRFuvYI8Nsm2FqQ==

Protocol

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTAz8Sg8ViLhA6mdYsfyDCS_Sj1AJydIw1qHl0fqFjgb4WKctwalnRG7I_PlzC18DNlVuvXwT-UbVsxS3VBH-J4nIx3OKtMtX4&google_hm=Ynm7HkHDRFuvYI8Nsm2FqQ==
Date: Tue, 05 Dec 2023 00:17:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5E8
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEF6NpySVf58VLwgcxIxEus0&c_param1=AXcoOmSCp8CC67afU1xUZ72jrJ7SOQDwrxcdQf1J5LtIEpqtGtW5JtaFT5CjS8fjxq0ahOMNcV7aLRNKODJvI0OEqlJkTqHFwh_EqPjC&gdpr=%%GDP...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSCp8CC67afU1xUZ72jrJ7SOQDwrxcdQf1J5LtIEpqtGtW5JtaFT5CjS8fjxq0ahOMNcV7aLRNKODJvI0OEqlJkTqHFwh_EqPjC

170 B
188 B

50ms
49ms

Image
image/png

142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSCp8CC67afU1xUZ72jrJ7SOQDwrxcdQf1J5LtIEpqtGtW5JtaFT5CjS8fjxq0ahOMNcV7aLRNKODJvI0OEqlJkTqHFwh_EqPjC

Protocol

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmSCp8CC67afU1xUZ72jrJ7SOQDwrxcdQf1J5LtIEpqtGtW5JtaFT5CjS8fjxq0ahOMNcV7aLRNKODJvI0OEqlJkTqHFwh_EqPjC
date: Tue, 05 Dec 2023 00:17:25 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5E8
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTxkz5-HOE4OpKoAmuFoyJfDEqQVyV62gJScfbZ0Hs_oxG9sOSLZ_lG1cJO7WMS68Kb-ZGcHhCejLUZWnDA50g8l2JAvzCUa1oCqA&google_gid=CAESEFVBLh7...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVBLh7GU3yJ7IZHM09T69o&google_hm=T1BVOWM2MzQ5N2MzNjQ2NDJlYmFlMTUxMWU5MTcxM2ZjMGI&google_nid=opera_norway_as&google_push=AXcoOmTxkz5-...

170 B
188 B

53ms
52ms

Image
image/png

142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVBLh7GU3yJ7IZHM09T69o&google_hm=T1BVOWM2MzQ5N2MzNjQ2NDJlYmFlMTUxMWU5MTcxM2ZjMGI&google_nid=opera_norway_as&google_push=AXcoOmTxkz5-HOE4OpKoAmuFoyJfDEqQVyV62gJScfbZ0Hs_oxG9sOSLZ_lG1cJO7WMS68Kb-ZGcHhCejLUZWnDA50g8l2JAvzCUa1oCqA

Protocol

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVBLh7GU3yJ7IZHM09T69o&google_hm=T1BVOWM2MzQ5N2MzNjQ2NDJlYmFlMTUxMWU5MTcxM2ZjMGI&google_nid=opera_norway_as&google_push=AXcoOmTxkz5-HOE4OpKoAmuFoyJfDEqQVyV62gJScfbZ0Hs_oxG9sOSLZ_lG1cJO7WMS68Kb-ZGcHhCejLUZWnDA50g8l2JAvzCUa1oCqA
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 330
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame F5E8
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEKCT-_Q98QHLzNd5U4Ze2Qc?ext-param=AXcoOmSJy-MZIOmVeVZUi3UKEW7MlOFT-PU1ZOJ1v6Pd_WoTJJOrQ1ST8obzu7dl9GU0uiWFZJtO8vx8vaSOWrTDHi2-zc00y8taJkIx&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESEKCT-_Q98QHLzNd5U4Ze2Qc?redir-setuniq=1&ext-param=AXcoOmSJy-MZIOmVeVZUi3UKEW7MlOFT-PU1ZOJ1v6Pd_WoTJJOrQ1ST8obzu7dl9GU0uiWFZJtO8vx8vaSOWrTDHi2-zc00y8taJkIx&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKCT-_Q98QHLzNd5U4Ze2Qc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

155ms
147ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 19 Nov 2024 00:17:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F5E8 0
130 B 156ms
79ms Image
text/html 142.251.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZ4wrm5aJ7P8S6-V_7mjva9tKfGFt-JZzS10SMG4i425Dm8-GqvTDvX7OrX6dHdBav1uXIBUw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 d9d16d36-1d89-4ac6-ab72-7e1aa9ccd366.jpg
contextual.media.net/kimg/new/140x110/2/47/188/211/ Frame 60AC 11 KB
11 KB 116ms
115ms Image
image/jpeg 23.193.217.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/kimg/new/140x110/2/47/188/211/d9d16d36-1d89-4ac6-ab72-7e1aa9ccd366.jpg?v=9

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2819&&kkdd=3u%7Cu%7CHn9A*3&nI=TMgTM7255522ssU5(Ts&Nf0l=g&Wv08=g&ufn=TT(M&Evu)=w77s&uIf=syGMeMMT6&u0uf=eu~N!dAPR96A*TRRrll9uq%3D%3D&ulIf=27UUss255&vI4)=M(sdFg&uu=G1&vu=XD&ucaW=vWWRWINl8EI!aRE)vE&0If=s.LC5-QMX&E0If=B925U1F&cEE0v=T&lll=E4CrcwuHrws.DENET5HE7~C8155N*QEPr(7HjaMoitiHkPXk*lEE9N%3D%3D&av)=2&Hq=T&PNf=5&8fET=syGGF9jsV&8fE(=s7F(ssU57&Yf8E8=vf(%3DaPHHOIPlHRH%3DTgO!N)l0W%3DghTsOf!WRY%3Dgh27Ovuf%3Da*Ol8)%3Dg%2CgOf!WRH%3D(gOnH(lRvf%3D(g(7T(g5T(OIPlHRY%3DF2sh5sOPlHREbu%3DgOPlHRl(8RY%3DgOvEf%3D(Ts5sgFTg2OWaRY)cRY!!vE%3DghUMOl8E%3Dghggg%2CgOI0%3DTF95B.8Y0ybZITnyxYG24(OiYY%3DT2OYcRIW%3DTUgOlII0P8%3DTg2%2CTg2Olu%3DTOlIvPIf%3Dg%2CgOl0vRvf%3D(g(7T(g5TsOl8fn%3Dghggg%2CgOPlHRY%3DThg5OnH(lRPlHRY%3DgOvWWRql%3DFh(sgsOPlHRH%3DTgOvHn%3D(7h(sONu8E%3D2gTTUTOYY%3DTFUOvWWRWPH%3Dghs7O)l0W%3DghTsOnH(lRPlHRbu%3Dg6gO0vIRu%3D7%2C7%2Cg%2Cg%2Cg%2Cg%2Cg%2CgOYW%3DTO0vIRf%3DgOlb)%3Dg%2CgO870RY%3D2hF7%2C2ThU7Ovf%3DTOPIf%3D(x8tHcA687EH7F2-5)OunH(lRY%3D(hTOYEf%3D7gMFMTMU57(2TFF(TFF((sTM75F(55g5FUs5U27257(sF5FggTU(57Ug2gFgFFTF25sgMTTM7s5gMg5sM(U5(s(T5(g((g27F(TTMMUOPIW%3DgOlbE%3Dghggg%2CgO!Nf(0RY%3DghF2Ovv%3DXSOuu%3DG1OPIq%3DrTOu)%3DgOlun%3D5Th7sOyx%3D7g2TObYRPu%3Dr(OaEv%3DTObYRuubv%3Dr(OuE%3DYPii8H!OYvvRkBQ%3DXS%2CXSOY8vIv(%3DTFUOY8vIvT%3DTFUOYcRvf%3D(g(7T(g5gTOfu%3DsOnH(lRY%3D2hF7OEE%3DgOnqR)du%3DghM5OnIvRvf%3DTgsOPlHRl0vRY%3DT(h(5OYcRu!%3DgOfu(%3DTOnR8va%3D(g(MsOH8vE%3DOun!N%3D(hTOnIvRPlHRY%3Dgh5sOnH(lRIRvf%3D(g(7T(g5T(OnIvRPlHRH%3DgO)E%3D(MOnH(lRIRY%3Dghg(OnIvRY%3D2M(h2OnH(lRPlHRnI%3DT6rTUOPlHREnI%3DgOnn%3DgOunH(lRvf%3DTgsOlin%3D5Th7sOH(lRY%3DTgggOvWWRvf%3D(g(7T(g5T7Ol8f0%3Dghggg%2CgOvIf%3D27UUss255OPlHRl0vRbu%3DgOnqP%3DghM5Of(0RH%3DTgOunH(%3D(hTO70ui%3DTggghg2OfWWRvElN%3DvWWRWINl8EI!aRE)vEOf(0RY%3DghF2Ol0vRY%3D2ThU7OPlHRvl0vRY%3DT(h(5Olbq0%3Dghggg%2CgOlbqf%3Dghggg%2CgOIvC)i%3DgOIvIi%3DgOPlHRl0uRY%3DgOYIf%3DghT2OPlHRl0vRln%3DgOuYf0%3DghT2gOvf%3DTOIE*0)RIf%3DTMOv)HH)lRE8NRIf%3D(Ts5sgFTg2OvP00H*RE8NRIf%3DOf)E)uE)fRE8NRIf%3DOnI)q8YIHIE*%3DghM5O0!v%3DTO8uRE*0)%3DTO8fYHb%3D(Ts5sgFTg2O8W0%3DTO!NYIf%3DghTsgOYiHl%3DghgTgOvPIf%3DyS616VK7)9DUN6B95Wx0ZAR-g-!OfEu%3D)8vERvuOfWWR)l0W%3Di8Hv)OfWW%3DvWWRWINl8EI!aRE)vEOYf0u80f%3DgOf8HN%3DvWWOvNWE%3DH!aNRE8IHRc!W)08N)Ru8Euc8HHOv!Y0%3DOdIf%3DSKpr0PYr(7UMTgsg5s(sM2T2OcEWH%3DTOvWWR80I%3DnTOIYu%3DTOav4%3DTOENv%3DM(sdFgOYvY%3DgOYv0%3DgOEWd%3D(52&aEn=g&WWW=8oysyNF558dSAoKP4t!KR*ML0-AtfYL6bHieftJrF2g%3D&Iq=M(s&Iaxil=T&Yflxf=5Ug&YIf=75FF(g&Wui=UMTTF&*fv0l=T&Y8)=Ad)Ad%2F5)X%2F&b8E0l)=T&u8f!W8Ia=E4CrcwuHrwrV1cX5(rPPifa2Lpc(IygXU~f7(*5x1uZ-LVZRb*Z!4N%3D%3D&*0H0=T&IvIf=2&8fn=xan)vE!l%20j!uPv&vvWulRn)l=2&0NIf=0gT722Ug5s22E(g(7T(g2ggTM&vvHf=%7B%22vvI0%22%3A%22(Ug(%3Aiius%3Aggg(%3Agggg%3Agggg%3Agggg%3Agggg%3Agggg%22%2C%22vvuu%22%3A%22G1%22%2C%22vvvu%22%3A%22XD%22%2C%22vvuE*%22%3A%22YPii8H!%22%7D&0)li=T&cEWHvlu=T&sflct=3761804&ure=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.217.21 Philadelphia, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-217-21.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

691650bed8e111d545f703950751f3a2df2c7f1bf19d26f2278dd2a047d5539f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2819&&kkdd=3u%7Cu%7CHn9A*3&nI=TMgTM7255522ssU5(Ts&Nf0l=g&Wv08=g&ufn=TT(M&Evu)=w77s&uIf=syGMeMMT6&u0uf=eu~N!dAPR96A*TRRrll9uq%3D%3D&ulIf=27UUss255&vI4)=M(sdFg&uu=G1&vu=XD&ucaW=vWWRWINl8EI!aRE)vE&0If=s.LC5-QMX&E0If=B925U1F&cEE0v=T&lll=E4CrcwuHrws.DENET5HE7~C8155N*QEPr(7HjaMoitiHkPXk*lEE9N%3D%3D&av)=2&Hq=T&PNf=5&8fET=syGGF9jsV&8fE(=s7F(ssU57&Yf8E8=vf(%3DaPHHOIPlHRH%3DTgO!N)l0W%3DghTsOf!WRY%3Dgh27Ovuf%3Da*Ol8)%3Dg%2CgOf!WRH%3D(gOnH(lRvf%3D(g(7T(g5T(OIPlHRY%3DF2sh5sOPlHREbu%3DgOPlHRl(8RY%3DgOvEf%3D(Ts5sgFTg2OWaRY)cRY!!vE%3DghUMOl8E%3Dghggg%2CgOI0%3DTF95B.8Y0ybZITnyxYG24(OiYY%3DT2OYcRIW%3DTUgOlII0P8%3DTg2%2CTg2Olu%3DTOlIvPIf%3Dg%2CgOl0vRvf%3D(g(7T(g5TsOl8fn%3Dghggg%2CgOPlHRY%3DThg5OnH(lRPlHRY%3DgOvWWRql%3DFh(sgsOPlHRH%3DTgOvHn%3D(7h(sONu8E%3D2gTTUTOYY%3DTFUOvWWRWPH%3Dghs7O)l0W%3DghTsOnH(lRPlHRbu%3Dg6gO0vIRu%3D7%2C7%2Cg%2Cg%2Cg%2Cg%2Cg%2CgOYW%3DTO0vIRf%3DgOlb)%3Dg%2CgO870RY%3D2hF7%2C2ThU7Ovf%3DTOPIf%3D(x8tHcA687EH7F2-5)OunH(lRY%3D(hTOYEf%3D7gMFMTMU57(2TFF(TFF((sTM75F(55g5FUs5U27257(sF5FggTU(57Ug2gFgFFTF25sgMTTM7s5gMg5sM(U5(s(T5(g((g27F(TTMMUOPIW%3DgOlbE%3Dghggg%2CgO!Nf(0RY%3DghF2Ovv%3DXSOuu%3DG1OPIq%3DrTOu)%3DgOlun%3D5Th7sOyx%3D7g2TObYRPu%3Dr(OaEv%3DTObYRuubv%3Dr(OuE%3DYPii8H!OYvvRkBQ%3DXS%2CXSOY8vIv(%3DTFUOY8vIvT%3DTFUOYcRvf%3D(g(7T(g5gTOfu%3DsOnH(lRY%3D2hF7OEE%3DgOnqR)du%3DghM5OnIvRvf%3DTgsOPlHRl0vRY%3DT(h(5OYcRu!%3DgOfu(%3DTOnR8va%3D(g(MsOH8vE%3DOun!N%3D(hTOnIvRPlHRY%3Dgh5sOnH(lRIRvf%3D(g(7T(g5T(OnIvRPlHRH%3DgO)E%3D(MOnH(lRIRY%3Dghg(OnIvRY%3D2M(h2OnH(lRPlHRnI%3DT6rTUOPlHREnI%3DgOnn%3DgOunH(lRvf%3DTgsOlin%3D5Th7sOH(lRY%3DTgggOvWWRvf%3D(g(7T(g5T7Ol8f0%3Dghggg%2CgOvIf%3D27UUss255OPlHRl0vRbu%3DgOnqP%3DghM5Of(0RH%3DTgOunH(%3D(hTO70ui%3DTggghg2OfWWRvElN%3DvWWRWINl8EI!aRE)vEOf(0RY%3DghF2Ol0vRY%3D2ThU7OPlHRvl0vRY%3DT(h(5Olbq0%3Dghggg%2CgOlbqf%3Dghggg%2CgOIvC)i%3DgOIvIi%3DgOPlHRl0uRY%3DgOYIf%3DghT2OPlHRl0vRln%3DgOuYf0%3DghT2gOvf%3DTOIE*0)RIf%3DTMOv)HH)lRE8NRIf%3D(Ts5sgFTg2OvP00H*RE8NRIf%3DOf)E)uE)fRE8NRIf%3DOnI)q8YIHIE*%3DghM5O0!v%3DTO8uRE*0)%3DTO8fYHb%3D(Ts5sgFTg2O8W0%3DTO!NYIf%3DghTsgOYiHl%3DghgTgOvPIf%3DyS616VK7)9DUN6B95Wx0ZAR-g-!OfEu%3D)8vERvuOfWWR)l0W%3Di8Hv)OfWW%3DvWWRWINl8EI!aRE)vEOYf0u80f%3DgOf8HN%3DvWWOvNWE%3DH!aNRE8IHRc!W)08N)Ru8Euc8HHOv!Y0%3DOdIf%3DSKpr0PYr(7UMTgsg5s(sM2T2OcEWH%3DTOvWWR80I%3DnTOIYu%3DTOav4%3DTOENv%3DM(sdFgOYvY%3DgOYv0%3DgOEWd%3D(52&aEn=g&WWW=8oysyNF558dSAoKP4t!KR*ML0-AtfYL6bHieftJrF2g%3D&Iq=M(s&Iaxil=T&Yflxf=5Ug&YIf=75FF(g&Wui=UMTTF&*fv0l=T&Y8)=Ad)Ad%2F5)X%2F&b8E0l)=T&u8f!W8Ia=E4CrcwuHrwrV1cX5(rPPifa2Lpc(IygXU~f7(*5x1uZ-LVZRb*Z!4N%3D%3D&*0H0=T&IvIf=2&8fn=xan)vE!l%20j!uPv&vvWulRn)l=2&0NIf=0gT722Ug5s22E(g(7T(g2ggTM&vvHf=%7B%22vvI0%22%3A%22(Ug(%3Aiius%3Aggg(%3Agggg%3Agggg%3Agggg%3Agggg%3Agggg%22%2C%22vvuu%22%3A%22G1%22%2C%22vvvu%22%3A%22XD%22%2C%22vvuE*%22%3A%22YPii8H!%22%7D&0)li=T&cEWHvlu=T&sflct=3761804&ure=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:25 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 28 Feb 2022 15:41:39 GMT
server: nginx
etag: "621ced33-2d4e"
content-type: image/jpeg
accept-ranges: bytes
content-length: 11598

GET
DATA 200
OK truncated
/ Frame 60AC 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 264bf325-c7e4-4939-8912-2424a7abe532.jpg
contextual.media.net/kimg/new/140x110/3/45/152/198/ Frame 60AC 14 KB
14 KB 115ms
115ms Image
image/jpeg 23.193.217.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/kimg/new/140x110/3/45/152/198/264bf325-c7e4-4939-8912-2424a7abe532.jpg?v=9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.217.21 Philadelphia, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-217-21.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

65bea3df81cb127b119f5bb2b8803742134a1d170b50eb1c5357883b699b92bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2819&&kkdd=3u%7Cu%7CHn9A*3&nI=TMgTM7255522ssU5(Ts&Nf0l=g&Wv08=g&ufn=TT(M&Evu)=w77s&uIf=syGMeMMT6&u0uf=eu~N!dAPR96A*TRRrll9uq%3D%3D&ulIf=27UUss255&vI4)=M(sdFg&uu=G1&vu=XD&ucaW=vWWRWINl8EI!aRE)vE&0If=s.LC5-QMX&E0If=B925U1F&cEE0v=T&lll=E4CrcwuHrws.DENET5HE7~C8155N*QEPr(7HjaMoitiHkPXk*lEE9N%3D%3D&av)=2&Hq=T&PNf=5&8fET=syGGF9jsV&8fE(=s7F(ssU57&Yf8E8=vf(%3DaPHHOIPlHRH%3DTgO!N)l0W%3DghTsOf!WRY%3Dgh27Ovuf%3Da*Ol8)%3Dg%2CgOf!WRH%3D(gOnH(lRvf%3D(g(7T(g5T(OIPlHRY%3DF2sh5sOPlHREbu%3DgOPlHRl(8RY%3DgOvEf%3D(Ts5sgFTg2OWaRY)cRY!!vE%3DghUMOl8E%3Dghggg%2CgOI0%3DTF95B.8Y0ybZITnyxYG24(OiYY%3DT2OYcRIW%3DTUgOlII0P8%3DTg2%2CTg2Olu%3DTOlIvPIf%3Dg%2CgOl0vRvf%3D(g(7T(g5TsOl8fn%3Dghggg%2CgOPlHRY%3DThg5OnH(lRPlHRY%3DgOvWWRql%3DFh(sgsOPlHRH%3DTgOvHn%3D(7h(sONu8E%3D2gTTUTOYY%3DTFUOvWWRWPH%3Dghs7O)l0W%3DghTsOnH(lRPlHRbu%3Dg6gO0vIRu%3D7%2C7%2Cg%2Cg%2Cg%2Cg%2Cg%2CgOYW%3DTO0vIRf%3DgOlb)%3Dg%2CgO870RY%3D2hF7%2C2ThU7Ovf%3DTOPIf%3D(x8tHcA687EH7F2-5)OunH(lRY%3D(hTOYEf%3D7gMFMTMU57(2TFF(TFF((sTM75F(55g5FUs5U27257(sF5FggTU(57Ug2gFgFFTF25sgMTTM7s5gMg5sM(U5(s(T5(g((g27F(TTMMUOPIW%3DgOlbE%3Dghggg%2CgO!Nf(0RY%3DghF2Ovv%3DXSOuu%3DG1OPIq%3DrTOu)%3DgOlun%3D5Th7sOyx%3D7g2TObYRPu%3Dr(OaEv%3DTObYRuubv%3Dr(OuE%3DYPii8H!OYvvRkBQ%3DXS%2CXSOY8vIv(%3DTFUOY8vIvT%3DTFUOYcRvf%3D(g(7T(g5gTOfu%3DsOnH(lRY%3D2hF7OEE%3DgOnqR)du%3DghM5OnIvRvf%3DTgsOPlHRl0vRY%3DT(h(5OYcRu!%3DgOfu(%3DTOnR8va%3D(g(MsOH8vE%3DOun!N%3D(hTOnIvRPlHRY%3Dgh5sOnH(lRIRvf%3D(g(7T(g5T(OnIvRPlHRH%3DgO)E%3D(MOnH(lRIRY%3Dghg(OnIvRY%3D2M(h2OnH(lRPlHRnI%3DT6rTUOPlHREnI%3DgOnn%3DgOunH(lRvf%3DTgsOlin%3D5Th7sOH(lRY%3DTgggOvWWRvf%3D(g(7T(g5T7Ol8f0%3Dghggg%2CgOvIf%3D27UUss255OPlHRl0vRbu%3DgOnqP%3DghM5Of(0RH%3DTgOunH(%3D(hTO70ui%3DTggghg2OfWWRvElN%3DvWWRWINl8EI!aRE)vEOf(0RY%3DghF2Ol0vRY%3D2ThU7OPlHRvl0vRY%3DT(h(5Olbq0%3Dghggg%2CgOlbqf%3Dghggg%2CgOIvC)i%3DgOIvIi%3DgOPlHRl0uRY%3DgOYIf%3DghT2OPlHRl0vRln%3DgOuYf0%3DghT2gOvf%3DTOIE*0)RIf%3DTMOv)HH)lRE8NRIf%3D(Ts5sgFTg2OvP00H*RE8NRIf%3DOf)E)uE)fRE8NRIf%3DOnI)q8YIHIE*%3DghM5O0!v%3DTO8uRE*0)%3DTO8fYHb%3D(Ts5sgFTg2O8W0%3DTO!NYIf%3DghTsgOYiHl%3DghgTgOvPIf%3DyS616VK7)9DUN6B95Wx0ZAR-g-!OfEu%3D)8vERvuOfWWR)l0W%3Di8Hv)OfWW%3DvWWRWINl8EI!aRE)vEOYf0u80f%3DgOf8HN%3DvWWOvNWE%3DH!aNRE8IHRc!W)08N)Ru8Euc8HHOv!Y0%3DOdIf%3DSKpr0PYr(7UMTgsg5s(sM2T2OcEWH%3DTOvWWR80I%3DnTOIYu%3DTOav4%3DTOENv%3DM(sdFgOYvY%3DgOYv0%3DgOEWd%3D(52&aEn=g&WWW=8oysyNF558dSAoKP4t!KR*ML0-AtfYL6bHieftJrF2g%3D&Iq=M(s&Iaxil=T&Yflxf=5Ug&YIf=75FF(g&Wui=UMTTF&*fv0l=T&Y8)=Ad)Ad%2F5)X%2F&b8E0l)=T&u8f!W8Ia=E4CrcwuHrwrV1cX5(rPPifa2Lpc(IygXU~f7(*5x1uZ-LVZRb*Z!4N%3D%3D&*0H0=T&IvIf=2&8fn=xan)vE!l%20j!uPv&vvWulRn)l=2&0NIf=0gT722Ug5s22E(g(7T(g2ggTM&vvHf=%7B%22vvI0%22%3A%22(Ug(%3Aiius%3Aggg(%3Agggg%3Agggg%3Agggg%3Agggg%3Agggg%22%2C%22vvuu%22%3A%22G1%22%2C%22vvvu%22%3A%22XD%22%2C%22vvuE*%22%3A%22YPii8H!%22%7D&0)li=T&cEWHvlu=T&sflct=3761804&ure=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:25 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Mar 2018 17:48:13 GMT
server: nginx
etag: "5ab3ec5d-37cf"
content-type: image/jpeg
accept-ranges: bytes
content-length: 14287

GET
DATA 200
OK truncated
/ Frame 60AC 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 60AC 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame 60AC 25 KB
25 KB 110ms
110ms Font
font/woff 23.193.217.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.217.21 Philadelphia, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-217-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2819&&kkdd=3u%7Cu%7CHn9A*3&nI=TMgTM7255522ssU5(Ts&Nf0l=g&Wv08=g&ufn=TT(M&Evu)=w77s&uIf=syGMeMMT6&u0uf=eu~N!dAPR96A*TRRrll9uq%3D%3D&ulIf=27UUss255&vI4)=M(sdFg&uu=G1&vu=XD&ucaW=vWWRWINl8EI!aRE)vE&0If=s.LC5-QMX&E0If=B925U1F&cEE0v=T&lll=E4CrcwuHrws.DENET5HE7~C8155N*QEPr(7HjaMoitiHkPXk*lEE9N%3D%3D&av)=2&Hq=T&PNf=5&8fET=syGGF9jsV&8fE(=s7F(ssU57&Yf8E8=vf(%3DaPHHOIPlHRH%3DTgO!N)l0W%3DghTsOf!WRY%3Dgh27Ovuf%3Da*Ol8)%3Dg%2CgOf!WRH%3D(gOnH(lRvf%3D(g(7T(g5T(OIPlHRY%3DF2sh5sOPlHREbu%3DgOPlHRl(8RY%3DgOvEf%3D(Ts5sgFTg2OWaRY)cRY!!vE%3DghUMOl8E%3Dghggg%2CgOI0%3DTF95B.8Y0ybZITnyxYG24(OiYY%3DT2OYcRIW%3DTUgOlII0P8%3DTg2%2CTg2Olu%3DTOlIvPIf%3Dg%2CgOl0vRvf%3D(g(7T(g5TsOl8fn%3Dghggg%2CgOPlHRY%3DThg5OnH(lRPlHRY%3DgOvWWRql%3DFh(sgsOPlHRH%3DTgOvHn%3D(7h(sONu8E%3D2gTTUTOYY%3DTFUOvWWRWPH%3Dghs7O)l0W%3DghTsOnH(lRPlHRbu%3Dg6gO0vIRu%3D7%2C7%2Cg%2Cg%2Cg%2Cg%2Cg%2CgOYW%3DTO0vIRf%3DgOlb)%3Dg%2CgO870RY%3D2hF7%2C2ThU7Ovf%3DTOPIf%3D(x8tHcA687EH7F2-5)OunH(lRY%3D(hTOYEf%3D7gMFMTMU57(2TFF(TFF((sTM75F(55g5FUs5U27257(sF5FggTU(57Ug2gFgFFTF25sgMTTM7s5gMg5sM(U5(s(T5(g((g27F(TTMMUOPIW%3DgOlbE%3Dghggg%2CgO!Nf(0RY%3DghF2Ovv%3DXSOuu%3DG1OPIq%3DrTOu)%3DgOlun%3D5Th7sOyx%3D7g2TObYRPu%3Dr(OaEv%3DTObYRuubv%3Dr(OuE%3DYPii8H!OYvvRkBQ%3DXS%2CXSOY8vIv(%3DTFUOY8vIvT%3DTFUOYcRvf%3D(g(7T(g5gTOfu%3DsOnH(lRY%3D2hF7OEE%3DgOnqR)du%3DghM5OnIvRvf%3DTgsOPlHRl0vRY%3DT(h(5OYcRu!%3DgOfu(%3DTOnR8va%3D(g(MsOH8vE%3DOun!N%3D(hTOnIvRPlHRY%3Dgh5sOnH(lRIRvf%3D(g(7T(g5T(OnIvRPlHRH%3DgO)E%3D(MOnH(lRIRY%3Dghg(OnIvRY%3D2M(h2OnH(lRPlHRnI%3DT6rTUOPlHREnI%3DgOnn%3DgOunH(lRvf%3DTgsOlin%3D5Th7sOH(lRY%3DTgggOvWWRvf%3D(g(7T(g5T7Ol8f0%3Dghggg%2CgOvIf%3D27UUss255OPlHRl0vRbu%3DgOnqP%3DghM5Of(0RH%3DTgOunH(%3D(hTO70ui%3DTggghg2OfWWRvElN%3DvWWRWINl8EI!aRE)vEOf(0RY%3DghF2Ol0vRY%3D2ThU7OPlHRvl0vRY%3DT(h(5Olbq0%3Dghggg%2CgOlbqf%3Dghggg%2CgOIvC)i%3DgOIvIi%3DgOPlHRl0uRY%3DgOYIf%3DghT2OPlHRl0vRln%3DgOuYf0%3DghT2gOvf%3DTOIE*0)RIf%3DTMOv)HH)lRE8NRIf%3D(Ts5sgFTg2OvP00H*RE8NRIf%3DOf)E)uE)fRE8NRIf%3DOnI)q8YIHIE*%3DghM5O0!v%3DTO8uRE*0)%3DTO8fYHb%3D(Ts5sgFTg2O8W0%3DTO!NYIf%3DghTsgOYiHl%3DghgTgOvPIf%3DyS616VK7)9DUN6B95Wx0ZAR-g-!OfEu%3D)8vERvuOfWWR)l0W%3Di8Hv)OfWW%3DvWWRWINl8EI!aRE)vEOYf0u80f%3DgOf8HN%3DvWWOvNWE%3DH!aNRE8IHRc!W)08N)Ru8Euc8HHOv!Y0%3DOdIf%3DSKpr0PYr(7UMTgsg5s(sM2T2OcEWH%3DTOvWWR80I%3DnTOIYu%3DTOav4%3DTOENv%3DM(sdFgOYvY%3DgOYv0%3DgOEWd%3D(52&aEn=g&WWW=8oysyNF558dSAoKP4t!KR*ML0-AtfYL6bHieftJrF2g%3D&Iq=M(s&Iaxil=T&Yflxf=5Ug&YIf=75FF(g&Wui=UMTTF&*fv0l=T&Y8)=Ad)Ad%2F5)X%2F&b8E0l)=T&u8f!W8Ia=E4CrcwuHrwrV1cX5(rPPifa2Lpc(IygXU~f7(*5x1uZ-LVZRb*Z!4N%3D%3D&*0H0=T&IvIf=2&8fn=xan)vE!l%20j!uPv&vvWulRn)l=2&0NIf=0gT722Ug5s22E(g(7T(g2ggTM&vvHf=%7B%22vvI0%22%3A%22(Ug(%3Aiius%3Aggg(%3Agggg%3Agggg%3Agggg%3Agggg%3Agggg%22%2C%22vvuu%22%3A%22G1%22%2C%22vvvu%22%3A%22XD%22%2C%22vvuE*%22%3A%22YPii8H!%22%7D&0)li=T&cEWHvlu=T&sflct=3761804&ure=1
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:25 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25720
expires: Wed, 06 Dec 2023 00:17:25 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 60AC 15 B
178 B 132ms
130ms Script
text/javascript 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5381&&vgd_canary=0&vgd_l2type=scs_newfl&fp=_EDkNh8XVzSJTWKyegJehOZAZ0rANVdZg8_1aF-x76AF_ylshR4M9fxfq09YZTdw7MKkmt19YDhuaSc2xcDCJCpYHa2wh8y5yxh3P1pDa2YJSbgjYn5zwBul1kQ_50DT5ALSyWx85V7mJpIsLAl5VG4YxwR3t8MK&cme=Vu7qzbRBRkhYCwgEaryFPoQXlQgBrQkd21xKjulpZj5yeJEseZTXOyn1zWMJnru4FV_Gr0GVO3tXUS6uH2yPS8E5d5KvP6s6G2aiFCL1G6NqX4yB76-DA1X688nEwHS0hcCdglynjdke7-Xck42XZTR-uAw2HwvPoRG-bYEKojXQxyrTVY86rUPUF8jmLDUjoaRgHD4X0d-nqhxtgTSr15jhioxNRBYLa78cKxtCDfM%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CUFJJWZ1lEVdklaUp4Q9x5TG45h_4b8t5%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD5w_1bBPh5kqj55-sCz1ZHUzUDbc7BBRZVVJdDALnv9qHmWqPvYH_UT%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CPqxj8EU6Iuo4LyxzN8mLGtHtdrPTldA4L1WXBS3qrL5sMtHlHtRTFqoH6vx9llEubta-UDZpDIn5M066Gn2Z04L2G49Hj58KqLRZ_5dFwJBFPsxq25OhdglHm2i9PEDIZoC4W5fGvE4FOJQ6DHzTZBTigXN7KyvBHAam4gaXruxWoVW8NEczix2E0iC26U3ZqHQz3n8fuaQvqj6oMyDiEAakhjrdzVvuffUIkutfIq8FcqxW66Ni6Yde-tbV1IaPGpwgaCn1NZ8A6jwdOnF65vTpq4PCj0xc%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Who+Owns+This+Phone&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=213940948&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D120408%7C13%3D0.0618%7C14%3D120419%7Cokt%3D391%7Cbdkt%3D391%7Cir%3D1%7Ciid%3D21101394%7Cps%3D0.384%7C53%3D1.02%7C74%3D2.04%7C60%3D0.32%7C80%3D1.25%7C12%3D0.72%7C1%3D0.89%7C2%3D3.82&ktd[]=4503875327557888&kwd[]=5+Best+Medicare+Advantage+Plans&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=329937320&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D120408%7C13%3D0.1576%7C14%3D120419%7Cokt%3D391%7Cbdkt%3D391%7Cir%3D1%7Ciid%3D1572920%7Cps%3D0.384%7C53%3D1.74%7C74%3D2.04%7C60%3D1.40%7C80%3D8.96%7C12%3D3.87%7C1%3D2.48%7C2%3D10.79&ktd[]=4503875327566080&v=1&geo=43.12%7C-77.56&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170774626&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Gxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CU7Q771E&vi=1701735444558864218&vsid=3447370456634051&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=4&vgd_tsce=L338-S338&vgd_imdtl=1&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=43001ca2a&vgd_nrrsf=scrr&vgd_cty=rochester&vgd_ifrmode=14&sttm=1701735444601&upk=1701735445.23400&hvsid=00001701735444601016112663409725&verid=3111299&sbdrId=196&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1701735444156522872&vgd_ecrid=1700080807684000728009000059500&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=67119&vgd_vstrid=3447370456634051&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.uW~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuf9Huf~8xLjMGviXW.HW~xLjM7UNv9~xLjMLf1MGv9~Q7OvfuWHW9iu9X~YzMGJwMGmmQ7v9.Fh~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuX~GwM8YvuF9~L88Ex1vu9X%2Cu9X~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAuf9HuW~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~QYYMBLvi.fW9W~xLjMjvu9~QjevfA.fW~yN17vX9uuFu~GGvuiF~QYYMYxjv9.WA~JLEYv9.uW~ejfLMxLjMUNv949~EQ8MNvA%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvX.iA%2CXu.FA~QOvu~x8OvfV1ZjwR41A7jAiX%2FHJ~NejfLMGvf.u~G7OvA9hihuhFHAfXuiifuiiffWuhAHifHH9HiFWHFXAXHAfWiHi99uFfHAF9X9i9iiuiXHW9huuhAWH9h9HWhfFHfWfuHf9ff9XAifuuhhF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LNevHu.AW~%3DVvA9Xu~UGMxNvof~z7Qvu~UGMNNUQvof~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~GwMQOvf9fAuf9H9u~ONvW~ejfLMGvX.iA~77v9~eBMJ-Nv9.hH~e8QMQOvu9W~xLjMLEQMGvuf.fH~GwMNmv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyvf.u~e8QMxLjMGv9.HW~ejfLM8MQOvf9fAuf9Huf~e8QMxLjMjv9~J7vfh~ejfLM8MGv9.9f~e8QMGvXhf.X~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvu9W~LkevHu.AW~jfLMGvu999~QYYMQOvf9fAuf9HuA~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~eBxv9.hH~OfEMjvu9~Nejfvf.u~AENkvu999.9X~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iX~LEQMGvXu.FA~xLjMQLEQMGvuf.fH~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uX~xLjMLEQMLev9~NGOEv9.uX9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfuWHW9iu9X~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.hH~EmQvu~1NM75EJvu~1OGjUvfuWHW9iu9X~1YEvu~myG8Ov9.uW9~GkjLv9.9u9~Qx8Ov%3DK4b4qrAJ63Fy4_6HYVEdRM%2F9%2Fm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGofAFhu9W9HWfWhXuX~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfHX&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=266&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=514&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1127&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=50&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00001701735444601016112663409725&rc=0&rand=1701735445331&acid=e698be9bb283078f6a3b0d0f3bc1b6dd&matm=1701735445331&vgd_ltimesrc=1&vgd_ltime=1072&vgd_rtime=1070&vgd_etm=34&vgd_l1hcsd=Og4dd%7C7975&vgda_l1btm=%5B%22SPAMPXL%22%2C%22PRLG%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=6123&vgd_pgid=p01355604855t202312050017&vgd_csip=rtb-appnexus-54477f9df5-xdgr9.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3Dg%2Cgo%2Ci2%7Ccsh%3D1&vgd_end=2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Tue, 05 Dec 2023 00:17:25 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 15
expires: Tue, 05 Dec 2023 00:17:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 126ms
55ms XHR
application/json 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c90e4e7548d1ef2a1b70f771d3cd0458632699b5fb19f00a2e1ff0b5e270a7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12213
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A784 42 B
64 B 76ms
60ms Fetch
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGjsICIDYi8YjX3tbkapC1NpQZdROY142DPkrb_QWjEgFtiibUCeto7Z0aZPgBkMAdeYcwDvWt-GOtRYbiX-vQ9PwJJRA9UGxc8039J_7KTIPiS8nl_w&sig=Cg0ArKJSzIoVsGTyCO_rEAE&id=lidar2&mcvt=1003&p=0,0,94,728&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=2184809105&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701735442218&rpt=2515&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
hblg.media.net/ Frame A784 35 B
191 B 94ms
80ms Image
image/gif 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGU2OThiZTliYjI4MzA3OGY2YTNiMGQwZjNiYzFiNmRkhp20oAaYBwRVUyxub3ZhZ2VuZXNpcy5zaGl2dHIuY29tEjhDVVU5SkY4SAAMNzI4eDkwDmVhc3Rfc2MEMjMGQURYEjhQUjExM0pHQw5CSURfQVBJAAACMEBydGItYXBwbmV4dXMtNTQ0NzdmOWRmNS14ZGdyOS5TQz4xNzAwMDgwODA3Njg0MDAwNzI4MDA5MDAwMDU5NTAwAjAAIgAQRVhDSEFOR0UCAmQ&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:25 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 05 Dec 2023 00:17:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
36ms Script
text/javascript 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 00:17:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C63 13 KB
5 KB 55ms
50ms Document
text/html 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.novagenesis.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 14183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:21:02 GMT
expires: Tue, 03 Dec 2024 20:21:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 80FB 829 B
559 B 60ms
54ms Document
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1cdbd5d2c4509c2cd57387f034ab8289d5d0546c0ca974ad2c00b7f38dffece4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tz4iXggrWF_zNVQmrjo8DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.novagenesis.shivtr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Tz4iXggrWF_zNVQmrjo8DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 00:17:25 GMT
expires: Tue, 05 Dec 2023 00:17:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 80FB 0
0 68ms
67ms Image
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=2273848749008554&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C63 39 KB
15 KB 57ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 22:10:45 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F02 42 B
64 B 65ms
61ms Fetch
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgTu_5NqzhmpiiCMLKzEBp34v-bCszGTvXaPvGRvaiB5NlAsnXPw_6B-qKbgdemE6kAAbsCZcME5buhHbpeBcXmqnNxzMQ83Nva2j2wmb7srzElDqVND1fvr0yrQW8VxeoxehkHKXrznE-&sai=AMfl-YR0-8zbC1LQggjzPpJKtLi5_4rLAQXDt16enOCcS0A-dP9CBtebL1wUHc1CDBcmB6o4Ct6rlUiBCGKkZ9FVwGIM_68gAtfr6fHjheeJ-y-BG8fFMqgjR6W5WrQNtGy51Ybs-gS8x4C1zHlTw0fs0Mjlm3n86xnDgQqs&sig=Cg0ArKJSzFVU5tdXVudNEAE&cid=CAQSTwDICaaNmcR1dK_F9vnkd4nxFNfwIhKKy7kLwY_qm4IWWo0Xt6QdCWcuPL2dLyV9SsE8dwaC0C0asDcIAS8jVLhHVb81YWtW2XqzHBG2uSEYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701735443486&rpt=1476&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5C63 0
10 B 41ms
39ms Image
text/plain 2607:f8b0:4004:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mcTS7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:17:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 log
lg3.media.net/ Frame A784 35 B
176 B 88ms
86ms Image
image/gif 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CU7Q771E&vi=1701735444558864218&hvsid=00001701735444601016112663409725&cdv=1127&bid=349920&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=659&l2s_downloadTime=16&l2s_total=676&l2s_start=2419&l2s_sslTime=0&l2s_trfSize=30.9&l2s_decSize=74.7&l2s_encSize=30.6&l2s_nhp=h2&l2s_host=contextual.media.net&bql_dnsTime=0&bql_connectionTime=0&bql_waitTime=132&bql_downloadTime=0&bql_total=133&bql_start=732&bql_sslTime=0&bql_trfSize=0.3&bql_decSize=0.0&bql_encSize=0.0&bql_nhp=h2&bql_host=lg3.media.net&l1s_dnsTime=0&l1s_connectionTime=82&l1s_waitTime=239&l1s_downloadTime=41&l1s_total=280&l1s_start=1985&l1s_sslTime=48&l1s_trfSize=39.7&l1s_decSize=104.6&l1s_encSize=39.4&l1s_nhp=h2&l1s_host=contextual.media.net&font_dnsTime=0&font_connectionTime=0&font_waitTime=111&font_downloadTime=1&font_total=112&font_start=700&font_sslTime=0&font_trfSize=25.4&font_decSize=25.1&font_encSize=25.1&font_nhp=h2&font_host=contextual.media.net&kimg_dnsTime=0&kimg_connectionTime=0&kimg_waitTime=116&kimg_downloadTime=0&kimg_total=117&kimg_start=696&kimg_sslTime=0&kimg_trfSize=11.6&kimg_decSize=11.3&kimg_encSize=11.3&kimg_nhp=h2&kimg_host=contextual.media.net&gdpr=0&mspa=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 00:17:26 GMT
strict-transport-security: max-age=21600
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 05 Dec 2023 00:17:26 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame A784 15 B
15 B 99ms
93ms Image
text/javascript 104.125.88.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2727&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=839288643&vgd_tsce=L338&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349920&vgd_cdv=1127&vgd_cage=3&vgd_rensize=728_90&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.uW~OmYMGv9.XA~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAuf9Huf~8xLjMGviXW.HW~xLjM7UNv9~xLjMLf1MGv9~Q7OvfuWHW9iu9X~YzMGJwMGmmQ7v9.Fh~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGvuX~GwM8YvuF9~L88Ex1vu9X%2Cu9X~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fAuf9HuW~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~QYYMBLvi.fW9W~xLjMjvu9~QjevfA.fW~yN17vX9uuFu~GGvuiF~QYYMYxjv9.WA~JLEYv9.uW~ejfLMxLjMUNv949~EQ8MNvA%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~1AEMGvX.iA%2CXu.FA~QOvu~x8OvfV1ZjwR41A7jAiX%2FHJ~NejfLMGvf.u~G7OvA9hihuhFHAfXuiifuiiffWuhAHifHH9HiFWHFXAXHAfWiHi99uFfHAF9X9i9iiuiXHW9huuhAWH9h9HWhfFHfWfuHf9ff9XAifuuhhF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iX~QQvIK~NNvPb~x8Bvou~NJv9~LNevHu.AW~%3DVvA9Xu~UGMxNvof~z7Qvu~UGMNNUQvof~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~GwMQOvf9fAuf9H9u~ONvW~ejfLMGvX.iA~77v9~eBMJ-Nv9.hH~e8QMQOvu9W~xLjMLEQMGvuf.fH~GwMNmv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyvf.u~e8QMxLjMGv9.HW~ejfLM8MQOvf9fAuf9Huf~e8QMxLjMjv9~J7vfh~ejfLM8MGv9.9f~e8QMGvXhf.X~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvu9W~LkevHu.AW~jfLMGvu999~QYYMQOvf9fAuf9HuA~L1OEv9.999%2C9~Q8OvXAFFWWXHH~xLjMLEQMUNv9~eBxv9.hH~OfEMjvu9~Nejfvf.u~AENkvu999.9X~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iX~LEQMGvXu.FA~xLjMQLEQMGvuf.fH~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uX~xLjMLEQMLev9~NGOEv9.uX9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfuWHW9iu9X~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.hH~EmQvu~1NM75EJvu~1OGjUvfuWHW9iu9X~1YEvu~myG8Ov9.uW9~GkjLv9.9u9~Qx8Ov%3DK4b4qrAJ63Fy4_6HYVEdRM%2F9%2Fm~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QyY7vjmzyM718jMwmYJE1yJMN17Nw1jj~QmGEv~-8OvKrtoExGofAFhu9W9HWfWhXuX~w7Yjvu~QYYM1E8veu~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfHX&vgd_lbt=50&vgda_l1btm=%5B%22SPAMPXL%22%2C%22PRLG%22%2C%22URLDC%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=536688544&rrr=tzR-hLcl-L8PYtgt14lt3qRaS44gyWtu-23lFn7MfGflKuNKyrttJg%3D%3D&requrl=https%3A%2F%2Fwww.novagenesis.shivtr.com%2F&vi=1701735444558864218&ugd=4&cc=US&sc=NY&bdrid=460&subBdr=196&startTime=1701735444592&l1ch=1&l1hcsd=l1!Og4dd|7975&mmm=aMC8Cg944axABMDuzGoD_y7OpVBGdbOEklfQdGZ-950=&buid=349920&sttm=1701735444601&upk=1701735445.23400&hvsid=00001701735444601016112663409725&acid=e698be9bb283078f6a3b0d0f3bc1b6dd&verid=3111299&infr=1&twna=1&dma=514&stime=1701735444297&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1701735444156522872&vgd_sc=NY&vgd_ecrid=1700080807684000728009000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01355604855t202312050017&vgd_pgids=1&vgd_end=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.125.88.24 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-125-88-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Tue, 05 Dec 2023 00:17:26 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Tue, 05 Dec 2023 00:17:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 143ms
133ms Image
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=2273848749008554&bg=!ExClEF_NAAY3kmNgF5I7ADQBe5WfODIY_iEXXEQepxUdJ5S9hL4KfX6UvdwYuCe19P_Gyclyd9HhjeW1RVI-b5dNSd_oAgAAAMNSAAAABGgBBwoAC7vkXhhWqEXOh-31mQLKCHl3uYA6nI2Bs63Jprz-LqRCUNGsJniQ2W62c1L4fhQ1T_GPnjwRP2eRtqlq0Dsq8PePHX_vaR9IOAzxa4jYjVwmCKIwviNAgtF26zcrXBRkPr6H_tSi8SeYFRPBsAe0-byh7Bm3QqzfRRlkLVcRB1sm4MWw2QoyqUhIRYkXodg79XNwAUfH3EiFKhXFTr_SalgjpF_QE2f2cCXc8fmvSBy_LgIxKU0IdAf8pE9UMsYNCgMa7lG_eXBPRcA0WJLW5rYkOW74SJH-Qv04zfulxVQf9QLt5RG7EOpmq6tyJP1JIq9ybTIT66o4XoZ14guW3eoF5_ZWEruYmeCWGOCNmGkh0qLg2XTc94pjtlAa6yTHjPLU-KecqeCLzscV1Bo4uJy-URgxgtVDWTuFx5KACg973ECQjgoFC2m5y8EJBwhleXISYgdOdl0o5cXk-DDIJX9CsKVfVzO_4hedakd00olu-yhELVrfHjVqu6IzHIFXVvg9pIg9hFHrLkj5c3PKj_9pmc69Bsq_EqubXTR-aYBgWn_il6WRl5R4U91socOiwW2IpnnPBgg4Jdt2_NnAyGPnjJbx9-YqU4PoLsX5EF3Cpe2q_ZGKIfvZnsijzhw-BwmXMK-w-6z5Ri1U2x4hzuae2wm3a-HoHlw1Nug2XzymmKI4yhQI0xTqfqpk_ALrY0MwO9hYqJmvzJC4q4LzOIkzHG6LYehl8pMzTczMzoKLSnk9WxNwxpFDrBGMkAvjqTdu0BKrHe_vjf0z3l7qxIj-mWowQSZW3lKbpNazmXQX6bW1xrgUsx9f3_dzl5MdOvm_7-8nPp2gX0Bz6qEHfWZxz8fYqTU-RdDlCvAJ9bqN7_T2l2d-SrN-cgd0Fzdlu7DN2sm6BXo7PRmE_eG1n-t1SxFtR-lbC7ZkIP7QVEyjqSbAGj3YhkzJB_i0dIqzwr50fsrgCMVz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.novagenesis.shivtr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.novagenesis.shivtr.com/	1969-12-31 23:59:59	Name: site_game_id Value: 123798
www.novagenesis.shivtr.com/	1969-12-31 23:59:59	Name: _shivtr_bakery Value: Ulpzeyj7T5UFq6mZ6fuKSvMyKbZcBX9FHBk587ZFruUBBS35GF4AIZol57d%2BrdRYYyv7tzkw4fhvN0r8jZF5IOsyIB17c3kDzGcU1dXbAXBvPuZMG%2FGe8F4k%2F%2B7dUECYPVubMBMgPVr1c%2BSXtFShKmjenTPfaQAJnpPtAEXQRAVhp7GIy1HT6JMjttvneQhtibQeFB7VqtstnxgiSfAoy%2FV58ONrYPg58YimnRmDo2b6YdCPQM5Uk78aNT9g7PnSf13OC0dZIbHGFwvzO7QEiKDHVl%2BaI7B3O%2FWeibbuUbLaEHeFIfVg--iD7o5dfLB%2BJeJZtH--UNDpCFsVIILbmdKSwNYqqw%3D%3D
.doubleclick.net/	1970-01-21 02:18:15	Name: IDE Value: AHWqTUmqnYT75IeuKYR4WjM1RuM1Wrn-qOg791v6fa6uXySt9zyaQJjiIVN9pnjA-2c
.shivtr.com/	1970-01-21 02:03:51	Name: __gads Value: ID=c0d7ba0b65508786:T=1701735442:RT=1701735442:S=ALNI_MbsbfDvGTiTpT_A27-U5bNppbbwWg
.shivtr.com/	1970-01-21 02:03:51	Name: __gpi Value: UID=00000da5b4c12f42:T=1701735442:RT=1701735442:S=ALNI_MYsAZnkXeI27hcLzY6jyszFi7hHig
.doubleclick.net/	1970-01-20 16:42:19	Name: DSID Value: NO_DATA
.media.net/	1970-01-21 01:27:51	Name: visitor-id Value: 3447370456634051000V10
.everesttech.net/	1970-01-21 01:27:51	Name: everest_g_v2 Value: g_surferid~ZW5sFQAEf1zt2AAM
.bidswitch.net/	1970-01-21 01:27:51	Name: tuuid Value: 6279bb1e-41c3-445b-af60-8f0db26d85a9
.bidswitch.net/	1970-01-21 01:27:51	Name: c Value: 1701735445
.bidswitch.net/	1970-01-21 01:27:51	Name: tuuid_lu Value: 1701735445
.w55c.net/	1970-01-21 02:13:56	Name: wfivefivec Value: siHqU1lD1Raj7T5
.googleadservices.com/	1970-01-20 18:51:51	Name: ar_debug Value: 1
.w55c.net/	1970-01-20 17:25:27	Name: matchgoogle Value: 5
.quantserve.com/	1970-01-20 18:51:51	Name: d Value: EHkBCQHLKoEA
.quantserve.com/	1970-01-21 02:12:29	Name: mc Value: 656e6c15-86571-d2a9d-b46e8
.media.net/	1970-01-20 17:02:25	Name: data-g Value: CAESEAq8dv9aPBIdGFEIKRfX2xQ~~6
.uuidksinc.net/	1970-01-21 01:27:51	Name: jcsuuid Value: 9F5JzYswJBxVzblihJLM
.yandex.ru/	1970-01-21 02:18:15	Name: yuidss Value: 3601667331701735445
.yandex.ru/	1970-01-21 02:18:15	Name: yandexuid Value: 3601667331701735445
.adx.opera.com/	1970-01-21 01:27:51	Name: UID Value: OPU9c63497c364642ebae1511e91713fc0b
.creative-serving.com/	1970-01-21 02:03:51	Name: tuuid Value: f15cc977-bff9-45bc-aad7-d5a6984d9af1
.creative-serving.com/	1970-01-21 02:03:51	Name: c Value: 1701735445
.creative-serving.com/	1970-01-21 02:03:51	Name: tuuid_lu Value: 1701735446

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
an.yandex.ru
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.media.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
pagead2.googlesyndication.com
pm.w55c.net
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
s.uuidksinc.net
s3.amazonaws.com
static.shivtr.com
sync-tm.everesttech.net
t.adx.opera.com
tpc.googlesyndication.com
warp.media.net
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.novagenesis.shivtr.com
x.bidswitch.net
104.125.88.24
142.251.167.156
151.101.2.49
172.253.63.155
23.193.217.21
23.37.123.169
23.55.235.225
2600:1f1c:a99:832c:cd3f:57:d0bc:dbb2
2607:f8b0:4004:c06::84
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c1b::69
2607:f8b0:4004:c1d::9d
2a02:6b8::90
31.220.27.135
35.211.178.172
45.33.21.148
52.217.165.248
52.3.97.218
54.163.200.175
82.145.213.8
00fb853a2d82cfbfe152c7b69b73c3ab9b9cc7c314b9eb69594ad62cb2e2304e
0598e6a9cc1efff51791bf0e4bf98a0880e6f9fbeff4edfba867ea4d000aefee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11e77de144acdec2c8fe7018f32ca3ec5f683da0277f05c3e7adaf35dffec399
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
17ec1edb6c24741e065bcc3cca86569b341a1998a53c02ed87122c140bcf9d75
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1cdbd5d2c4509c2cd57387f034ab8289d5d0546c0ca974ad2c00b7f38dffece4
212d98fd397705ba5dd23914977cfbb6846300266b0fd8bc6e84c86d6ce0852a
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2a14afd59068f8abd4ba1521dae83dfd9a2dc03c932eef81bac3a3fac17e783e
2ca6be624c9359db914ea6c19113ff2351a287d795e17bb2abcbac531c2702e7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
38c8e7d308221669970718c01dc8fd2aebc1c44f60452f5833967e655b0ecd64
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eead67e8a06eee515a7126d544630c4a0eef8913e86a5b4cdb4c8ca771db7d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65bea3df81cb127b119f5bb2b8803742134a1d170b50eb1c5357883b699b92bf
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
691650bed8e111d545f703950751f3a2df2c7f1bf19d26f2278dd2a047d5539f
6c92bfbcff3e6fdc127e7b14cf77d5ca14cd2c2e70053c09663074c13d3b977d
6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed
7043b7b8002938339e2f031163be9b5f49f7f528e3c24a1abdb9cf1506c52c90
7391ae809651713b8793b54cd3784733ac6ef6d860d9d0f5744cd57218bc74b2
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
86954474e853bfc3537a8c247f974000cb5b09b854f244efcbe4dff5720f4975
86c06c5c4747bb6da8d7594ed31b1494459d202ba31ede706bf8f741acedc9b3
8b15bc8303c5f68394630427c547e815dc9437fdfd1cee76b9caa3d690f9f2b2
920e0c120ac075a4196ad4ac66ed27c4d19516712b2cbf53fd098e937a2aaba2
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
97db4c24409f1c547cb7e6f555157715bd8e6a9fce7616584a3cb2417b76109c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b446ba86d09a887f03e811879f364b745e47dd158012fbd54fd3ccdafba92ed
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e2e766b44b4bd31a6887776e57d5a5f502237e48cf90ded21436cfb6addf0be
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
bd87155150c9d2eb909a72c934402d2146a8b360a98d51ac2e11ddf49b8edfb3
c34095c26da430d0303af6ab8332845759cd55836dcf1a6db5dbf05b455f87a1
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c90e4e7548d1ef2a1b70f771d3cd0458632699b5fb19f00a2e1ff0b5e270a7a4
d50d10d88d12973de194fb002ef6315bd5fe89d0f40db6efbbf182cb8d2d1273
dc86183c64a971df266cf43382fe00a3b1c600ec6107714e06597192164b82b5
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.novagenesis.shivtr.com Open in urlscan Pro 45.33.21.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

91 %HTTPS

42 %IPv6

19 Domains

28 Subdomains

19 IPs

1 Countries

2102 kBTransfer

4582 kBSize

24 Cookies

6 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.novagenesis.shivtr.com Open in urlscan Pro
45.33.21.148 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

91 %
HTTPS

42 %
IPv6

19
Domains

28
Subdomains

19
IPs

1
Countries

2102 kB
Transfer

4582 kB
Size

24
Cookies

92 HTTP transactions
5 data transactions