exploringancientcivilizations.viralkhabarpost.com Open in urlscan Pro
149.28.39.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exploringancientcivilizations.viralkhabarpost.com/
Submission: On January 31 via api (January 31st 2024, 6:23:16 pm UTC) from US — Scanned from US

Summary HTTP 106 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 9 domains to perform 106 HTTP transactions. The main IP is 149.28.39.79, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is exploringancientcivilizations.viralkhabarpost.com.
TLS certificate: Issued by localhost on January 29th 2024. Valid for: a year.

This is the only time exploringancientcivilizations.viralkhabarpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	149.28.39.79 149.28.39.79	20473 (AS-CHOOPA) (AS-CHOOPA)
16	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
4	142.251.40.234 142.251.40.234	15169 (GOOGLE) (GOOGLE)
2	142.250.72.104 142.250.72.104	15169 (GOOGLE) (GOOGLE)
2 9	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
4	142.250.64.67 142.250.64.67	15169 (GOOGLE) (GOOGLE)
3	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
11	142.251.32.110 142.251.32.110	15169 (GOOGLE) (GOOGLE)
20	142.251.32.97 142.251.32.97	15169 (GOOGLE) (GOOGLE)
4	142.251.40.163 142.251.40.163	15169 (GOOGLE) (GOOGLE)
1 2	142.251.40.228 142.251.40.228	15169 (GOOGLE) (GOOGLE)
4	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
106	13

27 149.28.39.79 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.39.79.vultrusercontent.com

exploringancientcivilizations.viralkhabarpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
viralkhabarpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.104 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.40.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.32.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.251.32.97 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.163 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	744 KB
27	viralkhabarpost.com exploringancientcivilizations.viralkhabarpost.com viralkhabarpost.com	1 MB
13	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	140 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	89 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	147 KB
106	9

	Domain	Requested by
25	viralkhabarpost.com	exploringancientcivilizations.viralkhabarpost.com viralkhabarpost.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	exploringancientcivilizations.viralkhabarpost.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googleadservices.com	googleads.g.doubleclick.net exploringancientcivilizations.viralkhabarpost.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	exploringancientcivilizations.viralkhabarpost.com googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagmanager.com	exploringancientcivilizations.viralkhabarpost.com www.googletagmanager.com
2	exploringancientcivilizations.viralkhabarpost.com	viralkhabarpost.com
106	13

This site contains links to these domains. Also see Links.

Domain
viralkhabarpost.com

Subject Issuer	Validity	Valid
localhost localhost	`2024-01-29` - `2025-01-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.viralkhabarpost.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://exploringancientcivilizations.viralkhabarpost.com/
Frame ID: EC725CB15B0B2E9D3C7B4489C5D264D9
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 2D9D2DAC684E8CD8CFB7F7F750AE9C70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&adk=1812271804&adf=3025194257&lmt=1706725391&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706725391470&bpp=121&bdt=253&idt=435&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8619058869077&frm=20&pv=2&ga_vid=487385395.1706725392&ga_sid=1706725392&ga_hid=1830467861&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809003%2C95320376%2C95320889%2C95323008&oid=2&pvsid=2846876818998824&tmod=9230567&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=472
Frame ID: 9559DA47CB8B90D99F898CB0A21E2C64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1706725391&format=780x400&url=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706725391602&bpp=3&bdt=386&idt=345&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619058869077&frm=20&pv=1&ga_vid=487385395.1706725392&ga_sid=1706725392&ga_hid=1830467861&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809003%2C95320376%2C95320889%2C95323008&oid=2&pvsid=2846876818998824&tmod=9230567&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353
Frame ID: E862AA2C9B8C6B6B78164ADF31E42C06
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A5E0E6A181D097B7FA6A3F2AFE677C3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 02068D7AD57411934690AA10BAFDE517
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: D389F42B6DFCD584752DB6A0DC1FE3D9
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EF0D53DD5A0C6C31B83D29C709850FE4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 312F3BA766CCBB5A0530014DC77D8AD4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 7BB4F79FA19BB9C3CE58E9E4DAC79E14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 91E0D990B04752880181A6264DB2C113
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71720E111CAD48E00ABC31C4BD228835
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01ABE0CF936FFFF614B7B4D641D03627
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News Today

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

106
Requests

93 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

13
IPs

1
Countries

2642 kB
Transfer

4733 kB
Size

11
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://viralkhabarpost.com/
Title: News Today

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/category/ancient-archaeology/
Title: Ancient Archaeology

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/category/pets/
Title: Pets

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/category/uncategorized/
Title: Uncategorized

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/unveiling-the-mysteries-of-the-500-year-old-qilakitsoq-mummies-a-closer-look-at-the-chilling-fate-of-a-6-month-old-baby-among-the-preserved-greenlandic-women-and-children/
Title: Unveiling the Mysteries of the 500-Year-Old Qilakitsoq Mummies: A Closer Look at the Chilling Fate of a 6-Month-Old Baby Among the Preserved Greenlandic Women and Children

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/author/ancient/
Title: Ancient

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/pregnant-mummy-mysterious-lady-may-have-died-of-cancer/
Title: Pregnant mummy ‘Mysterious Lady’ may have died of cancer

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/world-900-year-old-sword-dating-back-to-the-crusades-found-at-the-bottom-of-the-mediterranean-sea/
Title: WORLD 900-year-old sword dating back to the Crusades found at the bottom of the Mediterranean Sea

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/the-gold-bracelet-in-pompeii/
Title: The Gold Bracelet in Pompeii

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/unwavering-and-unconditional-a-mothers-love-is-evident-even-in-the-face-of-hardship-a-homeless-woman-in-america-is-devoted-to-her-seven-pet-dogs-protecting-them-and-never-wanting-to-give-them-up/
Title: Unwavering and unconditional, a mother’s love is evident even in the face of hardship. A homeless woman in America is devoted to her seven pet dogs, protecting them and never wanting to give them up in the face of adversity.

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/author/lovepets/
Title: lovepets

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/every-day-at-sunset-a-3-year-old-kid-named-brian-and-his-devoted-dogs-trot-next-to-the-fence-seemingly-like-a-mother-returning-from-the-market-and-touching-millions-of-people/
Title: Every day at sunset, a 3-year-old kid named Brian and his devoted dogs trot next to the fence, seemingly like a mother returning from the market and touching millions of people.

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/uplifting-a-little-puppy-who-had-been-set-free-from-a-dog-butcher-rushed-over-four-kilometers-to-visit-a-pal-who-had-also-been-taken-prisoner-at-the-same-facility-giang/
Title: Uplifting A little puppy who had been set free from a dog butcher rushed over four kilometers to visit a pal who had also been taken prisoner at the same facility. – Giang

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/despite-being-starving-and-on-the-verge-of-death-the-exhausted-dog-made-an-incredible-and-quick-recovery/
Title: Despite being starving and on the verge of death, the exhausted dog made an incredible and quick recovery.

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/a-tale-of-unlikely-companions-lost-puppy-finds-solace-next-to-a-fish-in-a-rare-moment-of-animal-friendship/
Title: A Tale of Unlikely Companions: Lost Puppy Finds Solace Next to a Fish in a Rare Moment of Animal Friendship.

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/embers-of-hope-telling-the-heartwarming-tale-of-dogs-rescued-from-euthanasia/
Title: Embers of hope: Telling the heartwarming tale of dogs rescued from euthanasia ‎

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/page/2/
Title: 2

Search URL Search Domain Scan URL

URL: https://viralkhabarpost.com/page/23/
Title: 23

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=C4HY8EJC6Ze8U3-yuvg-a-bDQCLmqkZN12LOytMISv-EeEAEguPGXMGDJvrmH4KO0EKABkc20vgPIAQKoAwHIA8kEqgSNAk_QTgGmarFEi5SzZkOBK7OU-AT9TVpYr20A6BEf7Ifk-fOExHqPHgbN42dy52gc_U4Lk7Cmyf9s0i2JQwhHPQ0QFgv6kmW1K9Yt9LDrpOkIJkPkUY5qVGAbbD-Df3P13c2XoVnef7pzpx10Iu5MfH7sr63wg-oywonRmQCLMcb_744vnTyrF9dqkZz0N1pS4pEqg8NxpwT0Uhi9QNZ7Jd8zg-4iyNxOWJENQ6PO01RCPQ1oWCBhxoZjUJdBmFfVXDHaQ9HRjUomagRkWBkJ3OnpSfVy0vrHbxhtUTpaXWJBqMd4-0n2p7pJLB2s0ydaVcUNcGb-Vm-WJqKKQ9g_nkJk4Ui2AmDcEQEo2sF4wAS5z-6MvgSIBa6w4cpNkgUECAQYAZIFBAgFGASgBgKAB9eyy0GoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDZlhrSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMad4MWfiIQDmgk2aHR0cHM6Ly93d3cuZGlhbHBhZC5jb20vZHAvcmVhbC10aW1lLWFpLXRyYW5zY3JpcHRpb24vgAoByAsB2gwRCgsQwLq6npOz3dGqARICAQPYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItMjY2NjQ0NTY2MTk0ODYwMhgA&sigh=1JL8L2qwgPE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_fyCcJll9gp9_V3D2OJJTQ1m9M1arMEAE2aUkI_TeuVUqPF5rGNCVpFDY7JpbvhgtC_epNMTShzulM9ViHxXBy37zhNmY2nu3Of0YAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x95a7502fa458212c0000000000000000%22,%222%22:%220x2d9e1be7272669790000000000000000%22,%223%22:%220xdd846099622c7750000000000000000%22,%224%22:%220xbc0b5697b91e8e9c0000000000000000%22,%225%22:%220x52223d2e33c5bdb20000000000000000%22},%22debug_key%22:%221087225305911611625%22,%22debug_reporting%22:true,%22destination%22:%22https://dialpad.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22936191633%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223654008715881380657%22}&andc=true

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=CHY6YEJC6ZdUDvcug8w_U7LuQCL6o3bN1yfqCq_YRZBABILjxlzBgyb65h-CjtBCgAfHqmZoDyAEJqAMByAPLBKoEkAJP0NUjGFAt8XxQAjEx-WkFMUEcj3Od1UVn9auR5V3Yo76uBzKITyTZivqaBOZbhLW1ProbS_cmjKMKX6GXg3U1xes2h7KAaYpuZZQuGJhqbpIMmRnIVD7kwrNu7N8xYz1OoJtRpJvnEiHMWX9c-9bxS3I4eFGmst5697PwPQTNJGfcL5PAH4QtrUZBk6-4qP7-a2_YUbXb1GMPcGizT51sA2Ima8Pl-X5ZP7hZNAxguV680mON9eaQMq0iojKiwRRQvWhjlyRIKwoFDST5YKCX3AQDoZZe7kUe2tZmyYBdmyfg2RLNlOB0VBK4k1-obnoCMTaUxp_hwxUJFoiWcK_wPdpGpB4MFcv20N54yHWFvcAE3YuigL4EiAWqvaTlTZIFBAgEGAGSBQQIBRgEoAYugAf3lOZlqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ3L0S0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliGheDFn4iEA5oJeGh0dHBzOi8vd3d3LnNtb290aGlla2luZy5jb20vP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cGVyZm9ybWFuY2VtYXgmdXRtX2NhbXBhaWduPXNrX25tZl8yMDIzJnV0bV9jb250ZW50PWV2ZXJncmVlboAKAcgLAZgM3LH86ugE2gwRCgsQ8JretdOGurvhARICAQO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTI2NjY0NDU2NjE5NDg2MDIYAA&sigh=nz0HCXrdVn8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_PA_LNXaRBQSo2paUrSB3gmvU7w0mWJ_F5SX87q8zojIpNSi2RdoAiUrZAMLHrjREcZsE9y3n-crKzPxbJm64LpDfEdr22ZoCSxgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x704d41184ebd07e20000000000000000%22,%222%22:%220xb368add0ac1abd760000000000000000%22,%223%22:%220xed0aca50912a1f9b0000000000000000%22,%224%22:%220xa79a4a7a9a5a50c80000000000000000%22,%225%22:%220xe8a9de7f087c49ed0000000000000000%22},%22debug_key%22:%226336254527688431126%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211717810929924968369%22}&andc=true

106 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exploringancientcivilizations.viralkhabarpost.com/ 89 KB
89 KB 355ms
228ms Document
text/html 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 42f3a012fd9eee4f71fc58faa6320c9f62faaccb34dbf0376195ca180799bfee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 18:23:11 GMT
link: <https://viralkhabarpost.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 186ms
88ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2666445661948602

Requested by

Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

9d149fb7f4ff5b84fe5bdec6e0a19f0a2b32ab081673affaf2be1adb3c1f80ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Origin: https://exploringancientcivilizations.viralkhabarpost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51408
x-xss-protection: 0
server: cafe
etag: 10243572445633215849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 31 Jan 2024 18:23:11 GMT

GET
H2 200 style.min.css
viralkhabarpost.com/wp-includes/css/dist/block-library/ 108 KB
108 KB 286ms
141ms Stylesheet
text/css 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Tue, 30 Jan 2024 22:12:34 GMT
server: nginx
etag: "65b97452-1ae43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 110147
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
BLOB 200
OK 59769d5b-83fc-4f74-b598-6fecc1f29a92
https://exploringancientcivilizations.viralkhabarpost.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://exploringancientcivilizations.viralkhabarpost.com/59769d5b-83fc-4f74-b598-6fecc1f29a92
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
970 B 205ms
62ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Requested by

Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 18:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 16:44:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 18:23:11 GMT

GET
H2 200 all.min.css
viralkhabarpost.com/wp-content/themes/blogita/assets/css/ 98 KB
99 KB 165ms
72ms Stylesheet
text/css 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/css/all.min.css?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: f0c7b8d85cf716a020ea19fac22314de48452bc98568517fabdb0ca99ce66930

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-189b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 100787
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 bootstrap.min.css
viralkhabarpost.com/wp-content/themes/blogita/assets/css/ 189 KB
189 KB 212ms
120ms Stylesheet
text/css 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/css/bootstrap.min.css?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 20deaff9c96077fcdd7958eedd90d1d441d51498e382cd545dedb6eaa95b6f69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-2f3ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 193535
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 swiper-bundle.min.css
viralkhabarpost.com/wp-content/themes/blogita/assets/css/ 16 KB
16 KB 232ms
140ms Stylesheet
text/css 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/css/swiper-bundle.min.css?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: cd064b12bf474f592e665401e05432a6407e5980a3a24175476da425933ffb64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-4003"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16387
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 meanmenu.min.css
viralkhabarpost.com/wp-content/themes/blogita/assets/css/ 3 KB
3 KB 234ms
142ms Stylesheet
text/css 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/css/meanmenu.min.css?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: bb0ac9b634f5bc703946a5622284e26da37237e4122b5db2976d18d5774c907a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-a3d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2621
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 master.css
viralkhabarpost.com/wp-content/themes/blogita/assets/css/ 42 KB
42 KB 234ms
142ms Stylesheet
text/css 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/css/master.css?ver=1.0.3
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 5e81483ecba6272a12d4953e06e81118baeb778e4917ec498142d9a182ede289

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-a8ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43263
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 style.css
viralkhabarpost.com/wp-content/themes/blogita/ 1 KB
2 KB 232ms
140ms Stylesheet
text/css 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/style.css?ver=1.0.3
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: f1085f59c6b76fcab860403b7900d56c3225b5b51c04ca21a400e9b2fe608f18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-596"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1430
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 jquery.min.js Show response
viralkhabarpost.com/wp-includes/js/jquery/ 86 KB
86 KB 234ms
143ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
etag: "64ecd5ef-15601"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 87553
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 jquery-migrate.min.js Show response
viralkhabarpost.com/wp-includes/js/jquery/ 13 KB
13 KB 241ms
151ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
etag: "6482bd64-3509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13577
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 195ms
87ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-238435650-1

Requested by

Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

30388e751b85c306dc05c4aababb2ff00787a76e069fa282caa563e83ee67867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70025
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Jan 2024 18:23:11 GMT

GET
H2 200 1-400x300.gif
viralkhabarpost.com/wp-content/uploads/2024/01/ 83 KB
83 KB 230ms
151ms Image
image/gif 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/1-400x300.gif
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: d77fa2a679cd89d740dfe8caaee9dcc01297e6f53225f322d25e74af5d374399

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 14:58:13 GMT
server: nginx
etag: "65ba6005-14af0"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 84720
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 1-95-400x300.jpg
viralkhabarpost.com/wp-content/uploads/2024/01/ 22 KB
22 KB 105ms
102ms Image
image/jpeg 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/1-95-400x300.jpg
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 9e621c1c8ed558bd7c9acd3ca508af65598bc7525dd9910bca70cd7ab2b571c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 14:53:17 GMT
server: nginx
etag: "65ba5edd-57d6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22486
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 3-42-400x300.jpg
viralkhabarpost.com/wp-content/uploads/2024/01/ 43 KB
43 KB 106ms
104ms Image
image/jpeg 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/3-42-400x300.jpg
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: e53d55a080d8ca1a1deb92df1d0882ef36210fccc9518386c986d9f1d3e71189

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 14:49:37 GMT
server: nginx
etag: "65ba5e01-abd0"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43984
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 navigation.js Show response
viralkhabarpost.com/wp-content/themes/blogita/js/ 3 KB
3 KB 43ms
42ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/js/navigation.js?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-ba4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2980
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
viralkhabarpost.com/wp-content/themes/blogita/assets/js/ 78 KB
78 KB 43ms
43ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/js/bootstrap.bundle.min.js?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 02f554d4905a6125975237d1735f2d0f4b6382ab6b5a6b4806767ede85b4fee4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-13784"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79748
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 swiper-bundle.min.js Show response
viralkhabarpost.com/wp-content/themes/blogita/assets/js/ 139 KB
139 KB 44ms
42ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/js/swiper-bundle.min.js?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: d1eff77ea5f031ba4a37d5328646643dad867691c993b0b3345c62899392fa2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-22c4c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 142412
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 jquery.meanmenu.min.js Show response
viralkhabarpost.com/wp-content/themes/blogita/assets/js/ 4 KB
4 KB 48ms
45ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/js/jquery.meanmenu.min.js?ver=1.0
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: eaf2ccc92a9f802623e6eb69af21a03fc6ba48b509201e2ded5165b58f22957e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-fb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4019
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 main.js Show response
viralkhabarpost.com/wp-content/themes/blogita/assets/js/ 3 KB
3 KB 48ms
46ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/js/main.js?ver=1.0.3
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 2234f3df716f86e56e227f80011d40c0ed650b200e58d96e9c9f1ef7f7f648d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Mon, 29 Jan 2024 11:15:19 GMT
server: nginx
etag: "65b788c7-a8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2698
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 406 KB
138 KB 222ms
128ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2666445661948602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

8f4b97e0c22b9d9f3103f6783faf0f2a124fcd2670e0d7fac1f8a9b732987c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140846
x-xss-protection: 0
server: cafe
etag: 5874605680116648629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 18:23:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/ Frame 2D9D 9 KB
5 KB 152ms
43ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2666445661948602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 27365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 10:47:06 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 10:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 145ms
45ms Font
font/woff2 142.250.64.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exploringancientcivilizations.viralkhabarpost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:11:10 GMT
x-content-type-options: nosniff
age: 475921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:11:10 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 148ms
49ms Font
font/woff2 142.250.64.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exploringancientcivilizations.viralkhabarpost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:04:44 GMT
x-content-type-options: nosniff
age: 476307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:04:44 GMT

GET fa-solid-900.woff2
viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/ 0
0

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 146ms
73ms Font
font/woff2 142.250.64.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://exploringancientcivilizations.viralkhabarpost.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:32:09 GMT
x-content-type-options: nosniff
age: 85862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:32:09 GMT

GET
H2 200 2-13-400x300.webp
viralkhabarpost.com/wp-content/uploads/2024/01/ 20 KB
20 KB 47ms
44ms Image
image/webp 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/2-13-400x300.webp
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: e37d9f514eabc365ddae02791f68794d2fc31ba38c6167c10b2602584516eb08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 14:45:57 GMT
server: nginx
accept-ranges: bytes
etag: "65ba5d25-504e"
content-length: 20558
content-type: image/webp

GET
H2 200 MjVjZTNjODEyMzgxYWM2NmNkODkxNGQ0NWUzODI3YmM1MWUxNzY3NWJkNWE3MjU2ODA3YTdhMDBjODQwMTY2ZGpwZw-400x300.jpg
viralkhabarpost.com/wp-content/uploads/2024/01/ 27 KB
27 KB 48ms
45ms Image
image/jpeg 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/MjVjZTNjODEyMzgxYWM2NmNkODkxNGQ0NWUzODI3YmM1MWUxNzY3NWJkNWE3MjU2ODA3YTdhMDBjODQwMTY2ZGpwZw-400x300.jpg
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: de42ae770f3531a2fde893a194f9bfb1fb8b59d6f1155f0ef71a9f0205abf25f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 12:35:25 GMT
server: nginx
etag: "65ba3e8d-6c8e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27790
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 DLCmItXU8AADCW1-400x300.jpg
viralkhabarpost.com/wp-content/uploads/2024/01/ 28 KB
28 KB 49ms
45ms Image
image/jpeg 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/DLCmItXU8AADCW1-400x300.jpg
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 102d829baad11f48d26b6a6aaa3e4427292da76623b89c91a03e04c61b02e1fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 12:32:45 GMT
server: nginx
etag: "65ba3ded-7103"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28931
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 i-10-320x300.webp
viralkhabarpost.com/wp-content/uploads/2024/01/ 22 KB
22 KB 49ms
46ms Image
image/webp 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/i-10-320x300.webp
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 4ea0adbeacd460484cddb703d6ea62b262c6b7a8e0076f58aaae2c18d2a0c507

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 12:29:26 GMT
server: nginx
accept-ranges: bytes
etag: "65ba3d26-57b6"
content-length: 22454
content-type: image/webp

GET
H2 200 MzA2MjcwODU2XzQ0OTY5Mjg3NzE4MzE2OV84MTkwNDg1MzkzOTE3MzI3OTA4X25qcGc-400x300.jpg
viralkhabarpost.com/wp-content/uploads/2024/01/ 23 KB
23 KB 51ms
48ms Image
image/jpeg 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/MzA2MjcwODU2XzQ0OTY5Mjg3NzE4MzE2OV84MTkwNDg1MzkzOTE3MzI3OTA4X25qcGc-400x300.jpg
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: e0fea82c3a25876de00409f600696ee778f0eb1bde623c5a0afa2a42c6d76f3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 12:25:48 GMT
server: nginx
etag: "65ba3c4c-5bbc"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23484
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 YW5qaW5nX3ZzX2lrYW5fY2ludGFfYWxhbWpwZw-400x300.jpg
viralkhabarpost.com/wp-content/uploads/2024/01/ 22 KB
22 KB 52ms
49ms Image
image/jpeg 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/YW5qaW5nX3ZzX2lrYW5fY2ludGFfYWxhbWpwZw-400x300.jpg
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 43a75bdb807cd2d7cc13b54e2fb3f33a214a722c4432d822634043330cdc2dc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 12:24:45 GMT
server: nginx
etag: "65ba3c0d-57cf"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22479
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 snapedit_1696674824744-2048x1516-1-400x300.png
viralkhabarpost.com/wp-content/uploads/2024/01/ 240 KB
240 KB 52ms
50ms Image
image/png 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://viralkhabarpost.com/wp-content/uploads/2024/01/snapedit_1696674824744-2048x1516-1-400x300.png
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: ea412e14d0b44d88c8c250261441659edb7118a77be820cacb2014ce0f3ac1b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Wed, 31 Jan 2024 12:21:36 GMT
server: nginx
etag: "65ba3b50-3beb5"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 245429
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET
H2 200 wp-emoji-release.min.js Show response
viralkhabarpost.com/wp-includes/js/ 18 KB
18 KB 44ms
43ms Script
application/javascript 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://viralkhabarpost.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.39.79.vultrusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
etag: "63db0985-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18692
expires: Fri, 01 Mar 2024 18:23:11 GMT

GET fa-solid-900.ttf
viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 90ms
89ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EWDNWR5MER&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-238435650-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c9aff5360ad288257b6d2b164927d9a96285145dd7805db4b0c5e839147ab4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 18:23:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 153ms
49ms Script
text/javascript 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-238435650-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 17:51:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1888
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 31 Jan 2024 19:51:43 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9559 381 KB
88 KB 903ms
901ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&adk=1812271804&adf=3025194257&lmt=1706725391&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706725391470&bpp=121&bdt=253&idt=435&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8619058869077&frm=20&pv=2&ga_vid=487385395.1706725392&ga_sid=1706725392&ga_hid=1830467861&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809003%2C95320376%2C95320889%2C95323008&oid=2&pvsid=2846876818998824&tmod=9230567&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=472

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

270dedb9ef74b3e1da5a119f3584f73eee3b96594e45f4fa34a1ed774aa07b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 89850
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 18:23:12 GMT
expires: Wed, 31 Jan 2024 18:23:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E862 105 KB
39 KB 1234ms
1233ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1706725391&format=780x400&url=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706725391602&bpp=3&bdt=386&idt=345&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619058869077&frm=20&pv=1&ga_vid=487385395.1706725392&ga_sid=1706725392&ga_hid=1830467861&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809003%2C95320376%2C95320889%2C95323008&oid=2&pvsid=2846876818998824&tmod=9230567&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

bb3acf70b714f7dc9db10108177cf76a3e90aa26eb46a2a7096e07af58892011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40077
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 18:23:13 GMT
expires: Wed, 31 Jan 2024 18:23:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
185 B 61ms
60ms Ping
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EWDNWR5MER&gtm=45je41t0v9109528256&_p=1706725391601&gcd=11l1l1l1l1&npa=0&dma=0&cid=487385395.1706725392&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1706725392&sct=1&seg=0&dl=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&dt=News%20Today&en=page_view&_fv=1&_ss=1&tfd=1213
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWDNWR5MER&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 18:23:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 61ms
60ms XHR
text/plain 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1830467861&t=pageview&_s=1&dl=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&ul=en-us&de=UTF-8&dt=News%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=248779229&gjid=2085108655&cid=487385395.1706725392&tid=UA-238435650-1&_gid=613283501.1706725392&_r=1&gtm=457e41t0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=610174506

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 18:23:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 165 KB
56 KB 83ms
81ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

5cb276522824420e4594e457443c695a8ba95abc56adfee4dc4e490aea2a40ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56990
x-xss-protection: 0
server: cafe
etag: 15296613957104263241
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 18:23:13 GMT

GET
H2 200 ca-pub-2666445661948602 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 232ms
92ms Script
application/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2666445661948602?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

591fb2b2e0a0f1a5b109aaab87485515d4c42510b8a4dcd3b7b97ad7aaf9545a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4xOj-xiXH8fHXVOlAhEEbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-4xOj-xiXH8fHXVOlAhEEbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNxz0LQWEYBuDjySMfJZkwG2RiM1sYLEpRZFKS5UyyMPEDlLzvYFBGYTEY_AERySAfw1k4SBYfJQb3cA2XdW7wWz1KxOdRprs9rWAZPtAGVt4jbaGinKgOWvJEZwj4dAqBWtSpDIbfmSxwf17I8bqQC_xwd1_pDeNY1HhLCranBM9UwWswlXHIVgWrYB8IDg4Fj-aCJ5DRBeegy5J70IxLbkMtLbkF4bzkBDwKkr9Q2i-4Ck6budG59k0O7aPF_jiqXak"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13717539595168171319
tpc.googlesyndication.com/daca_images/simgad/ Frame E862 91 KB
92 KB 169ms
72ms Image
image/png 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13717539595168171319

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1706725391&format=780x400&url=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706725391602&bpp=3&bdt=386&idt=345&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619058869077&frm=20&pv=1&ga_vid=487385395.1706725392&ga_sid=1706725392&ga_hid=1830467861&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809003%2C95320376%2C95320889%2C95323008&oid=2&pvsid=2846876818998824&tmod=9230567&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

443f61ba8d1341f1d28feca90e657b5bb9d03869b7b12159d1b5a04da4da4980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 06:41:02 GMT
date: Fri, 26 Jan 2024 06:41:02 GMT
x-content-type-options: nosniff
age: 474131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93599
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 00:38:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame E862 23 KB
9 KB 150ms
54ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 17:18:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame E862 3 KB
1 KB 135ms
52ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame E862 20 KB
9 KB 140ms
45ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:12 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E862 205 KB
62 KB 49ms
49ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63264
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 19:21:56 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame E862 36 KB
15 KB 198ms
115ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

115d3e421898f8245b1436c3231f9f4ab3b0153f32f1719f4870d87fa0f6402e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 07:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14836
x-xss-protection: 0
server: cafe
etag: 9737977227763839993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 07:29:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A5E 143 B
166 B 45ms
44ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1706725391&format=780x400&url=https%3A%2F%2Fexploringancientcivilizations.viralkhabarpost.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706725391602&bpp=3&bdt=386&idt=345&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619058869077&frm=20&pv=1&ga_vid=487385395.1706725392&ga_sid=1706725392&ga_hid=1830467861&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809003%2C95320376%2C95320889%2C95323008&oid=2&pvsid=2846876818998824&tmod=9230567&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=353
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 17:23:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/ Frame 0206 9 KB
4 KB 46ms
45ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 19327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 13:01:06 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 13:01:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/ Frame D389 9 KB
4 KB 55ms
55ms Document
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 19327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 13:01:06 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 13:01:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVXeqPb0BqnEoaiAnpG4l73UEw2KM0OpT3cftG-gGV1VMthL1cnWBoce8Ssp3OEhGv_vBAIl_hubUEcfc6MgMRdjOJ8SUWHTbHFgTsTVhQuRwU2r9uMGbfnzLjvPJkECpQIPoPd_A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 81ms
80ms Script
application/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVXeqPb0BqnEoaiAnpG4l73UEw2KM0OpT3cftG-gGV1VMthL1cnWBoce8Ssp3OEhGv_vBAIl_hubUEcfc6MgMRdjOJ8SUWHTbHFgTsTVhQuRwU2r9uMGbfnzLjvPJkECpQIPoPd_A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzI1MzkzLDM2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9leHBsb3JpbmdhbmNpZW50Y2l2aWxpemF0aW9ucy52aXJhbGtoYWJhcnBvc3QuY29tLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

2c0f404c8178c72517621082be108b13cd544fb259349cbf517e8c56e04516ee

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BVwVnYpbgx_RSOYVu8LhkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BVwVnYpbgx_RSOYVu8LhkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEwzFxwau1bAI_Pp04zAgAeqVZFg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E862 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 786efb61b454e7cc2a1203abe0f29f5ed04cf1609681031e7e3b8995b929b63a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 0206 4 KB
744 B 73ms
69ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 18:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 17:26:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 18:23:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0206 205 B
651 B 167ms
53ms Image
image/png 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:01:37 GMT
x-content-type-options: nosniff
age: 476496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Jan 2025 06:01:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0206 604 B
696 B 169ms
55ms Image
image/png 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 03:01:50 GMT
x-content-type-options: nosniff
age: 314483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 27 Jan 2025 03:01:50 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 0206 16 KB
7 KB 50ms
47ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 07:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 07:21:56 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 0206 22 KB
9 KB 50ms
49ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 03:02:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 03:02:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D389 14 KB
1 KB 69ms
68ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 18:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 17:18:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 18:23:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame D389 2 KB
903 B 44ms
43ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame D389 23 KB
9 KB 47ms
45ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 17:18:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame D389 3 KB
1 KB 48ms
47ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame D389 20 KB
8 KB 44ms
44ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:12 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame D389 225 B
347 B 47ms
45ms Image
image/png 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 08:29:55 GMT
x-content-type-options: nosniff
server: cafe
age: 35598
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Thu, 01 Feb 2024 08:29:55 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D389 205 KB
62 KB 49ms
47ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63264
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 18:35:02 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame D389 37 KB
16 KB 149ms
57ms Script
text/javascript 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:00:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A5E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
64ms

Document
text/html

142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 18:23:13 GMT
expires: Wed, 31 Jan 2024 18:23:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 18:23:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11987965876286598688
tpc.googlesyndication.com/simgad/ Frame D389 6 KB
6 KB 45ms
44ms Image
image/jpeg 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11987965876286598688?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

058f610251111e42ba0ae0f0fc02ff979e401019237101157b76807aa4882695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 11:18:39 GMT
date: Mon, 29 Jan 2024 11:18:39 GMT
x-content-type-options: nosniff
age: 198274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5927
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 16:24:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D389 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D389 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E862
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4HY8EJC6Ze8U3-yuvg-a-bDQCLmqkZN12LOytMISv-EeEAEguPGXMGDJvrmH4KO0EKABkc20vgPIAQKoAwHIA8kEqgSNAk_QTgGmarFEi5SzZkOBK7OU-AT9TVpYr20A6BEf7Ifk-fOExHq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x95a7502fa458212c0000000000000000%22,%222%22:%220x2d9e1be7272669790000000000000000%22,%223%22:%220xdd8460...

0
0

199ms
108ms

Fetch
text/css

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x95a7502fa458212c0000000000000000%22,%222%22:%220x2d9e1be7272669790000000000000000%22,%223%22:%220xdd846099622c7750000000000000000%22,%224%22:%220xbc0b5697b91e8e9c0000000000000000%22,%225%22:%220x52223d2e33c5bdb20000000000000000%22},%22debug_key%22:%221087225305911611625%22,%22debug_reporting%22:true,%22destination%22:%22https://dialpad.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22936191633%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223654008715881380657%22}&andc=true

Requested by

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x95a7502fa458212c0000000000000000","2":"0x2d9e1be7272669790000000000000000","3":"0xdd846099622c7750000000000000000","4":"0xbc0b5697b91e8e9c0000000000000000","5":"0x52223d2e33c5bdb20000000000000000"},"debug_key":"1087225305911611625","debug_reporting":true,"destination":"https://dialpad.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["936191633"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"3654008715881380657"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 Jan 2024 18:23:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 Jan 2024 18:23:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x95a7502fa458212c0000000000000000","2":"0x2d9e1be7272669790000000000000000","3":"0xdd846099622c7750000000000000000","4":"0xbc0b5697b91e8e9c0000000000000000","5":"0x52223d2e33c5bdb20000000000000000"},"debug_key":"1087225305911611625","debug_reporting":true,"destination":"https://dialpad.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["936191633"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"3654008715881380657"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 AGSKWxXhB1UbY4SnGL9UpM08o2B2ViVFrfL_Pz5Imsl00SiFXZ3nuZT2T-Hj_f4tokya7Uvjz8vggBoqS5N1NA-b-_vI-hD3wTTk7eiFfoXyxYy_cX6IKGN1OPc_OopT23pSFcXkkEkMNQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 82ms
81ms Script
application/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXhB1UbY4SnGL9UpM08o2B2ViVFrfL_Pz5Imsl00SiFXZ3nuZT2T-Hj_f4tokya7Uvjz8vggBoqS5N1NA-b-_vI-hD3wTTk7eiFfoXyxYy_cX6IKGN1OPc_OopT23pSFcXkkEkMNQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzI1MzkzLDYyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZXhwbG9yaW5nYW5jaWVudGNpdmlsaXphdGlvbnMudmlyYWxraGFiYXJwb3N0LmNvbS8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

0c3ee606d182b34a38a810d319ca33a27419ef3452ac30ac57053f05d9b8529d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u6mnjrR922BfZrkqjFD6PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-u6mnjrR922BfZrkqjFD6PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxz0IQWEUBuDr5AhJMmE2yMRmvpPBohRFJiVZ7iQLE3Yl3zcYlFFYDAaLshHJIDFYuEgWPwvJOzzDY50a_FaPovo8ylLd0wZW3iNtoaScqAqH-InOEPDpFAItr1MRDN8zWeD-vJDjdSEX-OHuvtIbRpGw8RYXbE8InmmC12Aq4pAuC9bA3hccHAgezgWPIaULzkCHJXehEZXcgkpSchPUrOQYPHKSP1DYLbgMTpu53r72TI5R7TehP2t0WI8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EF0D 14 KB
1 KB 67ms
66ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 18:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 17:41:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 18:23:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame EF0D 2 KB
822 B 46ms
45ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame EF0D 23 KB
9 KB 45ms
44ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 17:18:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame EF0D 3 KB
1 KB 64ms
63ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame EF0D 20 KB
8 KB 52ms
50ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 06:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Feb 2024 06:16:12 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EF0D 205 KB
62 KB 49ms
48ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63264
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 18:35:02 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame EF0D 37 KB
15 KB 48ms
47ms Script
text/javascript 142.251.40.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f3.1e100.net

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:00:55 GMT

GET
DATA 200
OK truncated
/ Frame D389 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed0826a6375919167f6e0efc270933ba3ca495f8fed4978d9156fc9d5638c864

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D389
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHY6YEJC6ZdUDvcug8w_U7LuQCL6o3bN1yfqCq_YRZBABILjxlzBgyb65h-CjtBCgAfHqmZoDyAEJqAMByAPLBKoEkAJP0NUjGFAt8XxQAjEx-WkFMUEcj3Od1UVn9auR5V3Yo76uBzKITyT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x704d41184ebd07e20000000000000000%22,%222%22:%220xb368add0ac1abd760000000000000000%22,%223%22:%220xed0aca...

0
0

146ms
108ms

Fetch
text/css

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x704d41184ebd07e20000000000000000%22,%222%22:%220xb368add0ac1abd760000000000000000%22,%223%22:%220xed0aca50912a1f9b0000000000000000%22,%224%22:%220xa79a4a7a9a5a50c80000000000000000%22,%225%22:%220xe8a9de7f087c49ed0000000000000000%22},%22debug_key%22:%226336254527688431126%22,%22debug_reporting%22:true,%22destination%22:%22https://smoothieking.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22860255601%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211717810929924968369%22}&andc=true

Requested by

Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x704d41184ebd07e20000000000000000","2":"0xb368add0ac1abd760000000000000000","3":"0xed0aca50912a1f9b0000000000000000","4":"0xa79a4a7a9a5a50c80000000000000000","5":"0xe8a9de7f087c49ed0000000000000000"},"debug_key":"6336254527688431126","debug_reporting":true,"destination":"https://smoothieking.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860255601"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"11717810929924968369"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 Jan 2024 18:23:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 Jan 2024 18:23:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x704d41184ebd07e20000000000000000","2":"0xb368add0ac1abd760000000000000000","3":"0xed0aca50912a1f9b0000000000000000","4":"0xa79a4a7a9a5a50c80000000000000000","5":"0xe8a9de7f087c49ed0000000000000000"},"debug_key":"6336254527688431126","debug_reporting":true,"destination":"https://smoothieking.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["860255601"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"11717810929924968369"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 209ms
109ms Preflight
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 18:23:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D389 33 KB
33 KB 53ms
52ms Font
font/woff2 142.250.64.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:24:54 GMT
x-content-type-options: nosniff
age: 518299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 18:24:54 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 109ms
109ms Preflight
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 18:23:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
76ms XHR
application/json 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240124&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

a47113c330d3c43cfb2fec518872536e7d2e20c9c68e94221b291f2be087a12b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12321
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 312F 51 KB
19 KB 47ms
47ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 475603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:16:30 GMT

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BB4 51 KB
19 KB 48ms
47ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: exploringancientcivilizations.viralkhabarpost.com
URL: https://exploringancientcivilizations.viralkhabarpost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 475603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:16:30 GMT

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 91E0 51 KB
19 KB 54ms
53ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 475603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:16:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 18:23:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7172 13 KB
5 KB 46ms
44ms Document
text/html 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 143024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 02:39:30 GMT
expires: Wed, 29 Jan 2025 02:39:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01AB 829 B
997 B 72ms
71ms Document
text/html 142.251.40.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f4.1e100.net

Software

GSE /

Resource Hash

7a0a6d36ba26a05912b7d27b82ca542ff101f3f43c12f820ec554f0a2fb566c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8ghugwkrFet_9IRepwC6Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8ghugwkrFet_9IRepwC6Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 18:23:14 GMT
expires: Wed, 31 Jan 2024 18:23:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7172 39 KB
15 KB 49ms
48ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 20:07:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E862 42 B
64 B 112ms
111ms Fetch
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-_XaQnxqCoQb0k_B8yfMKRULOuIWbNr_MSQfe3CtMZiXmazJvkJuMTnTRwMkqGDOYTO9veoY5QKI9y6B5TjyixSUp8MRU03pMFVctx28q7wmHMF8N4gFwO35Kv9fqyfgi55km9DuWMCkmvoFU8oX78gmh&sai=AMfl-YRu4yriOFcPZF28F5GzNhWX6SvM17fIn8ijYxBF4hBWibb1nRB8Fx5z3IeIo3mzeIlgCZdDESQ-yR7iZUayJNMUmUZHOR2pwRVVTlSNb4ZO1yJQEBdO4C7qmMGIt1B6jW7QiZ8o6bwm4-fEmJ9RwQ&sig=Cg0ArKJSzHz9AeG9MJNzEAE&cid=CAQSTwAvHhf_fyCcJll9gp9_V3D2OJJTQ1m9M1arMEAE2aUkI_TeuVUqPF5rGNCVpFDY7JpbvhgtC_epNMTShzulM9ViHxXBy37zhNmY2nu3Of0YAQ&id=lidar2&mcvt=1009&p=0,90,400,690&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20240130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1677435917&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=265819300&rst=1706725391957&rpt=1538&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 18:23:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 square- Show response
fundingchoicesmessages.google.com/f/AGSKWxUQT6En8q1R5p-cf4cdC9uIFeRoyPXfDPxjlibWvqmgHjELNRTFcWDTzqUyck_q-0XgZ3qUjTjH5hDFUHUFvOBQGkzTVsI8KqqH3B-URYB3HixC6rhlxt1cXU-JLGjw6K3djPDsa4NqC0xO8xgDcCrKVsro6... 54 B
110 B 76ms
75ms Script
application/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUQT6En8q1R5p-cf4cdC9uIFeRoyPXfDPxjlibWvqmgHjELNRTFcWDTzqUyck_q-0XgZ3qUjTjH5hDFUHUFvOBQGkzTVsI8KqqH3B-URYB3HixC6rhlxt1cXU-JLGjw6K3djPDsa4NqC0xO8xgDcCrKVsro6oeGQUYB3DVwbs40yh6hoNxtyJm6WVAC/_/custom11x5ad./simad.min.js_ad300./tinlads./ads/square-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

7c435124fd12864cc399418d86dbe62ca2aa2bba6dc9372317b6e599fe5ae002

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Kdwd83pRy4IuTCDI1iLiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-8Kdwd83pRy4IuTCDI1iLiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxz0IQWEUBuDr5AhJMmE23ExsZpPBohRFJiVZ7iQLE2Ul-b7BoIzCYjCYZCOSQWKwcJEsfhYG7_AMj3Vm8Fk9SkT1KKvQgbaw9p5oByXlTFU4xs90Ab-qUxC0vE5FMPwuZIHH60qO95Vc4IOH-0YfGEfCxntcsD0heK4J3oCpiEO6LFgD-0BwYCh4tBA8gZQuOANdltyDZlRyGypJyS0IZSXH4JmT_IXCfsllcNrMjc6tb3LUpsM6_QFyPlgn"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 86 KB
30 KB 48ms
47ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

92cb00582f66db2a752a204b662cc0860a94d2cd945eacdad5778abe7414ac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31168
x-xss-protection: 0
server: cafe
etag: 14589227577193608053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 18:44:35 GMT

POST
H3 204 AGSKWxUb_3IVTYk5Y_j8btigGusTllcTqbeL4QmwWOVzPSMV6f_BCNjpgSQ8K-_O1IwOGda4GQPOHkCI8ewP_fdxi3cHavtm0-qg5o8sE8hZHfxjijYfDX9uQqKzfjDfTSOJOqDonXpdGg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 174ms
75ms XHR
text/html 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUb_3IVTYk5Y_j8btigGusTllcTqbeL4QmwWOVzPSMV6f_BCNjpgSQ8K-_O1IwOGda4GQPOHkCI8ewP_fdxi3cHavtm0-qg5o8sE8hZHfxjijYfDX9uQqKzfjDfTSOJOqDonXpdGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yNCgJuPl9rb7BQHBDeMD1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-yNCgJuPl9rb7BQHBDeMD1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY9KCV2vZBH7MeLOPCQDq6iDS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01AB 0
0 113ms
112ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240124&jk=2846876818998824&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUb_3IVTYk5Y_j8btigGusTllcTqbeL4QmwWOVzPSMV6f_BCNjpgSQ8K-_O1IwOGda4GQPOHkCI8ewP_fdxi3cHavtm0-qg5o8sE8hZHfxjijYfDX9uQqKzfjDfTSOJOqDonXpdGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4VGDDPTZukhE4t7bRcvytQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4VGDDPTZukhE4t7bRcvytQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY9KCV2vZBDquz97PBADpEyBS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUb_3IVTYk5Y_j8btigGusTllcTqbeL4QmwWOVzPSMV6f_BCNjpgSQ8K-_O1IwOGda4GQPOHkCI8ewP_fdxi3cHavtm0-qg5o8sE8hZHfxjijYfDX9uQqKzfjDfTSOJOqDonXpdGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jnYyPpHE8TzfxcqbSE5VTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jnYyPpHE8TzfxcqbSE5VTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY9KCV2vZBH7cvbSfCQDucCEH"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUb_3IVTYk5Y_j8btigGusTllcTqbeL4QmwWOVzPSMV6f_BCNjpgSQ8K-_O1IwOGda4GQPOHkCI8ewP_fdxi3cHavtm0-qg5o8sE8hZHfxjijYfDX9uQqKzfjDfTSOJOqDonXpdGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OdzdFnZ1jOq70EUoJTL00w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OdzdFnZ1jOq70EUoJTL00w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY9KCV2vZBD783rePCQDwViEO"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWkENuzTCaYZp1KrCp_n-GWXnMxKCfGyR5liCgwZagaZlEgxgWGsVZIO0htfrE3OPONLI2OrO4qJpK04tIy2usH6wNA-HMCXxLFFy1Y1dtk7JgNJLpZ7HIGVNmhe6NZUOWocqMEZg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 83ms
82ms Script
application/javascript 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkENuzTCaYZp1KrCp_n-GWXnMxKCfGyR5liCgwZagaZlEgxgWGsVZIO0htfrE3OPONLI2OrO4qJpK04tIy2usH6wNA-HMCXxLFFy1Y1dtk7JgNJLpZ7HIGVNmhe6NZUOWocqMEZg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzI1Mzk0LDYyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9leHBsb3JpbmdhbmNpZW50Y2l2aWxpemF0aW9ucy52aXJhbGtoYWJhcnBvc3QuY29tLyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

c9a9587e9e515cc303157fa5eaeff16c233f8affef256c03119cd275e078da55

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nD7vO3ofd-taN42-prl-Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nD7vO3ofd-taN42-prl-Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEwzFpwau1bAI_rtzYxwQAd_VZAg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7172 0
10 B 45ms
44ms Image
text/plain 142.251.32.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DpFq-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxV0eqVmJF43XPDQnXBAf2u41CMNttOi9fSIxTsfqq1-w5SEX34lgFUoYI0KY-8IsO94mqwiTeQmjfIFz4fNwZVLqo_7p-73HCsIWXJS0rU6ALuaPQ6aYPvGlmOC03l-czUdYR-pxQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 72ms
71ms XHR
text/html 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV0eqVmJF43XPDQnXBAf2u41CMNttOi9fSIxTsfqq1-w5SEX34lgFUoYI0KY-8IsO94mqwiTeQmjfIFz4fNwZVLqo_7p-73HCsIWXJS0rU6ALuaPQ6aYPvGlmOC03l-czUdYR-pxQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yzjIPGhx5O6hBJ20pFeDhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-yzjIPGhx5O6hBJ20pFeDhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY9KCV2vZBDY8bXvBBADrXiCg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUb_3IVTYk5Y_j8btigGusTllcTqbeL4QmwWOVzPSMV6f_BCNjpgSQ8K-_O1IwOGda4GQPOHkCI8ewP_fdxi3cHavtm0-qg5o8sE8hZHfxjijYfDX9uQqKzfjDfTSOJOqDonXpdGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MlAiv8nY5bYim2M4KMuOVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://exploringancientcivilizations.viralkhabarpost.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 18:23:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-MlAiv8nY5bYim2M4KMuOVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY9KCV2vZBB6sefKSCQDu9iD-"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://exploringancientcivilizations.viralkhabarpost.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D389 42 B
64 B 113ms
113ms Fetch
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuY2h4upNnM2EF09xN7k-Mnf5-15tx3qKLCfB5S2p6FYHiMDT6BqV09iv1KOlQgRnyhU9NmBFte8jGO8Vfp_h5jiAyFh-vwk0CiiEFaBH2E2smwJuUPmYepmeCCef_do5ed25KlWRwKX5KwM4m2s7sj5JvrcYgznUyM3ArnYUFFuYIcydKzRGbHXvFIKTZWgqB-wkPTRfXEt0vEs7uZfSpSmprlU0vlW0fIhG9PL6RPxOznuIuQ4YOTuHA8tIzpnJt-50cTvh7rPeCtIhOvjjXHtSVxTYsZGKy04Mgy3HonKjbe19TY8mq-mSjbAXdLjI7peheGfxmKWlLG3tVz2JjPI3bqjfv9rm3zSzVNBlNaHUKDqeG_K1Tdf1I2hyKFrzUfrMEe8O4Tvs3PJysysucAVD9uxfOaxCFEvNmo01aktQq5SrVrEkKrjzjSIH3juhBEcxkTnCH9bWpj1KxUvTKJ_svF5wraY8lZQoTrgqcy6CKoEU5RlfyVkjdoLwZuUZrmajBz_sLyeh1OWE2j4uvDAIC_eWmCHEL3YypcgnXIGHJ1uBszi2yhtQ9sWYrII4TRiHZ-8o-MjbUicwtoo_C5l6iopw7ixotDRXIBcjFuw5spS2-fnZoM8rWzD8Jw_NrouzmcphCg1ViQcrpqIWWMhdcSSSPV5xLtmwSIRH1o6oAD0rM-0cGBO8VVxXC06AZSSiOAMIzOU4a-h0tHw-xnhP1h7c4VlAAnQl2tOS-JKtlFuPiNdBgdrz8XzZ2sYnXdmb-vdxL3cqpgR4AWVS4UbJwVQLByzBoEpX5xpjnjdM4Ofe6M_rM5cagIB-TdF6qxg_WmNHWmiUwxrC6YM46m1Do7CqrerGAsOqSp7tLCyvDzeXW4ptd29DluxR722tUbDCckb9aDbauYs0UqLuu6HT9bJulZQJpIRczKj3h2OC9pYvKeOwGDCIFAfvMraGlqe5DJ5JQscJoxEAAFBtu-ex_NmErm23ikDbxNRzpUdWF4KLG5eOS-Wq6mGNfby4dpmDubYYtkNnB2c_dpkSfZXOJRzZpjnAzCXzlrHtBlb8_hHXiQpb1hNqLCwi6JExA6cGR98Am8swkgYMvFW_kuwmc_-tQW7sCrl06mBswIBaI3Lt9yPLB9-Bykq9ejZbLFDV1cFncV76zK9XLNPSfdmFtv_QnDGORE9EXB4bAoRYl2bzUOQsnt2h_vNAmPvnv7-cTplTTLMTPtzbc_qDNFKvGZRMpVuQfaZyB78QDud6CysbIpURqnY5S3T49IsEE6Kc1Bxrn9dlbo2DAWxfzG2vIkX0M0MT1rZXCok4aGaXBpZx2fPO8KATOhGfPnDgcZ2Ylq2pNr2fP1CVOuKd9au7C32eNEnToF4vJxxkOXKxVlEbPygyjuxQYjvI5CzvtAhuqIR6fhdg5-Gmnd818exIfADCsUqQ&sai=AMfl-YT0b6b2vIP3w2CfnDnxOkODT_1app85CQYZhDtp9E_VZSTI_je88xfz92r_7L30eDV9_0IVPuQZyJahTKypADj0tI5xtwk2GLJB87fw5WDWzF0WE5jylSuXe73ALaVlnTwdb5EI_ARQr-2dLxPHSA1QEdVtD-c1_NjUCw&sig=Cg0ArKJSzJrhEf4kXSanEAE&cid=CAQSTgAvHhf_PA_LNXaRBQSo2paUrSB3gmvU7w0mWJ_F5SX87q8zojIpNSi2RdoAiUrZAMLHrjREcZsE9y3n-crKzPxbJm64LpDfEdr22ZoCSxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=317,963,1000,1000,1000&tos=317,646,37,0,0&v=20240130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=265819300&rst=1706725393334&rpt=559&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 18:23:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
113ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240124&jk=2846876818998824&bg=!QEOlQwzNAAa8BdJLnAU7ADQBe5WfOIO_imqXmHgJqJH1tjJFHeMD29d5RuMAEDDl3ljL6EQcIwdFyLkGzn6Z3D8hVqfNAgAAAJdSAAAABGgBBwoAec1o9vPikFGS5bq3KAY1r6NLOyFWVPInMaKxpwgzkbbAdRj2M7bBYx-LIme-C9yApEiduSC30Bkj4BbtD4cpEeDicOQD1HaeuR-1beEctyBzx5jmMB6oa7kd1O1MCLh-rvBu1_qAvC7ovqlmXVkCE4fSA7oOyqHLfRKZAt-d9eM-mRPYlfSLyt6oKKoDp4yn8mzg3ygytZ0p5bsYFapxRwE4FgBikQ0XWg2CJZVO7zE12IDg3k9zfLgLN8pHN3oJSjOaUrK5hGC3gnYlEP9ixafPF7N0rWUi0H6pT7G9uw_KYAfRGoOQQLbwKgrR1gb4an5jT1Zk2yTj-CJy7yCRf5m-Kp65h3-cO7xy4hxg5IgGpjvGrLpG6ukV_hTkRS0DM14nrby5XAhdueb8gXthY7TYoK0nj9rPSYpgxTUolwK33xh9zFAzZcKqB52EOXjX4O6WjnHrNRWSoxGoG1G5PNDRrsxIzhez1muEjeSQcOJeoLT1UFuPxd0p3b7x4PvmJmaMVPQdm1Q5zQwBtMgG8BjxXE1Pu5o84-J2seHbM9W75Kge_y9fy5gaKTPzNLJjaC1qBUqISafKxgQ-GDZPcAl7tcuS_uJmPsqMV4kIpcjrIu0QLqUUmtzzLdDvjixy_vcy2R6W2O68tXW3Mid3z76KfdO-j_yvxpNB78-nNXsW1xULrvu_nLRBHAfs8fy_Ve1xNKVm5JjT7x8G3bj4wC_GpZXDvkLch2ZX6CpAbCd2yquwXgf4MqlJCeLgskrh2jtyAaHgqLcOYeLO4-B3vY_kHyJI12Xh_5dBMfO1IzKj0AdNAAmP-j1ONwGk0xIJ2B8mcWlZHsAKGLEQDyM8rpj1KsKf4ZE2Q2t6VfKiyKrHBSztNMLlTVihpYQKXtx9FNIVcp0JTtqoPCop69YGNbBheopnTZKmnhEjkp-WCipxle9ezUzqAtWa9Mias0A_6EVCr7t9H2jbO2B6mzFTS-NbPzDB82NGWRvi_rXzudcvicMPisWXA0uzTq0psz_6p6sqc37o26tcmUVApYQh4OKBqGLWFfQs9M5jDzvvpxdz2ZVQJ6x5XqzMTIVt_BwNYSsjaXgHpBm159a_3Cszs95sYNM1Onk3VIspEmr4AXoucrpj_moJ-tG_YMY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 200 admin-ajax.php Show response
exploringancientcivilizations.viralkhabarpost.com/wp-admin/ 0
250 B 507ms
507ms XHR
text/html 149.28.39.79
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://exploringancientcivilizations.viralkhabarpost.com/wp-admin/admin-ajax.php

Requested by

Host: viralkhabarpost.com
URL: https://viralkhabarpost.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.39.79 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.39.79.vultrusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://exploringancientcivilizations.viralkhabarpost.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 31 Jan 2024 18:23:15 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: viralkhabarpost.com
URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.woff2

Domain: viralkhabarpost.com
URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.ttf

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.viralkhabarpost.com/	1970-01-21 03:41:25	Name: _ga_EWDNWR5MER Value: GS1.1.1706725392.1.0.1706725392.0.0.0
.viralkhabarpost.com/	1970-01-21 03:41:25	Name: _ga Value: GA1.2.487385395.1706725392
.viralkhabarpost.com/	1970-01-20 18:06:51	Name: _gid Value: GA1.2.613283501.1706725392
.viralkhabarpost.com/	1970-01-20 18:05:25	Name: _gat_gtag_UA_238435650_1 Value: 1
.viralkhabarpost.com/	1970-01-21 03:27:01	Name: __gads Value: ID=dd8e6c7c2cce7486:T=1706725391:RT=1706725391:S=ALNI_MaTZ_XtkHzP8of-qsrwP_3zPMvQQg
.viralkhabarpost.com/	1970-01-21 03:27:01	Name: __gpi Value: UID=00000dbc64a09325:T=1706725391:RT=1706725391:S=ALNI_MZ2e9iyGGhGCxY0gaa9YM8ZRZ7zjQ
.viralkhabarpost.com/	1970-01-20 22:24:37	Name: __eoi Value: ID=da58e733b7c315d8:T=1706725391:RT=1706725391:S=AA-Afjaat6tjW9AikhNjtcXh77e4
.doubleclick.net/	1970-01-21 03:41:25	Name: IDE Value: AHWqTUmVf8AfPy7YRTytR5nE12QdzOSsr4aJKZxEL8zQ9Z2ovf65O0cX8m33AmNGhRw
.doubleclick.net/	1970-01-20 18:05:28	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 20:15:01	Name: ar_debug Value: 1
.viralkhabarpost.com/	1970-01-21 02:51:01	Name: FCNEC Value: %5B%5B%22AKsRol8N_btHCVysEIwvOtHQuYV2zJnqSbY9uccI-AhPIkthnHEP9jHkjpN5AipGZ2OICKO0EqTiqq6iUFF5EnVhMEn-mq-0-4_Vw769NZs0r8EU-JtV5GPB5azUTiGQ-19jIrKVTrAERCmy7oc0P2VRZD8dqR4QQQ%3D%3D%22%5D%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://exploringancientcivilizations.viralkhabarpost.com/ Message: Access to font at 'https://viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.woff2' from origin 'https://exploringancientcivilizations.viralkhabarpost.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://exploringancientcivilizations.viralkhabarpost.com/ Message: Access to font at 'https://viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.ttf' from origin 'https://exploringancientcivilizations.viralkhabarpost.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://viralkhabarpost.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

exploringancientcivilizations.viralkhabarpost.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
viralkhabarpost.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
viralkhabarpost.com
142.250.64.67
142.250.65.238
142.250.72.104
142.250.80.98
142.251.32.110
142.251.32.97
142.251.35.162
142.251.40.163
142.251.40.194
142.251.40.228
142.251.40.234
149.28.39.79
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
02f554d4905a6125975237d1735f2d0f4b6382ab6b5a6b4806767ede85b4fee4
058f610251111e42ba0ae0f0fc02ff979e401019237101157b76807aa4882695
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0c3ee606d182b34a38a810d319ca33a27419ef3452ac30ac57053f05d9b8529d
102d829baad11f48d26b6a6aaa3e4427292da76623b89c91a03e04c61b02e1fe
115d3e421898f8245b1436c3231f9f4ab3b0153f32f1719f4870d87fa0f6402e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20deaff9c96077fcdd7958eedd90d1d441d51498e382cd545dedb6eaa95b6f69
2234f3df716f86e56e227f80011d40c0ed650b200e58d96e9c9f1ef7f7f648d4
270dedb9ef74b3e1da5a119f3584f73eee3b96594e45f4fa34a1ed774aa07b59
2c0f404c8178c72517621082be108b13cd544fb259349cbf517e8c56e04516ee
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5
30388e751b85c306dc05c4aababb2ff00787a76e069fa282caa563e83ee67867
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42f3a012fd9eee4f71fc58faa6320c9f62faaccb34dbf0376195ca180799bfee
43a75bdb807cd2d7cc13b54e2fb3f33a214a722c4432d822634043330cdc2dc5
443f61ba8d1341f1d28feca90e657b5bb9d03869b7b12159d1b5a04da4da4980
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ea0adbeacd460484cddb703d6ea62b262c6b7a8e0076f58aaae2c18d2a0c507
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
591fb2b2e0a0f1a5b109aaab87485515d4c42510b8a4dcd3b7b97ad7aaf9545a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb276522824420e4594e457443c695a8ba95abc56adfee4dc4e490aea2a40ed
5e81483ecba6272a12d4953e06e81118baeb778e4917ec498142d9a182ede289
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
786efb61b454e7cc2a1203abe0f29f5ed04cf1609681031e7e3b8995b929b63a
7a0a6d36ba26a05912b7d27b82ca542ff101f3f43c12f820ec554f0a2fb566c5
7c435124fd12864cc399418d86dbe62ca2aa2bba6dc9372317b6e599fe5ae002
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
8f4b97e0c22b9d9f3103f6783faf0f2a124fcd2670e0d7fac1f8a9b732987c9d
92cb00582f66db2a752a204b662cc0860a94d2cd945eacdad5778abe7414ac5d
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d149fb7f4ff5b84fe5bdec6e0a19f0a2b32ab081673affaf2be1adb3c1f80ae
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e621c1c8ed558bd7c9acd3ca508af65598bc7525dd9910bca70cd7ab2b571c1
a47113c330d3c43cfb2fec518872536e7d2e20c9c68e94221b291f2be087a12b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
bb0ac9b634f5bc703946a5622284e26da37237e4122b5db2976d18d5774c907a
bb3acf70b714f7dc9db10108177cf76a3e90aa26eb46a2a7096e07af58892011
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c9a9587e9e515cc303157fa5eaeff16c233f8affef256c03119cd275e078da55
c9aff5360ad288257b6d2b164927d9a96285145dd7805db4b0c5e839147ab4ae
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd064b12bf474f592e665401e05432a6407e5980a3a24175476da425933ffb64
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1eff77ea5f031ba4a37d5328646643dad867691c993b0b3345c62899392fa2f
d77fa2a679cd89d740dfe8caaee9dcc01297e6f53225f322d25e74af5d374399
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de42ae770f3531a2fde893a194f9bfb1fb8b59d6f1155f0ef71a9f0205abf25f
e0fea82c3a25876de00409f600696ee778f0eb1bde623c5a0afa2a42c6d76f3a
e37d9f514eabc365ddae02791f68794d2fc31ba38c6167c10b2602584516eb08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53d55a080d8ca1a1deb92df1d0882ef36210fccc9518386c986d9f1d3e71189
ea412e14d0b44d88c8c250261441659edb7118a77be820cacb2014ce0f3ac1b3
eaf2ccc92a9f802623e6eb69af21a03fc6ba48b509201e2ded5165b58f22957e
ed0826a6375919167f6e0efc270933ba3ca495f8fed4978d9156fc9d5638c864
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c7b8d85cf716a020ea19fac22314de48452bc98568517fabdb0ca99ce66930
f1085f59c6b76fcab860403b7900d56c3225b5b51c04ca21a400e9b2fe608f18

exploringancientcivilizations.viralkhabarpost.com Open in urlscan Pro 149.28.39.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

93 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

13 IPs

1 Countries

2642 kBTransfer

4733 kBSize

11 Cookies

18 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exploringancientcivilizations.viralkhabarpost.com Open in urlscan Pro
149.28.39.79 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

93 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

13
IPs

1
Countries

2642 kB
Transfer

4733 kB
Size

11
Cookies

106 HTTP transactions
4 data transactions