www.newswire.lk Open in urlscan Pro
52.76.241.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/vXfWhc4sgQ
Effective URL:
https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Submission: On April 24 via manual (April 24th 2021, 6:37:41 am UTC) from QA

Summary HTTP 497 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 39 domains to perform 497 HTTP transactions. The main IP is 52.76.241.211, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.newswire.lk.
TLS certificate: Issued by Amazon on March 18th 2021. Valid for: a year.

This is the only time www.newswire.lk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
50	52.76.241.211 52.76.241.211	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
69	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	88.214.207.236 88.214.207.236	46636 (NATCOWEB) (NATCOWEB)
4	2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
47	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
60	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 3	13.224.95.18 13.224.95.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f13... 2a03:2880:f13d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
101	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3 11	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4 17	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4 7	52.31.220.191 52.31.220.191	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f18:612... 2600:1f18:612b:4264:9a95:fbee:2d35:58d	14618 (AMAZON-AES) (AMAZON-AES)
3	35.156.106.231 35.156.106.231	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3 3	18.195.240.234 18.195.240.234	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	172.104.105.5 172.104.105.5	63949 (LINODE-AP...) (LINODE-AP Linode)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
5 5	35.157.13.124 35.157.13.124	16509 (AMAZON-02) (AMAZON-02)
1 1	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
1 1	3.225.15.51 3.225.15.51	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1450:400... 2a00:1450:4001:813::2012	15169 (GOOGLE) (GOOGLE)
1	172.217.18.114 172.217.18.114	15169 (GOOGLE) (GOOGLE)
497	46

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 52.76.241.211 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com

www.newswire.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.214.207.236 (United Kingdom)

ASN46636 (NATCOWEB, US)

backend-ssp.adstudio.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f03d:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.95.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-18.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f13d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

101 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 141.226.228.48 (Netherlands) 4 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.31.220.191 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-220-191.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4264:9a95:fbee:2d35:58d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.106.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.240.234 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.105.5 (Tokyo, Japan) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.13.124 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.239.72 (Brussels, Belgium) 1 redirects

ASN19527 (GOOGLE-2, US)

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.15.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i1-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.114 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f114.1e100.net

p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i2-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
170	googlesyndication.com pagead2.googlesyndication.com 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com tpc.googlesyndication.com	2 MB
78	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	383 KB
77	taboola.com 4 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com am-wf.taboola.com	1 MB
50	newswire.lk www.newswire.lk	4 MB
31	googletagservices.com www.googletagservices.com	1016 KB
22	google.com 3 redirects adservice.google.com www.google.com	3 KB
11	google.de adservice.google.de www.google.de	2 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i1-v6exp3.ds.metric.gstatic.com p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i2-v6exp3.v4.metric.gstatic.com	110 KB
7	adsrvr.org 4 redirects match.adsrvr.org	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	contextweb.com 2 redirects bh.contextweb.com	2 KB
4	facebook.net connect.facebook.net	163 KB
4	adstudio.cloud backend-ssp.adstudio.cloud	3 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	lijit.com 1 redirects ce.lijit.com	2 KB
3	openx.net 1 redirects u.openx.net	609 B
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	advertising.com pixel.advertising.com	373 B
3	tremorhub.com taboola-supply-partners.tremorhub.com	547 B
3	facebook.com www.facebook.com	361 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	bttrack.com bttrack.com	760 B
2	appier.net 2 redirects s.c.appier.net	722 B
2	criteo.com 2 redirects dis.criteo.com	873 B
2	emxdgt.com e1.emxdgt.com	81 B
2	smartadserver.com rtb-csync.smartadserver.com	1 KB
2	pubmatic.com simage2.pubmatic.com	2 KB
2	adnxs.com ib.adnxs.com	1 KB
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	google-analytics.com www.google-analytics.com	19 KB
1	spotxchange.com search.spotxchange.com	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	622 B
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk	189 B
1	googleadservices.com partner.googleadservices.com	639 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	19 KB
1	t.co t.co	557 B
0	semasio.net Failed uipglob.semasio.net Failed
0	tapad.com Failed pixel.tapad.com Failed
497	39

	Domain	Requested by
88	tpc.googlesyndication.com	securepubads.g.doubleclick.net 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
69	pagead2.googlesyndication.com	www.newswire.lk pagead2.googlesyndication.com 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
50	www.newswire.lk	t.co www.newswire.lk
47	securepubads.g.doubleclick.net	www.newswire.lk securepubads.g.doubleclick.net 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com www.googletagservices.com
31	www.googletagservices.com	pagead2.googlesyndication.com 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com googleads.g.doubleclick.net
26	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
22	images.taboola.com	www.newswire.lk
13	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com www.newswire.lk
13	62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
12	www.google.com	3 redirects www.newswire.lk googleads.g.doubleclick.net tpc.googlesyndication.com
12	cdn.taboola.com	www.newswire.lk cdn.taboola.com
10	adservice.google.com	pagead2.googlesyndication.com
10	adservice.google.de	pagead2.googlesyndication.com
8	sync.taboola.com	4 redirects www.newswire.lk
7	match.adsrvr.org	4 redirects imprammp.taboola.com am-match.taboola.com
7	trc.taboola.com	cdn.taboola.com www.newswire.lk
6	fonts.gstatic.com	fonts.googleapis.com
5	x.bidswitch.net	5 redirects
4	sync-t1.taboola.com	www.newswire.lk
4	cm.g.doubleclick.net	2 redirects www.newswire.lk
4	bh.contextweb.com	2 redirects www.newswire.lk
4	connect.facebook.net	www.newswire.lk connect.facebook.net
4	backend-ssp.adstudio.cloud	www.newswire.lk 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
4	fonts.googleapis.com	www.newswire.lk tpc.googlesyndication.com googleads.g.doubleclick.net
3	ce.lijit.com	1 redirects www.newswire.lk
3	u.openx.net	1 redirects www.newswire.lk
3	rtb.mfadsrvr.com	3 redirects
3	pixel.advertising.com	imprammp.taboola.com am-match.taboola.com
3	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
3	www.facebook.com	www.newswire.lk connect.facebook.net
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.newswire.lk
2	p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com
2	bttrack.com	www.newswire.lk
2	s.c.appier.net	2 redirects
2	dis.criteo.com	2 redirects
2	e1.emxdgt.com	www.newswire.lk
2	rtb-csync.smartadserver.com	www.newswire.lk
2	simage2.pubmatic.com	www.newswire.lk
2	ib.adnxs.com	www.newswire.lk
2	pixel.rubiconproject.com	www.newswire.lk
2	match.taboola.com	www.newswire.lk
2	am-vid-events.taboola.com	www.newswire.lk vidstat.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i2-v6exp3.v4.metric.gstatic.com
1	p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i1-v6exp3.ds.metric.gstatic.com
1	am-wf.taboola.com	vidstat.taboola.com
1	search.spotxchange.com	vidstat.taboola.com
1	sync.srv.stackadapt.com	1 redirects
1	u.ipw.metadsp.co.uk	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	imprammp.taboola.com	vidstat.taboola.com
1	15.taboola.com	cdn.taboola.com
1	www.google.de	www.newswire.lk
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.newswire.lk
1	maxcdn.bootstrapcdn.com	www.newswire.lk
1	t.co
0	uipglob.semasio.net Failed
0	pixel.tapad.com Failed
497	62

This site contains links to these domains. Also see Links.

Domain
web.whatsapp.com
popup.taboola.com
edition.thedodo.com
isinglemom.com
welcomearth.com
coooltech.com
thebest1.xyz
track.cinderco.com
bit.ly

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
newswire.lk Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.adstudio.cloud Sectigo RSA Domain Validation Secure Server CA	`2019-11-21` - `2021-11-29`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.ds.metric.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 54 frames:

Primary Page: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Frame ID: 3EE644B8EACA1109DEFF6ED03BE2B0D5
Requests: 169 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: 262A3ED5C0153FD8CFAFF9CCCC7EB9B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&adk=1812271804&adf=3025194257&lmt=1619246237&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246237850&bpp=13&bdt=1021&idt=107&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6381389819567&frm=20&pv=2&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1425403037338850&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146
Frame ID: FBB114F100FD106CF616813170BA0341
Requests: 1 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F7C734CE35F9B1BC70FCD1C306841A0A
Requests: 7 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 77A6F55393F5BE116AAA32903C4DBC3E
Requests: 15 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8D770AD6FA7D3809435476F9ADBD835A
Requests: 14 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E790614298CE71561CD47D115F2A58C9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046728&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240305&bpp=2&bdt=45&idt=131&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=5566027991424&frm=24&ife=3&pv=2&ga_vid=1963971723.1619246240&ga_sid=1619246240&ga_hid=2090942926&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=2148772391688422&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.doe3ul6u4tit&fsb=1&dtd=150
Frame ID: 37FA538F35E939EB8B17836FFB7432CE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78
Frame ID: 221FA6B07046B66A49C640DA7C35CDF6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=7807194526&adk=1018110699&adf=3173046726&pi=t.ma~as.7807194526&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240531&bpp=1&bdt=69&idt=63&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3851785878586&frm=24&ife=3&pv=2&ga_vid=1977699145.1619246241&ga_sid=1619246241&ga_hid=1098302611&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3848688452&scr_x=-12245933&scr_y=-12245933&eid=21066434&oid=3&pvsid=1135461695726965&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oiesykkfiv85&fsb=1&dtd=77
Frame ID: 9A57136B025F2F9622AE37D10D292E89
Requests: 8 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C183CE5843710113144D35807F6F0D2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7DE2F68DA68507D3147C6CB2BC7B8982
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=3173046725&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240849&bpp=1&bdt=96&idt=109&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3170655155370&frm=24&ife=3&pv=2&ga_vid=21265184.1619246241&ga_sid=1619246241&ga_hid=1825340300&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C21065724&oid=3&pvsid=3355082669149295&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6yaexlps0j4m&fsb=1&dtd=124
Frame ID: C06BE714356067ADA2F48C818BE2F7E7
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 896666039443939A670E5E57922A1360
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1319EE2E7B23EB8A4A67F3DEE74FD76E
Requests: 2 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B821AAA3328C7745FBA3C68153A09D85
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html
Frame ID: E8108121957A90F345C077E8164C0C2B
Requests: 12 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A44C762D885E7B99B32ACB57432F3072
Requests: 7 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A7404032DFBC690C46057DD70BC45FB1
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475705&crid=6149085&dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&cmcv=&pix=undefined&cb=1619246241186&uv=2957&tms=1619246241186&abt=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&ru=https://t.co/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=1363BDD10169982790833708871&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: CE01E891DF1EB531E1052D0C8F94CD6F
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 4EC4EAE5098D4777EFD83A426F0B13C2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6E82B10A826915B079180E4E6449B02B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9B69E51785A53F689AAC13EB40359E46
Requests: 2 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 190856D5C3168C9A54402F5B9A8C6763
Requests: 14 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 13070972452CBD72B10C66145532B5FE
Requests: 6 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAED38C167741AF7C0787B7181873312
Requests: 14 HTTP requests in this frame

Frame: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6D727D7110CA6773CD86853095701315
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 6FC3D880636C763743960456E5218293
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D338B9673FADCEDAB166DF641A888EBA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E4EC483F4E41879604C8096C1ACDC66
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=6584885844&adk=524908346&adf=3173046723&pi=t.ma~as.6584885844&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241431&bpp=7&bdt=282&idt=314&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8421821275027&frm=24&ife=3&pv=2&ga_vid=820117165.1619246242&ga_sid=1619246242&ga_hid=207804358&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1337229020215277&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.i0hh1kfr6wk0&fsb=1&dtd=330
Frame ID: 40140629A4B7EF780C75340EE440955B
Requests: 12 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 7A7B099A2091C4391E1E679EDEBF7F0D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268
Frame ID: 96D2541E8D77A755C0FC6B96A0C252EA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=4424985736&adk=3762722731&adf=776186317&pi=t.ma~as.4424985736&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242163&bpp=5&bdt=798&idt=226&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1171987312487&frm=24&ife=3&pv=2&ga_vid=540531376.1619246242&ga_sid=1619246242&ga_hid=1322867803&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=182982100%2C21068109&oid=3&pvsid=868317288711218&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2l4rfyghj9pu&fsb=1&dtd=236
Frame ID: 884A6CA02544D06A316F89CE866BF12E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233
Frame ID: 8DEFC0D918A2C28E4558F0C3AEEE1A9A
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E5C82DB5BBC4E3ED8BA0FFCA18248876
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301
Frame ID: FFC05C355F9EED499AF77AF1ADA8D4C3
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 79A82FC500ADE52392BE5F852F4020D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9B43559D2CD200F1DE7981A84C51ECAC
Requests: 2 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0
Frame ID: BAC4D9365FC4E56DF830E1080BFA9463
Requests: 18 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0
Frame ID: 8F836B80C7D039E0A9CE6828627F2E7D
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 89C0B4E6A27B311390128E5F15EF8F01
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 6F0737B5B1689E9FD40BCC7400B1AF2A
Requests: 1 HTTP requests in this frame

Frame: https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 0ED7197328FBB0B183AAE5AA5AA6DB0D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0013FD05B6F66004C1635DBD4DE02D13
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8EFAEAF11EE8FDC6783B618C165400AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8D943FB247FFE77DE8C981C9FB4D2A57
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 390A919A73BBC3765AC447E724FED004
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 72D10C984767BDE3D71D95E516159C70
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6FD76DB877FA045245DB5D38B94B19BB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 86ED4856689CC9100B465736A359C35D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 37AF0D4DD9DF27710DB37F71E5DDA6AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1071040F3E93D44EE21902AF56D3C47E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 10DF8AFE09780B4ECE17B487C30BFA0A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/vXfWhc4sgQ Page URL
https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complet... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

497
Requests

99 %
HTTPS

43 %
IPv6

39
Domains

62
Subdomains

46
IPs

9
Countries

9499 kB
Transfer

17997 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://web.whatsapp.com/send?text=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20control%20over%20phone%20https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=wiredigitalpvtltd-newswire&utm_medium=referral&utm_content=thumbnails-a:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://edition.thedodo.com/s/what-dog-breed-says-1d60a48e3a624cfd?utm_campaign=whatdogbreedsays-f9f9c2687cb2440b&utm_source=tab&utm_medium=cpc&utm_term=wiredigitalpvtltd-newswire
Title: The Dodo

Search URL Search Domain Scan URL

URL: https://isinglemom.com/trending/golden-age-stars-you-forgot-are-still-alive-and-got-better-clu?utm_source=taboola&utm_medium=wiredigitalpvtltd-newswire&utm_campaign=8429395&utm_term=At+Almost+100%2C+He+Is+The+Oldest+Living+Western+Star&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F466b97ea494a23585c8023a3853cf2a3.jpg&ts=2021-04-24+06%3A37%3A20&tbv=LdijtSIdxsFWz9PMZNFvVU7Iqm0rKgzZIJSfBKnFl4Y=&pcl=1
Title: I Single Mom

Search URL Search Domain Scan URL

URL: http://welcomearth.com/10-breathtaking-low-cost-countries-you-will-never-want-to-leave/?utm_source=taboola&utm_medium=cpc&utm_term=1343387&utm_content=48982723#tblciGiCVgyR1dMoui4Me_m4CLTZxKPKLGQxvwY-tU6PxnHYgGCCNuD8olK_N26fG9uEK
Title: WelcomEarth

Search URL Search Domain Scan URL

URL: http://coooltech.com/2017/05/15/top-10-best-luxury-watches/?utm_source=taboola/watches&utm_medium=referral&utm_term=wiredigitalpvtltd-newswire&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F25ed39a4693d7483c5f30fb60018f08a.jpg%20&utm_term=wiredigitalpvtltd-newswire#tblciGiCVgyR1dMoui4Me_m4CLTZxKPKLGQxvwY-tU6PxnHYgGCCAh0Io_vL6hNHup-kZ
Title: Real live

Search URL Search Domain Scan URL

URL: http://thebest1.xyz/top-10-breathtaking-natural-wonders-of-canada/?utm_source=taboola&utm_medium=top-10-breathtaking-natural-wonders-of-canada&utm_term=wiredigitalpvtltd-newswire&utm_content=http%3A%2F%2Fcdn.taboolasyndication.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ffe12e5b08ce3c6b77931aa91826b98da.jpg#tblciGiCVgyR1dMoui4Me_m4CLTZxKPKLGQxvwY-tU6PxnHYgGCCM0UEozcjC-sSjr4zEAQ
Title: Thebest1.xyz

Search URL Search Domain Scan URL

URL: https://track.cinderco.com/5e689bf60a91860001657556?sub1=wiredigitalpvtltd-newswire&sub2=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe11f7c7a41083f6f8e99f948557cacd3.jpg&sub3=This+New+Gadget+Protects+Your+Precious+Memories+In+1+Click&sub4=2021-04-24+06%3A37%3A20&sub5=Desktop&sub6=5823620&sub7=2919977969&sub8=1343387&ref_id=GiCVgyR1dMoui4Me_m4CLTZxKPKLGQxvwY-tU6PxnHYgGCCnwEoohOubypHynojKAQ#tblciGiCVgyR1dMoui4Me_m4CLTZxKPKLGQxvwY-tU6PxnHYgGCCnwEoohOubypHynojKAQ
Title: My Daily Discovery

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=wiredigitalpvtltd-newswire&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://isinglemom.com/trending/golden-age-stars-you-forgot-are-still-alive-and-got-better-clu?utm_source=taboola&utm_medium=wiredigitalpvtltd-newswire&utm_campaign=8429395&utm_term=At+Almost+100%2C+He+Is+The+Oldest+Living+Western+Star&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F466b97ea494a23585c8023a3853cf2a3.jpg&ts=2021-04-24+06%3A37%3A20&tbv=LdijtSIdxsFWz9PMZNFvVadYnYqk1eAP2hYWHhu3OBM=&pcl=1
Title: I Single Mom

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=wiredigitalpvtltd-newswire&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

URL: https://bit.ly/3cW2Q4F
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/vXfWhc4sgQ Page URL
https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619246238090&ns_c=UTF-8&cv=3.5&c8=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20control%20over%20phone%20-%20NewsWire&c7=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&c9=https%3A%2F%2Ft.co%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619246238090&ns_c=UTF-8&cv=3.5&c8=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20control%20over%20phone%20-%20NewsWire&c7=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&c9=https%3A%2F%2Ft.co%2F

Request Chain 197

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 251

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 281

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 389

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0

Request Chain 390

https://u.openx.net/w/1.0/sd?id=543998486&val=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=

Request Chain 392

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=U5TKNQLFgMfd&ev=1&orig=trc&pid=562107

Request Chain 394

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1

Request Chain 396

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222

Request Chain 397

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2

Request Chain 398

https://ce.lijit.com/merge?pid=42&3pid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 402

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea

Request Chain 403

https://id5-sync.com/s/464/9.gif?puid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAd35ACS4h0VS4C7caeU9uZ-oHp6f0TLNKBGhfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAd35ACS4h0VS4C7caeU9uZ-oHp6f0TLNKBGhfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=7700ca26-8d8f-4b5f-9d08-44c82363ddca&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEEjay8OLZBvHWFw4zvvEUts&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEjay8OLZBvHWFw4zvvEUts%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5963093424194530509&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A17093385621&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/4/4.gif?puid=8879a1a83368d30772de12e898a32488&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/3/5.gif?puid=e012a27d-cef2-4a65-a30f-59d7258a50a9&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 404

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B7dVIpSFDAS3fyM9o7yDYA

Request Chain 406

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=fc02d2f3-1b50-4542-937f-27a02049346e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=fc02d2f3-1b50-4542-937f-27a02049346e HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e

Request Chain 407

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0

Request Chain 410

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=q7JRtZ1aLRd9&ev=1&orig=trc&pid=562107

Request Chain 412

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1

Request Chain 414

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222

Request Chain 415

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2

Request Chain 420

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea

Request Chain 421

https://id5-sync.com/s/464/9.gif?puid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAd35ACS4h0VS4C7caeU9uZ-oHp6f0TLNKBGhfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=7700ca26-8d8f-4b5f-9d08-44c82363ddca&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEEjay8OLZBvHWFw4zvvEUts&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEjay8OLZBvHWFw4zvvEUts%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5963093424194530509&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A17093385621&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/4/4.gif?puid=8879a1a83368d30772de12e898a32488&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/3/5.gif?puid=e012a27d-cef2-4a65-a30f-59d7258a50a9&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/2/6.gif?puid=87cae3c4-a4c7-11eb-b205-0efe0b267eb1&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D

Request Chain 422

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OMeq644sBgqcaXWoo7yDYA

Request Chain 424

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=6dUjcFYiTABfeYtZVMvOElJmE9k&user_group=1&ssp=taboola&gdpr=0 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e

497 HTTP transactions
25 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 vXfWhc4sgQ Show response
t.co/ 522 B
557 B 192ms
144ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/vXfWhc4sgQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

9f2c3c4f4eaba7561f2483d8b7c83a3f48c14c50f4d4de4955cb0c6bfb28caff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /vXfWhc4sgQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 247
content-type: text/html; charset=utf-8
date: Sat, 24 Apr 2021 06:37:16 GMT
expires: Sat, 24 Apr 2021 06:42:15 GMT
server: tsa_o
set-cookie: muc=1d95c75d-9df6-430a-9e6c-8e3485f3bd1b; Max-Age=63072000; Expires=Mon, 24 Apr 2023 06:37:15 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 4fd69b399cf46660e88a06912aaa334d
x-response-time: 121
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/ 92 KB
20 KB 769ms
376ms Document
text/html 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Requested by: Host: t.co
URL: https://t.co/vXfWhc4sgQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6e64c26b92dcca5ed681d3220b9cdb30888d1471ac153c22c07b2581c5455e79

Request headers

:method: GET
:authority: www.newswire.lk
:scheme: https
:path: /2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
link: <https://www.newswire.lk/wp-json/>; rel="https://api.w.org/" <https://www.newswire.lk/?p=44594>; rel=shortlink
content-encoding: gzip

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
19 KB 34ms
18ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 2799207
cdn-cachedat: 2021-03-11 11:57:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a431dcb200004e3860b3f000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a31dd7f18bc0fe8277e68a4489d4861a
cf-ray: 644d527448de4e38-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
527 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 05:55:25 GMT
server: ESF
date: Sat, 24 Apr 2021 06:37:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 06:37:16 GMT

GET
H2 200 style.min.css
www.newswire.lk/wp-includes/css/dist/block-library/ 40 KB
41 KB 198ms
195ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:14:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32663a-a1fb"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 41467
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 font-awesome.min.css
www.newswire.lk/wp-content/plugins/page-views-count/admin/assets/css/ 27 KB
27 KB 375ms
372ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/page-views-count/admin/assets/css/font-awesome.min.css?ver=4.5.0
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

:path: /wp-content/plugins/page-views-count/admin/assets/css/font-awesome.min.css?ver=4.5.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 16:15:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e33011b-6b4a"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 27466
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 style.min.css
www.newswire.lk/wp-content/plugins/page-views-count/assets/css/ 254 B
464 B 380ms
377ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/page-views-count/assets/css/style.min.css?ver=2.2.1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e6a12d9eeda37b5902e6d670167a69b4b5a9e7de783e08e88ce3eea718495af8

Request headers

:path: /wp-content/plugins/page-views-count/assets/css/style.min.css?ver=2.2.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 16:15:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e33011b-fe"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 254
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1002 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C400i%2C500%2C600%2C700%2C700i%2C800&subset=latin

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3587ac13b9ebda6681f2de3d73d139a8d0c59fff381332dfd2483505088787b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 06:22:44 GMT
server: ESF
date: Sat, 24 Apr 2021 06:37:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 06:37:16 GMT

GET
H2 200 font-awesome.min.css
www.newswire.lk/wp-content/themes/unos/library/fonticons/ 39 KB
39 KB 380ms
377ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5b99151e6fad0b8613fa068945b4c43eb226e7b122b77dbbc5db53b31fd8fcfc

Request headers

:path: /wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:41:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326ca0-9a7e"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 39550
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 lightSlider.min.css
www.newswire.lk/wp-content/plugins/hootkit/assets/ 6 KB
6 KB 380ms
377ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/hootkit/assets/lightSlider.min.css?ver=1.1.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a0f21418ef7d1289af0464c6df64a86175567d16f1c378e195267bb77c075e68

Request headers

:path: /wp-content/plugins/hootkit/assets/lightSlider.min.css?ver=1.1.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:19:41 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32676d-16b1"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 5809
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 sassy-social-share-public.css
www.newswire.lk/wp-content/plugins/sassy-social-share/public/css/ 34 KB
34 KB 380ms
377ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.8
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4

Request headers

:path: /wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:38:58 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326bf2-87d9"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 34777
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 sassy-social-share-svg.css
www.newswire.lk/wp-content/plugins/sassy-social-share/admin/css/ 109 KB
109 KB 380ms
377ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.8
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359

Request headers

:path: /wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:37:08 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326b84-1b42e"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 111662
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 pvc.min.css
www.newswire.lk/wp-content/uploads/sass/ 153 B
363 B 380ms
378ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/uploads/sass/pvc.min.css?ver=1591253563
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6d0e222f8a115b55a0011bfa9591e426d46a4d81ee2caba722aa020817063430

Request headers

:path: /wp-content/uploads/sass/pvc.min.css?ver=1591253563
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 04 Jun 2020 06:52:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ed89a3b-99"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 153
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 style.min.css
www.newswire.lk/wp-content/themes/unos/ 64 KB
64 KB 380ms
377ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/style.min.css?ver=2.8.6
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 91e3d6b640b1efad33cae03b8896541e252e23a8d879e4eccc813eeda55707ce

Request headers

:path: /wp-content/themes/unos/style.min.css?ver=2.8.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:13:26 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e3265f6-fe87"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 65159
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 hootkit.css
www.newswire.lk/wp-content/themes/unos/hootkit/ 49 KB
49 KB 380ms
378ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/hootkit/hootkit.css?ver=2.8.6
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4abab2aebf55df3ab08a2b6b44dd5a3308a1b03a3b6dab49f53ef0e5de0e8d13

Request headers

:path: /wp-content/themes/unos/hootkit/hootkit.css?ver=2.8.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:22:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326820-c4b2"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 50354
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 style.css
www.newswire.lk/wp-content/themes/unos-magazine-vu/ 16 KB
16 KB 380ms
378ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos-magazine-vu/style.css?ver=1.0.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79b08bf3697fd12db0e2298a6d33cc4d5d6bd933cfc9dd5b52bfb1fefa75fb32

Request headers

:path: /wp-content/themes/unos-magazine-vu/style.css?ver=1.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Mon, 01 Jun 2020 15:46:27 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ed522d3-3ea7"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 16039
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 hootkit.css
www.newswire.lk/wp-content/themes/unos-magazine-vu/hootkit/ 16 KB
16 KB 380ms
378ms Stylesheet
text/css 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos-magazine-vu/hootkit/hootkit.css?ver=1.0.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4cb0c315168dd3d20d6278aac9309389deea29fee0a4be9d588b19fb91f06493

Request headers

:path: /wp-content/themes/unos-magazine-vu/hootkit/hootkit.css?ver=1.0.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:23:57 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32686d-3f65"
content-type: text/css
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 16229
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 jquery.js Show response
www.newswire.lk/wp-includes/js/jquery/ 95 KB
95 KB 380ms
378ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:07:42 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32649e-17a69"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 96873
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.newswire.lk/wp-includes/js/jquery/ 10 KB
10 KB 380ms
379ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 05:07:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326498-2748"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 10056
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 underscore.min.js Show response
www.newswire.lk/wp-includes/js/ 16 KB
16 KB 380ms
379ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 99b90a86b2f904c81a7280d1f47325d0a02568f5c4e913cee34614b472e57538

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 04:52:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326124-3ef7"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 16119
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 backbone.min.js Show response
www.newswire.lk/wp-includes/js/ 23 KB
24 KB 380ms
379ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/js/backbone.min.js?ver=1.4.0
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f828a6d9e9cac6ac79092ce5db177f19d6a69d42c0ebc5bb2a8b6b599c4f4ccf

Request headers

:path: /wp-includes/js/backbone.min.js?ver=1.4.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 04:52:11 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e3260fb-5d80"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 23936
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 pvc.backbone.min.js Show response
www.newswire.lk/wp-content/plugins/page-views-count/assets/js/ 2 KB
2 KB 380ms
379ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/page-views-count/assets/js/pvc.backbone.min.js?ver=2.2.1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2204006753ed8c6782a0e6e1071ef9d93d83a32d6b0964356459cfe6349f95bf

Request headers

:path: /wp-content/plugins/page-views-count/assets/js/pvc.backbone.min.js?ver=2.2.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:16 GMT
last-modified: Thu, 30 Jan 2020 16:15:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e33011b-739"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 1849
expires: Tue, 19 Apr 2022 06:37:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 25ms
19ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157377916-1

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5eb6c2ed127fea86b021682645758fb46f73d134c23fc853ba37040ca8a51dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35804
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Apr 2021 06:37:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:17 GMT

GET
H/1.1 200
OK / Show response
backend-ssp.adstudio.cloud/ 2 KB
3 KB 365ms
167ms Script
application/javascript 88.214.207.236
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://backend-ssp.adstudio.cloud/?c=res&m=async
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.207.236 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 01331e3ff9a20ff56e16fffd5fa4a5d9646e7a23f68197316e07974627e1d639

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Apr 2021 06:37:17 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2483
Content-Type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
www.newswire.lk/wp-includes/js/ 14 KB
14 KB 207ms
201ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 04:53:04 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326130-362a"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 13866
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 33ms
10ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4f8e26c81f0bd1b8d9666af2688b79b28f7bacad087c251263325a756f5f6aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.newswire.lk
Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: m1Q91iut2eitygRMFGM+dg==
cross-origin-resource-policy: cross-origin
expires: Sat, 24 Apr 2021 06:46:59 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: vBPNzwdmfVgJfYMcIBded2SUCF2WBo3RvBVCAL8CyaTY/rHEzZ2G1y4QRo4KQ/NHIgz/8OXCw7EYsu5aAmSeGQ==
x-fb-trip-id: 95149190
x-fb-content-md5: 5901ca76bec3f767ffbc10bfcc1bc2da
date: Sat, 24 Apr 2021 06:37:17 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f6e300091351c9d4b8706ab8fb8dd8d3"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 new-logo-cropped-1.png
www.newswire.lk/wp-content/uploads/2021/02/ 13 KB
13 KB 208ms
202ms Image
image/png 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/02/new-logo-cropped-1.png
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 82afe5007dfc69ab826819fb6af674b973bb5622f617e79a0434c15a7a21ba8a

Request headers

:path: /wp-content/uploads/2021/02/new-logo-cropped-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Mon, 08 Feb 2021 04:27:42 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6020bdbe-3513"
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 13587
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 85ms
30ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

9ed5a3546f364bae246c1251e7e967b67060e5039c2260ff1984e1a8cc7a8fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "851 / 673 of 1000 / last-modified: 1619215815"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21129
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:17 GMT

GET
H2 200 Screenshot_20210422-120000_Gallery.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 159 KB
159 KB 208ms
202ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/Screenshot_20210422-120000_Gallery.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 047c7f757d242662e0047bf076d8eb5849f611c70319da2594dfd0491858d229

Request headers

:path: /wp-content/uploads/2021/04/Screenshot_20210422-120000_Gallery.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 22 Apr 2021 06:30:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6081181d-27b54"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 162644
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 ajax-loader.gif
www.newswire.lk/wp-content/plugins/page-views-count/ 911 B
1 KB 208ms
203ms Image
image/gif 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/plugins/page-views-count/ajax-loader.gif
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d71f2448eb60d7a49ed178c04a5bee9aae839f47f0a19c2ad81738afb4f2873

Request headers

:path: /wp-content/plugins/page-views-count/ajax-loader.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 16:15:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e33011b-38f"
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 911
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 hutch-tag-1.png
www.newswire.lk/wp-content/uploads/2021/02/ 12 KB
12 KB 209ms
203ms Image
image/png 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/02/hutch-tag-1.png
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: de78fe019f154c43850a70fe034f0d63af85484873bc6903eef33e42dcbc3902

Request headers

:path: /wp-content/uploads/2021/02/hutch-tag-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 25 Feb 2021 08:07:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60375aa7-2e3d"
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 11837
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 Screenshot_20210424-052014_Twitter.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 117 KB
117 KB 209ms
204ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/Screenshot_20210424-052014_Twitter.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b70708d9d480ae8c38a613eb2b8c3b7a0e25c2072d553e50985e6991cf6e5e34

Request headers

:path: /wp-content/uploads/2021/04/Screenshot_20210424-052014_Twitter.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 23 Apr 2021 23:51:08 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60835d6c-1d2d2"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 119506
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 PSX_20210424_032704.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 70 KB
70 KB 210ms
205ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/PSX_20210424_032704.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 471902c8f9c32011fcade6b5598550c717c96bb0a00240d0ae9ed1e8c9bb862c

Request headers

:path: /wp-content/uploads/2021/04/PSX_20210424_032704.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 23 Apr 2021 23:09:01 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6083538d-1187d"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 71805
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 Screenshot_20210424-035757_Samsung-Internet.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 65 KB
65 KB 212ms
207ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/Screenshot_20210424-035757_Samsung-Internet.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 91082544582a158ddc8f5897b706fced0f3397e0c0cb5d4a43f1b5823693f466

Request headers

:path: /wp-content/uploads/2021/04/Screenshot_20210424-035757_Samsung-Internet.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 23 Apr 2021 22:28:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60834a21-103da"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 66522
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 2.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 50 KB
50 KB 213ms
208ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/2.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6b4f43a16c028746bdf6a14174e13ef4ed38ed6b6cf41874563ab5bd506c9cf3

Request headers

:path: /wp-content/uploads/2021/04/2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 23 Apr 2021 07:44:30 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60827ade-c700"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 50944
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 Screenshot-2021-04-23-at-11.49.22-AM.png
www.newswire.lk/wp-content/uploads/2021/04/ 852 KB
854 KB 213ms
209ms Image
image/png 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/Screenshot-2021-04-23-at-11.49.22-AM.png
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 49c4490765ffee35617c10353d286e78fb2dcb226000a134f7030a20d541f277

Request headers

:path: /wp-content/uploads/2021/04/Screenshot-2021-04-23-at-11.49.22-AM.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 23 Apr 2021 06:19:50 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60826706-d508e"
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 872590
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 anniversary_7-1.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 1 MB
1 MB 2292ms
2287ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/anniversary_7-1.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 32a550e7f39c296eb03b55beb6b6e37c260f8195a943d0c6af04855f4c6347f5

Request headers

:path: /wp-content/uploads/2021/04/anniversary_7-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 22 Apr 2021 05:50:30 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60810ea6-16301a"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 1454106
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 20210423_174408.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 42 KB
42 KB 2292ms
2288ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/20210423_174408.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6de0d8ca593d057e05fc36dbf3bebdf522daa629584815187a765aed263deb0f

Request headers

:path: /wp-content/uploads/2021/04/20210423_174408.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 23 Apr 2021 12:14:32 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6082ba28-a694"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 42644
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 Screenshot_20210423-133314_Facebook.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 187 KB
188 KB 2292ms
2288ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/Screenshot_20210423-133314_Facebook.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 68742cac5ba386823f4ed90c03fc860e22d3e788503487e6a064858a476144fa

Request headers

:path: /wp-content/uploads/2021/04/Screenshot_20210423-133314_Facebook.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 23 Apr 2021 08:03:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60827f56-2ed52"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 191826
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 PSX_20210422_203803.jpg
www.newswire.lk/wp-content/uploads/2021/04/ 129 KB
130 KB 2292ms
2288ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/04/PSX_20210422_203803.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bb2816b89aa39cd8500c562291f8e890d36c07d056d63fe7c03947b210085cfb

Request headers

:path: /wp-content/uploads/2021/04/PSX_20210422_203803.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 22 Apr 2021 15:13:21 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60819291-20481"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 132225
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 mob-new-pizza.jpg
www.newswire.lk/wp-content/uploads/2020/12/ 127 KB
128 KB 2292ms
2288ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2020/12/mob-new-pizza.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aa73092c34958c49d354495a847495a12c063274c6818d12dc45015967b75dff

Request headers

:path: /wp-content/uploads/2020/12/mob-new-pizza.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 22 Apr 2021 13:56:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "608180a5-1fd22"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 130338
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 desk-new-pizza.jpg
www.newswire.lk/wp-content/uploads/2021/01/ 155 KB
156 KB 2293ms
2289ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/01/desk-new-pizza.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f0cfa2a09fe2e3905a5fe3c052545631118e5f5c5a02e266a57a41504fe12254

Request headers

:path: /wp-content/uploads/2021/01/desk-new-pizza.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 22 Apr 2021 13:57:08 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "608180b4-26d55"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 159061
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 hoverIntent.min.js Show response
www.newswire.lk/wp-includes/js/ 1 KB
1 KB 191ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0

Request headers

:path: /wp-includes/js/hoverIntent.min.js?ver=1.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 04:52:29 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32610d-447"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 1095
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 jquery.superfish.min.js Show response
www.newswire.lk/wp-content/themes/unos/js/ 4 KB
5 KB 191ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/js/jquery.superfish.min.js?ver=1.7.5
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0

Request headers

:path: /wp-content/themes/unos/js/jquery.superfish.min.js?ver=1.7.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:23:04 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326838-117a"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 4474
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 jquery.fitvids.min.js Show response
www.newswire.lk/wp-content/themes/unos/js/ 2 KB
3 KB 196ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/js/jquery.fitvids.min.js?ver=1.1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: adb5cc1394d55b14a571376c596dc91072a044d3a729f547bc2ec3a4a21b3469

Request headers

:path: /wp-content/themes/unos/js/jquery.fitvids.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:23:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326836-991"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 2449
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 jquery.parallax.min.js Show response
www.newswire.lk/wp-content/themes/unos/js/ 7 KB
7 KB 196ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/js/jquery.parallax.min.js?ver=1.4.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c4e5b489203cbd29bbe5dbadb25774e1e2db624ae83734420fb65e30b2c43362

Request headers

:path: /wp-content/themes/unos/js/jquery.parallax.min.js?ver=1.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:23:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326837-1b52"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 6994
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 resizesensor.min.js Show response
www.newswire.lk/wp-content/themes/unos/js/ 2 KB
2 KB 197ms
190ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/js/resizesensor.min.js?ver=1.7.0
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182

Request headers

:path: /wp-content/themes/unos/js/resizesensor.min.js?ver=1.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:23:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32683b-8ec"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 2284
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 jquery.theia-sticky-sidebar.min.js Show response
www.newswire.lk/wp-content/themes/unos/js/ 5 KB
6 KB 197ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/js/jquery.theia-sticky-sidebar.min.js?ver=1.7.0
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

:path: /wp-content/themes/unos/js/jquery.theia-sticky-sidebar.min.js?ver=1.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:23:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32683a-1535"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 5429
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 jquery.lightSlider.min.js Show response
www.newswire.lk/wp-content/plugins/hootkit/assets/ 15 KB
15 KB 197ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/hootkit/assets/jquery.lightSlider.min.js?ver=1.1.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dfbbedcbb4b1efe043e9c0d42c774cb2b810f8a1c73c90200ed5bb8b0c74700d

Request headers

:path: /wp-content/plugins/hootkit/assets/jquery.lightSlider.min.js?ver=1.1.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:19:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32676c-3c43"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 15427
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 hootkit.min.js Show response
www.newswire.lk/wp-content/plugins/hootkit/assets/ 6 KB
6 KB 197ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/hootkit/assets/hootkit.min.js?ver=1.0.16
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 31c43dc23fd794fe0e9eeed06dbba6fcb973401c1be63778a60415caed560578

Request headers

:path: /wp-content/plugins/hootkit/assets/hootkit.min.js?ver=1.0.16
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:19:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326768-1871"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 6257
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 sassy-social-share-public.js Show response
www.newswire.lk/wp-content/plugins/sassy-social-share/public/js/ 42 KB
43 KB 198ms
191ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.8
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6a5bdb4807c498f25472575228b9054098f33e2f40e278643084b63531aded07

Request headers

:path: /wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:39:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326bf7-a9ba"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43450
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 hoot.theme.min.js Show response
www.newswire.lk/wp-content/themes/unos/js/ 2 KB
2 KB 198ms
192ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/js/hoot.theme.min.js?ver=2.8.6
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8f8727974e531d1514dc1758d23844883d579e0e56befe3b1e9926fb74c37261

Request headers

:path: /wp-content/themes/unos/js/hoot.theme.min.js?ver=2.8.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:23:01 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e326835-78d"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 1933
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 script.min.js Show response
www.newswire.lk/wp-content/plugins/boxzilla/assets/js/ 15 KB
15 KB 199ms
193ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.23
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04b5fde887138d2fe0a67f416147dd6a6b5a91e8212aff2698891d2508e9785c

Request headers

:path: /wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.23
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Sat, 10 Oct 2020 00:25:41 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5f80ff85-3c0e"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 15374
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 wp-embed.min.js Show response
www.newswire.lk/wp-includes/js/ 1 KB
2 KB 199ms
193ms Script
application/javascript 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 04:53:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32612e-577"
content-type: application/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 1399
expires: Tue, 19 Apr 2022 06:37:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 13ms
10ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: 0eJVFsQk2fTWf0qzxIP/anZx+oOkWcoD073Rezk4XExsLD86Kar/JW8mNSnw92xFFUwkH+jxn6+KldMAFTeIoA==
x-fb-trip-id: 95149190
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 24 Apr 2021 06:37:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/ 243 KB
26 KB 68ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.44.5 /
Resource Hash: 89d7446405567353fd2c30514a5ed28080d5d4c41988ee6efa49ccc984c330ff

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xqEBsnMe0Lr1h7azL1KSCgFtM315ywaD
content-encoding: gzip
etag: "c63cf76ee4672fc1ab624daa1c1314dc2a846f32"
age: 8235
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
content-length: 26179
x-amz-id-2: z+GsEJoqKQP4u2tV9TM/faKQE0uzEPP7SoDVH+zvbxNgi7i0D2eGMshF+uD+/VNK3ckC0crXay4=
x-served-by: cache-hhn11577-HHN
last-modified: Fri, 23 Apr 2021 12:45:12 UTC
server: obaker.93.1.2-11.44.5
x-timer: S1619246238.815209,VS0,VE1
date: Sat, 24 Apr 2021 06:37:17 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: S89VCRACY47KT30Z
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 6
x-cache-hits: 1

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newswire.lk
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:43:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 140013
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:43:44 GMT

GET
H2 200 fa-brands-400.woff2
www.newswire.lk/wp-content/themes/unos/library/fonticons/webfonts/ 54 KB
54 KB 2287ms
2287ms Font
application/octet-stream 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/webfonts/fa-brands-400.woff2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

:path: /wp-content/themes/unos/library/fonticons/webfonts/fa-brands-400.woff2
pragma: no-cache
origin: https://www.newswire.lk
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.newswire.lk
referer: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.newswire.lk
Referer: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:44:22 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5e326d36-d768"
content-length: 55144
content-type: application/octet-stream

GET
H2 200 fa-solid-900.woff2
www.newswire.lk/wp-content/themes/unos/library/fonticons/webfonts/ 43 KB
43 KB 2287ms
2287ms Font
application/octet-stream 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/webfonts/fa-solid-900.woff2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

:path: /wp-content/themes/unos/library/fonticons/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://www.newswire.lk
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.newswire.lk
referer: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.newswire.lk
Referer: https://www.newswire.lk/wp-content/themes/unos/library/fonticons/font-awesome.min.css?ver=5.0.10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Thu, 30 Jan 2020 05:44:38 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5e326d46-ac24"
content-length: 44068
content-type: application/octet-stream

GET
DATA 200
OK truncated
/ 302 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 682 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 436 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_GB/ 218 KB
64 KB 21ms
10ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=4560987b66248a9ce52dab99936e8162&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49e98d5c1231646831bad8d58cb45803d326d091b716e5d3fd86416e460d2c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.newswire.lk
Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OOL7p0bXGOM+DiRKDYQz7g==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66008
x-fb-rlafr: 0
x-fb-debug: RWle4pR+nR4G850kg6zz9m9RZljBoJ1L7H4c1E14YSGYZqhZrYNH1vROzb+zB1pnhdYZwLInovJUewbrOp1z5g==
x-fb-content-md5: b44df54dc97e837efcfcf73c64a8a53a
x-frame-options: DENY
date: Sat, 24 Apr 2021 06:37:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6871c8e3b8e86b07341f23e8bc11702d"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 24 Apr 2022 05:39:44 GMT

GET
H3-29 200 755078108612799 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/755078108612799?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef9263769f97ca6b3baa316edf9f99358ce8dc2dc9e25153de26365e85477cba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Bnx0RjbH5km8aqTiIyeEStWhoYBHjLVWAp5p/Y5iiFWgKDPcYAiUyLUz3dzvBuF0lFAO5ejGAKLfzj+klY8Oxg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 24 Apr 2021 06:37:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157377916-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4474
date: Sat, 24 Apr 2021 05:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 24 Apr 2021 07:22:43 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 223 KB
83 KB 42ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9768079269149828&plah=www.newswire.lk&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame 262A 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210422/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Apr 2021 19:22:05 GMT
expires: Fri, 07 May 2021 19:22:05 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 40512
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js Show response
cdn.taboola.com/libtrc/ 479 KB
110 KB 20ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: eb33360ccea9928b0ac73b5a792d52fdac3c773168ce5aa6f2a4cf1c100e9f09

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: q62U_73Yywp2Z5.4tVG86ZUSkZxl6i8A
content-encoding: br
etag: "6fcc4ccff802dd975080d8abec0c3be7"
age: 28292
x-cache: HIT
content-length: 112524
x-amz-id-2: jdhZI6tPoz7I3O6C/ORFU9C2scdaALU0qmLxxesBZl7QhqSNMx2gk+YV8D5dRdTQSVj0QnctdNU=
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 08 Apr 2021 12:22:20 GMT
server: AmazonS3-br
x-timer: S1619246238.895620,VS0,VE0
date: Sat, 24 Apr 2021 06:37:17 GMT
vary: Accept-Encoding
x-amz-request-id: DFEN7M063XYT2AXT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 2310

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 108ms
35ms Script
application/javascript 13.224.95.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-18.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:23:25 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: Ciguq2NnFMKDWT-zibgWK_LhGU9AJILz34Zul1tAbciQegQCROyWug==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 46ms
45ms Image
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=stories-infra_var
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619246238.896351,VS0,VE0
x-served-by: cache-hhn11577-HHN
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2059495745&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20control%20over%20phone%20-%20NewsWire&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=212765528&gjid=314217162&cid=143635041.1619246238&tid=UA-157377916-1&_gid=1400460166.1619246238&_r=1&gtm=2ou4e1&z=2032793732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021042101.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 63ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 08:38:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108325
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 10ms
10ms Image
image/gif 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489414865331710&ev=fb_page_view&dl=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1619246237925&sw=1600&sh=1200&at=

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 24 Apr 2021 06:37:17 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
11ms Image
image/gif 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=755078108612799&ev=PageView&dl=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1619246237949&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619246237947.1755710934&it=1619246237824&coo=false&rqm=GET

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 24 Apr 2021 06:37:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 17ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-157377916-1&cid=143635041.1619246238&jid=212765528&gjid=314217162&_gid=1400460166.1619246238&_u=IEBAAUAAAAAAAC~&z=1606483075

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 06:37:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
639 B 2081ms
2028ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.newswire.lk&callback=_gfp_s_&client=ca-pub-9768079269149828

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9768079269149828&plah=www.newswire.lk&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

894cb96480f054ba99dbd36b24bfe32ac79d98a9081143d40969f0e7e992374f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newswire.lk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newswire.lk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FBB1 54 B
56 B 70ms
69ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&adk=1812271804&adf=3025194257&lmt=1619246237&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246237850&bpp=13&bdt=1021&idt=107&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6381389819567&frm=20&pv=2&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1425403037338850&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&adk=1812271804&adf=3025194257&lmt=1619246237&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246237850&bpp=13&bdt=1021&idt=107&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6381389819567&frm=20&pv=2&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=1425403037338850&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:18 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Apr-2021 06:52:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 06:37:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:18 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-157377916-1&cid=143635041.1619246238&jid=212765528&_u=IEBAAUAAAAAAAC~&z=303623871

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-157377916-1&cid=143635041.1619246238&jid=212765528&_u=IEBAAUAAAAAAAC~&z=303623871

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/wiredigitalpvtltd-newswire/trc/3/ 43 KB
13 KB 2550ms
2548ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/wiredigitalpvtltd-newswire/trc/3/json?tim=08%3A37%3A18.048&lti=stories-infra_var&data=%7B%22id%22%3A258%2C%22ii%22%3A%22%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1619011026951%2C%22vi%22%3A1619246238046%2C%22cv%22%3A%2220210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A5008%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4053%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1901%2C%22mw%22%3A910%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails2%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails2%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22stories-infra_var%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a944cee75aa0228d11b9647a3740e6e181fa149f183b81f3d8c875ef40582064

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 540
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
server: nginx
x-timer: S1619246240.046959,VS0,VE540
x-served-by: cache-hhn11577-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.newswire.lk
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 44594 Show response
www.newswire.lk/wp-json/pvc/v1/increase/ 87 B
371 B 2243ms
2242ms XHR
application/json 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newswire.lk/wp-json/pvc/v1/increase/44594

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

f7835f0da0d4537cb99aece3479d8a0030c8641bae2643577f9a2804fcd6984a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.143635041.1619246238; _gid=GA1.2.1400460166.1619246238; _gat_gtag_UA_157377916_1=1; _fbp=fb.1.1619246237947.1755710934
:path: /wp-json/pvc/v1/increase/44594
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
x-content-type-options: nosniff
server: nginx/1.14.0 (Ubuntu)
access-control-allow-headers: Authorization, Content-Type
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
link: <https://www.newswire.lk/wp-json/>; rel="https://api.w.org/"

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1619246238090&ns_c=UTF-8&cv=3.5&c8=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20con...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619246238090&ns_c=UTF-8&cv=3.5&c8=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20co...

64 B
329 B

44ms
44ms

Image
image/gif

13.224.95.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619246238090&ns_c=UTF-8&cv=3.5&c8=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20control%20over%20phone%20-%20NewsWire&c7=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&c9=https%3A%2F%2Ft.co%2F
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-18.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Nq10oxGGG7hRSpDdi608CEdLna2Q3oAJfezOEV2cZScl3akDlGQBNw==

Redirect headers

date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1619246238090&ns_c=UTF-8&cv=3.5&c8=WhatsApp%20Pink%20%3A%20New%20virus%20targeting%20WhatsApp%20users%2C%20can%20take%20complete%20control%20over%20phone%20-%20NewsWire&c7=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&c9=https%3A%2F%2Ft.co%2F
content-length: 420
x-amz-cf-id: fv2I7a4iejzE5ql3ksHRoc0taISgHUcO_oW82WsOMZ18Z8eikri7ZQ==

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2010ms
2010ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-LogoR-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238141&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=762&adys=10&adks=111942606&ucis=1&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce2dce5a3835aad4da665f4d1154aedef570e242a0de22638286cec2a2e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4434
x-xss-protection: 0
google-lineitem-id: 5462404551
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336629668
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 46ms
13ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
5ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
265 B 2000ms
1999ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-A-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238146&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3302441600&ucis=2&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=128&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b04610cfd9fbf5cb6abba66e4b1f399713be440c70321dc8960f8b33f7e86325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2193ms
2192ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-LeaderB-970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238150&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=178&adks=2490406887&ucis=3&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1410x90&msz=970x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

624a1caccaca62d02c96e1ce14ada3c2660826b07f5bae551d76bdf79aad8263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4425
x-xss-protection: 0
google-lineitem-id: 5462400375
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321836179
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 443 B
261 B 2094ms
2093ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-B-300x100&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238151&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=868078969&ucis=4&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

fdfa8a8550dfd3795abfe12aab86c1aa5c975d1e355529ac1a854a99a063f7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
266 B 2186ms
2185ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-C-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238153&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2001235901&ucis=5&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

345c96be2b2e70d62c05113f029a7eaaaf97c9f48a9cf0ef66390fa8a241587f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2099ms
2099ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-NewsBelow-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238155&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=201&adys=1677&adks=505285463&ucis=6&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=910x90&msz=728x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

dbc8ef90f2a95215b266fe1740d7b47a1f2d1a1b1873c82543fdee05a5dd711c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4443
x-xss-protection: 0
google-lineitem-id: 5463581678
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321838204
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 2003ms
2003ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-Ads-Studio-B-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238157&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=201&adys=1791&adks=2349454631&ucis=7&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=910x90&msz=728x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

38500cc629e6c2a2ba6fc457b68df6450c264e67a5bdbc444906dff22b7ded2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5181
x-xss-protection: 0
google-lineitem-id: 5627160473
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347139493
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2479ms
2479ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-A-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238159&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=343&adks=503977886&ucis=8&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=440x250&msz=300x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ae141e8ca115945e16eb66d818bf27f004c657952ec573157804cde3bff2136b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4196
x-xss-protection: 0
google-lineitem-id: 5448954448
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319988301
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
273 B 2394ms
2393ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-D-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238161&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3183490757&ucis=9&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

85f5b94f70b9fa78bd549825d48e26ee593884f1c5cdc6b811c5907fece74bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
265 B 2909ms
2909ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-E-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238163&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3666947504&ucis=a&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

efbcd2cd3133deede6d48c7c60051905a5c59e33ab0982753c5f2431e0fc73f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 455 B
275 B 2473ms
2473ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-Ads-Studio-A-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238166&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2599136180&ucis=b&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

da6c0c243c6f3af2d0b0e0dd6a9d5e92ecf877a32916066de792e0383de1d41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
273 B 2555ms
2555ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-F-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238168&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1206849025&ucis=c&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

4cdc68a16e0da783f3107719837101786393fe183b8c12b798641ca8238f84f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2840ms
2839ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-B-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238170&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=608&adks=3564121988&ucis=d&ifi=14&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=440x250&msz=300x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

7b7cbd31841f7fb98d0fba99a253d63af1335a28424d123868742e05ef7de5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4189
x-xss-protection: 0
google-lineitem-id: 5449293083
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319910096
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2918ms
2918ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-C-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238171&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=873&adks=206333917&ucis=e&ifi=15&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=440x250&msz=300x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

d3901ca16e1e629b6333268b8876d3330db34ddc43765023b9bc394c59180bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4196
x-xss-protection: 0
google-lineitem-id: 5448962140
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138320362351
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 2914ms
2914ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-Ads-Studio-A-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238173&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=1588&adks=42007190&ucis=f&ifi=16&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=440x313&msz=300x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a7e4a43c0d88d0cd0c92bb603193fb28b1ca412ca7cea812d622eee4b1b620f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4566
x-xss-protection: 0
google-lineitem-id: 5626697230
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138346695839
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
272 B 2996ms
2996ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-Startup-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238175&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3005126740&ucis=g&ifi=17&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

8556056475a94160fe34fb90c73338860ac6763299f2337d69ec4685cfcb32a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 3086ms
3085ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-D-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238177&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=1853&adks=1235796295&ucis=h&ifi=18&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=440x250&msz=300x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

264472188a5493dc2902d6ca57f327d1b9563b66e60a3a1312246184ca366cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4195
x-xss-protection: 0
google-lineitem-id: 5447980686
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319910687
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 3097ms
3097ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-E-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238178&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=2835&adks=2344954036&ucis=i&ifi=19&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=440x250&msz=300x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

6c403f1d9f5fa7c012e5cb6a5f1b9c9b3bad2f48e8f7a6e0ebc02ed572a35b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4206
x-xss-protection: 0
google-lineitem-id: 5447982681
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138320362693
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 3099ms
3099ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Desktop-Inner-F-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238180&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1120&adys=3100&adks=839429393&ucis=j&ifi=20&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=440x250&msz=300x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=4&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

916daf9e2c352253d2f25e7ccb9bffd2906fe93799693d104616e2ce9044763c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4194
x-xss-protection: 0
google-lineitem-id: 5449299263
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319911542
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
5 KB 3090ms
3090ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-Ads-Studio-B-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238182&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=63788295&ucis=k&ifi=21&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

f21d818a2a49a25af2901a5409d135a0316048b161e7dbbea5290527468c6e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4565
x-xss-protection: 0
google-lineitem-id: 5627163545
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138346722669
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 455 B
280 B 3079ms
3079ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1425403037338850&correlator=1004079317427479&output=ldjh&impl=fifs&eid=31060871%2C31060808&vrg=2021042101&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=22035953837%2CE-Mobile-Inner-Ads-Studio-C-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619246238&dt=1619246238184&dlt=1619246236829&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3878886693&ucis=l&ifi=22&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=143635041.1619246238&ga_sid=1619246238&ga_hid=2059495745&ga_fc=false&fws=132&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

fc2057743be8f664d7d18b26f2871dee424af09499d68d52f10c2c5ed1cf0b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 10ms
10ms Ping
text/plain 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryc3hrMNZjpAIkbeGU

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 24 Apr 2021 06:37:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.newswire.lk
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F7C7 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 77A6 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F7C7 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43857
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H/1.1 204
No Content / Show response
backend-ssp.adstudio.cloud/ Frame F7C7 0
183 B 102ms
101ms Script
text/plain 88.214.207.236
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://backend-ssp.adstudio.cloud/?c=b&m=api&res=js&placementId=3493&domain=newswire.lk&page=https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstVD8ciO_Kg1DDxGhu3ypPuLTD1qqlQA_Y1EFmqu3gvAf7nH4b0WuBMMKrB6ElMmuv4xm7ESdCWfXJflNW9jxH7buXcUdTWYieXCl8U2Orvwzqnagq_vOXWo8MlD1As3tve9tZ7w2R_0G_wqYNNKvSYlsKVMxc_sFqgRu1szlz9x8Q-560QJSvm0N-h1F41Ai_2vqptUB7WmRDNW8601msXiI-O-4X6wmjkbOKwG10R-CR93txrUnXn8XdjvKB7mNX0q84sdxtcaJBoCIiUHpFBhxB9bMulQHnLeXssf-wp6A9_LONPleRlo1CEbb1Kw34xLqlD%2526sai%253DAMfl-YSiDpz5nu4bIWzP31M9r0A6ysZHo7_-MKvVKETmemzQTBmsnxfnA0SSPH2otbaJTocX0g3rAYjUeSbhV5xZEWW50THwbd46k4g8zDqSzGcRHf96cmubNiyChAxKe6Y%2526sig%253DCg0ArKJSzPVEa6-rrHmIEAE%2526urlfix%253D1%2526adurl%253D
Requested by: Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.207.236 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Apr 2021 06:37:20 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7C7 116 KB
35 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 77A6 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43857
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 77A6 133 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77A6 116 KB
35 KB 30ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7C7 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuddanUql_qAWGmShHI-W1zhjyjEbQZcSFfg9PUyO2eN9iQ3BUVUivHQu8K2Pz8_eqsmskt8Wei_hhMggQNv2yCOZ6GFwgR5blOAe8yGoq2_WG8g_mYZOW4HyuOVyA8SWAXgOVxuM_AD-a7LUbbfWygJSxgFHl4vCBp08ldk_pav3zl0fMkwKxGHMcO06Q88Hpx7ZXqsLaR0NcScV9m3DAP6NDhW9Cx_4HK_GHhfG5CctIOqeAJOxTjFKMOYRH83Pvm2cF9eJyINlQNFkKExxnv2Kjyg8i_fXe5O8vteKAhA4wnM5a1E-IG3e0ynX7yA9mwMtjkJGAJ&sai=AMfl-YQknT5VtYhmPEe8SOY6CMEV7ohYvOFCKSqQlUWFQ1r-fJoJhmgRfwFLtO-9qIw6sFqC9izScwiBvQdspEcyOszIIxjoMMsUaA_r9vH2Uf_wjWFoDsSSYBHLrrkFxfs&sig=Cg0ArKJSzBMsx1phkNf_EAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77A6 0
0 33ms
32ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2xoLRia_1utog51gxRlCjUBEi2Hj51eJs8XxD9xrtJkyd_NpkMTl20yEqYZDTCyuJn0dWsgEDppI_wUEOEeYbNZttOH_cKGxvknmkwduDEOuo3T8FkH31GEIH5mjtBZP_3cq2RVG4GPh2eKOwgIuRkqPgGi7JS1UNQVmkZFW3zRspxGkTzCyeehmHtZkBtDF9EW0S-PVM-ELi3JR6VStewmU1VwZ0fwz8b-caxb67zSYf0GtMW9HiHPEnLtmjnkx28yy8NkzR7VCxOVYZHeRNzwSQWmcG8E4fm4ADlDV1JRoO66qM3Qd86tzAYxlWivA&sig=Cg0ArKJSzDDQG_sRCGgaEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D77 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame 77A6 223 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9768079269149828&plah=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
DATA 200
OK truncated
/ Frame 77A6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5e0c5d7d7b921ec041507f2a7c591ec66d300fb0c135e0dd60923c567453b97

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F7C7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec8597a6c49c62994600fadc2331bb28c653565036147f8b756dd5c7f19327dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7C7 0
0 61ms
32ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7257pLzL2T3G4--XT9dDsDtE9_Yoir_ln0c5kPOa0HOupJ6LDIj0wE-1hMT3RdiMe8NMzj35Z864acnMZ8izmio_baJyyYGk40O5ufgmwFEqnlg5YYwoyT6LBpmbMFGAsRkhF1BJ1LT3-e3O7X1MWehZlTXl4-M4AVHZ74UP76kqmu49R80mzYqYywwjgk3r2SKW9WHMDHaCkCKbQMXduHfYXloD2CxSHlFoBMbqku2jsjzOFqp4smdef7p9G9wNJ_HVwhuJHXpsXPZDUBqQFyE3fvwCvU__IBhP0Lpz46aADVNCjF5zN81XW2jS5-GXGJJLDbMjZ8fg&sai=AMfl-YRf3IsSjMp87rf7lmFbc4PcMeAt1d4Q-Ylc7VcD7y0yXBT2Zjlk0l44WKxhI8x8wHR-2aHifil70_gJqzOZF21QKQ1DjLpYGD_MhsHd-eaOZpK13YiFuZXvqh7kaVg&sig=Cg0ArKJSzKedFFD70FBYEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E790 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8D77 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43857
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8D77 133 KB
47 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D77 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 77A6 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 77A6 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 37FA 57 KB
22 KB 408ms
407ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046728&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240305&bpp=2&bdt=45&idt=131&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=5566027991424&frm=24&ife=3&pv=2&ga_vid=1963971723.1619246240&ga_sid=1619246240&ga_hid=2090942926&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=2148772391688422&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.doe3ul6u4tit&fsb=1&dtd=150

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5402749f8d8f313b3cf2ff8a2df479710a6ea3d0ac15254d793bab81d040f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046728&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240305&bpp=2&bdt=45&idt=131&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=5566027991424&frm=24&ife=3&pv=2&ga_vid=1963971723.1619246240&ga_sid=1619246240&ga_hid=2090942926&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=2148772391688422&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.doe3ul6u4tit&fsb=1&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlnJtPyCbRImAWjGC7ov57oCpxnfEDE_IPt0JB2HFLPdgkQa8fMNxsWbeX6W7M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:20 GMT
server: cafe
content-length: 22204
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77A6 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D77 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPomiDwV16xFF_4uY0T2IlYMMKYKj5JArdfkBBd3oqlw5fhE1oktXGqwNZDcAnG6CSR-BDvOios1q5VLCFI-oOXajVVfwRE9WvgGPrT0fX71SpLvrxIQ-HgVRqOELhsuvFEvOQA1pMwHk6aJgh-HTN1mGzja2TMKwBPqOssWG0mE9Wtvrz1HphOaYSPKWVRLZjFCQFHAPJelAphvFRe5AZG5MZUn5xrRP7qEOoK72d-l19wA46llx5bwPUfHWDnN-c_brXMULwS2vH24TrZkCw-YjFH2YiLMA1gnTNYB85CrcZzl5AVElhODopbs7LilTBgf6U&sig=Cg0ArKJSzDEWAZo0Vni6EAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 8D77 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103dbfaf82d653ea17db61df7c8652818b076bd68c0df664bca358c24cb5cb10

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E790 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43857
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E790 133 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E790 116 KB
35 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame 8D77 223 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E790 0
0 31ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfS_uyWMCCVq-7coqNF0cnXw4QG8g4QYSQTbg45bt6Kl7qZWW-eQDCg6jvzbfB9SfSH2sX5bq_51zT7C68ECyyCs47ANzlDUDDz-xlM8bzJcoDiGgdTC9AQwO-577Tw4Ebmulsjtv6yWl0Tk6BpTQ0tREoADQsLzjmA8F_71jcZKRJpXaD-dfwnXbOGomgyA51qtiEhe0nipicT0Lz5DiGW7f_owo284U6hJ0OgeUUWOJt_VLMQYhJ1yv6-oF-Q5Dka31FXF_UjBiSiNxqCFofxyP8Rui9vVJYp_edEVx6tlO9eHFJqo59b0UrfssdKyfn2A&sig=Cg0ArKJSzIJ7puwlXCbQEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame E790 223 KB
83 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
DATA 200
OK truncated
/ Frame E790 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3415bb51eac7db015e065e43f35de075eb9558c5c0e740362a5313cad7115ac9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8D77 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8D77 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 221F 58 KB
22 KB 335ms
335ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6cf3fd9e20a9abf01ea07e547e865d2e61e0a528608c513a8a87f4ad0e2b1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlnJtPyCbRImAWjGC7ov57oCpxnfEDE_IPt0JB2HFLPdgkQa8fMNxsWbeX6W7M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:20 GMT
server: cafe
content-length: 22300
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D77 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame E790 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E790 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A57 86 KB
31 KB 398ms
398ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=7807194526&adk=1018110699&adf=3173046726&pi=t.ma~as.7807194526&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240531&bpp=1&bdt=69&idt=63&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3851785878586&frm=24&ife=3&pv=2&ga_vid=1977699145.1619246241&ga_sid=1619246241&ga_hid=1098302611&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3848688452&scr_x=-12245933&scr_y=-12245933&eid=21066434&oid=3&pvsid=1135461695726965&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oiesykkfiv85&fsb=1&dtd=77

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

077261355e1bbbb94cd1492c3b9d560225de374f90b6889e71e9ebb8c6c0f3b1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXe56eilvACFT6Agwcd07YCTg&gqi=oLyDYLrYJcmbgAe4voTABQ&layout=/sadbundle/%24csp%253Der3%24/10629951720919750275/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=7807194526&adk=1018110699&adf=3173046726&pi=t.ma~as.7807194526&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240531&bpp=1&bdt=69&idt=63&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3851785878586&frm=24&ife=3&pv=2&ga_vid=1977699145.1619246241&ga_sid=1619246241&ga_hid=1098302611&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3848688452&scr_x=-12245933&scr_y=-12245933&eid=21066434&oid=3&pvsid=1135461695726965&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oiesykkfiv85&fsb=1&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUloPghwFeUG18682uIDB7Xm6vhYqFGOwjpCrcMFzSiSJ4ptR18wUe51bWXzqeM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXe56eilvACFT6Agwcd07YCTg&gqi=oLyDYLrYJcmbgAe4voTABQ&layout=/sadbundle/%24csp%253Der3%24/10629951720919750275/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:20 GMT
server: cafe
content-length: 31310
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E790 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 17 KB
6 KB 21ms
21ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6407f21bb7d5a444525e2c5d6e24c1615e4576485b44df5bc60dace160811193

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vmb7.ijW5qAPmwhvq719P_DpYc2tWkY4
content-encoding: gzip
etag: "e8e54c2a1ef59d1bc363e3a6eaf9493e"
age: 3881
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5405
x-amz-id-2: wI5jqjRDvJaiAFh7SWpodbjxwxxHEc4SOlCleK51NLYlnmGDeBVRBc6AdC/PCABRHbTK9W6wB+4=
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 22 Apr 2021 13:32:26 GMT
server: AmazonS3
x-timer: S1619246241.631749,VS0,VE0
date: Sat, 24 Apr 2021 06:37:20 GMT
vary: Accept-Encoding
x-amz-request-id: D6W6GG79PS67ZMC2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 47570

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1 KB 21ms
20ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 28108
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by: cache-hhn11577-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1619246241.631734,VS0,VE0
date: Sat, 24 Apr 2021 06:37:20 GMT
vary: Accept-Encoding
x-amz-request-id: CR4E2RJ6SANDVYVF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 65
x-cache-hits: 256266

GET
H2 200 tfa-eid.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 32ms
32ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9ed9754aa9be076afee71222db2bd6669ff38468292a11ab09768be4c816c14

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5YIxO5ZUp.97WZB04UOcztb0AJ_oWbPB
content-encoding: gzip
etag: "87acdbb87b67bb9c2b1af4d553e10da5"
age: 56
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 4916
x-amz-id-2: gx5lksAg5d6WSYvjE6ABsxfqvNFEsTgMndX9xkpHABQLJPlK4NI7HZt2+iAsalTVYH5TyQQ4VVg=
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 08 Apr 2021 12:22:59 GMT
server: AmazonS3
x-timer: S1619246241.644463,VS0,VE0
date: Sat, 24 Apr 2021 06:37:20 GMT
vary: Accept-Encoding
x-amz-request-id: NX8CC3MN5AEWM7C6
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 6

GET
H2 200 sha256.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 31ms
31ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18f61b8f71ac41adab4d7661ec4af0182fc295f3ad4f6793be70029d457d1941

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: B35igeBL7zJFsAO57oIz84aHMF9rTjWZ
content-encoding: gzip
etag: "a2b86151bc7d6f41566c2fea5bfd5c33"
age: 39
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 2648
x-amz-id-2: V7GU/EB3ESEINfJKKraaY0oLulmtJc0rOatjb/T9kd7xeYNXmZVPsfoZN5/RrgQUWUloRnpRIgA=
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 08 Apr 2021 12:22:49 GMT
server: AmazonS3
x-timer: S1619246241.644413,VS0,VE0
date: Sat, 24 Apr 2021 06:37:20 GMT
vary: Accept-Encoding
x-amz-request-id: 9F04A9EVQGCH2SH5
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 2

GET
H2 200 explore-more.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
7 KB 30ms
29ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1887d8dd661a94fd2edaf6b904d1bffc5260be10a53c1087715d81357997b239

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: QZEYaMVvlDrFvUE1qxwdboxqJdT62eiH
content-encoding: gzip
etag: "541dbd91d1418c95f48383b9e1e663b2"
age: 43
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 6672
x-amz-id-2: unTjGLkEEcmmSBHcXbvz1Zp7KZj14oeoPhW48GpThQ6QIN3eebC5rgeveJZgWRZ7kk+kS3koaPM=
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 08 Apr 2021 12:22:29 GMT
server: AmazonS3
x-timer: S1619246241.644425,VS0,VE0
date: Sat, 24 Apr 2021 06:37:20 GMT
vary: Accept-Encoding
x-amz-request-id: 8EXPYC1DV556179R
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 2

GET
H2 200 feed-card-placeholder.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 28ms
28ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ffc44de0ce25488160569cc90419f364f682d024ee531d160b26196f72e99a4

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kqSwmBxHrdSPzWUj0GmaH.RZ_tjpa89j
content-encoding: gzip
etag: "50ec83cbc08022698601b86fce06ee8c"
age: 116
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1319
x-amz-id-2: UX7uAywW9QLKZb5QX75v4glSD/jU0nR99r7jKb7Pa/fo73IMBHfB7zjcl3eyCUPx60wR7uFke+Y=
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 08 Apr 2021 12:22:32 GMT
server: AmazonS3
x-timer: S1619246241.644392,VS0,VE0
date: Sat, 24 Apr 2021 06:37:20 GMT
vary: Accept-Encoding
x-amz-request-id: 35TT3SQSV718NCWQ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 7

GET
H2 200 userx.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 21ms
21ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wiredigitalpvtltd-newswire/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e99224ef103e834d807902a7d7411e06f1357e67ffee8d6a0b56a5216178a03d

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PeK.0yh76hBzLrz4wD6H.Bu8o6BWhqsV
content-encoding: gzip
etag: "25c8f63e5d86bd20eda58babcb98ff44"
age: 12
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 7917
x-amz-id-2: dvjj/Cvitb2fYCZpAOXN22xP0AJY1dc44nQSveeDrhZguh2CEnR2bHpQfA6LuTUAV3Zqv4dfH+Y=
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 08 Apr 2021 12:23:04 GMT
server: AmazonS3
x-timer: S1619246241.649633,VS0,VE1
date: Sat, 24 Apr 2021 06:37:20 GMT
vary: Accept-Encoding
x-amz-request-id: XZAXV052QM9FHGQB
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 1

GET
H2 200 tb Show response
15.taboola.com/ 29 KB
8 KB 37ms
36ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=wiredigitalpvtltd-newswire&unitType=59&tbloc=&pageType=text&pstn=Slider%20-%20Video&uuip=&cisrf=https%3A%2F%2Ft.co%2F&cirf=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&encoded=1&uid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1619246240688&tagid=&cntry=BE&platform=1&sesid=4c8cc72793367718d995f20dc57daa95&itemid=/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone&viewid=1619246238046&geolat=&geoing=&deviceifa=&appid=&sd=v2_4c8cc72793367718d995f20dc57daa95_b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220_1619246240_1619246240_CGoQm_9RGN6S45SQLyABKAEwFjjqxgdA44YQSOXp2QNQ____________AVgAYABosa_ptcr9986tAQ&ri=dce9cdd49857daf91a5b6796504e90c9&appname=&cdb=&gdprApplies=true&rid=&sii=-690319787653155653&oee=true&tpubid=1343387&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=VOV&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1343384&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61735a898e1845dc0b55e152f0e082cf8dec50ce4c4137b3d76a46aca258c5cc

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
access-control-allow-origin: https://www.newswire.lk
machineid: 1430
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11577-HHN
pragma: no-cache
server: nginx
x-timer: S1619246241.699953,VS0,VE16
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/wiredigitalpvtltd-newswire/log/3/ 0
261 B 77ms
77ms Image
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/wiredigitalpvtltd-newswire/log/3/abtests?route=AM:IL:V&lti=stories-infra_var&ri=dce9cdd49857daf91a5b6796504e90c9&sd=v2_4c8cc72793367718d995f20dc57daa95_b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220_1619246240_1619246240_CGoQm_9RGN6S45SQLyABKAEwFjjqxgdA44YQSOXp2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&pi=/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone&wi=-690319787653155653&pt=text&vi=1619246238046&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1619246240701%7D&tim=08%3A37%3A20.701&id=450&llvl=1&cv=20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT&
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 58
pragma: no-cache
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246241.716901,VS0,VE58
x-served-by: cache-hhn11577-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C18 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Screenshot_20210405-195928_Facebook.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/04/ 32 KB
32 KB 35ms
33ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/04/Screenshot_20210405-195928_Facebook.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db4911962f5e99e70e329cf1cce742407460e4e8d79731e7ebc417cb63bc3158

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 694005
edge-cache-tag: 332101778099639872062427040322712400335,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Sat, 08 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/04/Screenshot_20210405-195928_Facebook.jpg
content-length: 32376
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Wed, 07 Apr 2021 08:13:34 GMT
server: nginx
x-timer: S1619246241.762838,VS0,VE1
etag: "3535212ef8e0dcb5e33c236cbe295aa1"
x-served-by: cache-wdc5568-WDC, cache-dca17772-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 PSX_20210330_115754.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/ 43 KB
43 KB 781ms
779ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/PSX_20210330_115754.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 11ced8a27db3991278451d676a8c7f0cca7d5ce30fb627794173d28863e2f62c

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 757
date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 447745924694672274818457559944540826153,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/PSX_20210330_115754.jpg
content-length: 43524
x-request-id: 3029ed5b8eba81ecac2848048678d0ea
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 30 Mar 2021 07:04:16 GMT
server: nginx
x-timer: S1619246241.750430,VS0,VE757
etag: "611d7c5d96d700e59b870ba4559047c9"
x-served-by: cache-wdc5550-WDC, cache-dca17737-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 Malcolm-Cardinal-Ranjith.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2020/12/ 44 KB
45 KB 115ms
113ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2020/12/Malcolm-Cardinal-Ranjith.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83ef50b7f196d831ad7e8f7982685c69f64a1d9272b0e9315ee6760e0c4adc98

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 329981
edge-cache-tag: 475546008374954187156336540503428750210,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2020/12/Malcolm-Cardinal-Ranjith.jpg
content-length: 45146
x-request-id: cf86b2882af476e066e719489de49ca6
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Mon, 19 Apr 2021 08:33:09 GMT
server: nginx
x-timer: S1619246241.750778,VS0,VE93
etag: "c37129c8489351648c1dcaf002716898"
x-served-by: cache-wdc5565-WDC, cache-dca17765-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 Screenshot_20201225-141125_Twitter.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2020/12/ 52 KB
52 KB 153ms
152ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2020/12/Screenshot_20201225-141125_Twitter.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2ccd0fac2161ed22c5fb7e9385df83af0fdde6708d08028728a80a72671a402

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 119
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 488376
edge-cache-tag: 590592749924519128111884676006331033853,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2020/12/Screenshot_20201225-141125_Twitter.jpg
content-length: 52780
x-request-id: 2523a2710228aa7c9fba59e79c8947f6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 16 Apr 2021 15:08:16 GMT
server: nginx
x-timer: S1619246241.762847,VS0,VE119
etag: "78f370a5de083e8b3a0fad66dfdf987b"
x-served-by: cache-wdc5521-WDC, cache-dca17740-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 PSX_20210318_114624.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/ 17 KB
17 KB 238ms
237ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/PSX_20210318_114624.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cd21baca0356342b5419e05654c3387101dcf9d8914713d7748d63e7fc69005c

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 218
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 423563475062329499529529711776843250146,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/PSX_20210318_114624.jpg
content-length: 17032
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Tue, 06 Apr 2021 16:10:47 GMT
server: nginx
x-timer: S1619246241.750541,VS0,VE218
etag: "0b254161e54e23b81d0fbb41afd44638"
x-served-by: cache-wdc5567-WDC, cache-dca17774-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 Screenshot_20210310-100158_Facebook.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/ 10 KB
10 KB 21ms
20ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/Screenshot_20210310-100158_Facebook.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef777d69ecbc60e5a0b220e2332ec49346ab4115889c3d3327bc23e3edb7043b

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 526844
edge-cache-tag: 569969924375106951124249120888846888233,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Tue, 20 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2021/03/Screenshot_20210310-100158_Facebook.jpg
content-length: 9772
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Sat, 20 Mar 2021 04:11:08 GMT
server: nginx
x-timer: S1619246241.750501,VS0,VE1
etag: "d5922672ad6a9584ac00cc2a4d9cb99a"
x-served-by: cache-wdc5531-WDC, cache-dca12925-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 PSX_20201111_191343.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2020/11/ 22 KB
23 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2020/11/PSX_20201111_191343.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d0a790dee4e60d8dcf0b6f983ea9fffe6ab3f8ed547e6eab982d441bc2ac02d

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 285247
edge-cache-tag: 313037216711320327176352456842679160669,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.newswire.lk/wp-content/uploads/2020/11/PSX_20201111_191343.jpg
content-length: 22342
x-request-id: 855260bea6df010554621d7ba4047b83
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 20 Apr 2021 21:36:01 GMT
server: nginx
x-timer: S1619246241.771867,VS0,VE1
etag: "4e51686eb7c40f3212fa89deb244afb9"
x-served-by: cache-wdc5581-WDC, cache-dca17773-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 FB_IMG_1612505196226.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/02/ 17 KB
18 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/02/FB_IMG_1612505196226.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 33b4dd54ff5294cd5589ccadb909b23913531aba70c509ef19e71514697fc70a

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 3782352
edge-cache-tag: 515278554442752734315049814065826601672,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/02/FB_IMG_1612505196226.jpg
content-length: 17808
x-request-id: 4abe9867cf2442255b38334c99dc4bb6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 11 Mar 2021 11:49:25 GMT
server: nginx
x-timer: S1619246241.785431,VS0,VE1
etag: "0ec62073a313e1806d6d4e1f4f7e8d76"
x-served-by: cache-wdc5523-WDC, cache-dca17769-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 5280d7375b52413ea89a59962307dd14.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/52/80/ 33 KB
34 KB 112ms
112ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/52/80/5280d7375b52413ea89a59962307dd14.jpeg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d4d3f409fdcf03df4a88523683e86bffd4e40d1bfa414060f52bfdeffbc1dee8

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 793936
edge-cache-tag: 351177776742748121262212622872259149638,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/52/80/5280d7375b52413ea89a59962307dd14.jpeg
content-length: 34110
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Tue, 06 Apr 2021 06:12:06 GMT
server: nginx
x-timer: S1619246241.794205,VS0,VE90
etag: "6315dba707038cfa5e7d30d7668ff257"
x-served-by: cache-wdc5576-WDC, cache-dca17759-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 466b97ea494a23585c8023a3853cf2a3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 113ms
112ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/466b97ea494a23585c8023a3853cf2a3.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71bb00e8cbfe40fcb550779d725c5ca3f061e3827ceaa9062df931974cb63e2f

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 2526589
edge-cache-tag: 500043256611924867881002656281272524298,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/466b97ea494a23585c8023a3853cf2a3.jpg
content-length: 31816
x-request-id: 0670ae1857d6ea42dd3f712dc81ed72b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 05 Mar 2021 11:45:24 GMT
server: nginx
x-timer: S1619246241.809345,VS0,VE90
etag: "4fc26d4bca77e0789005a036452c0c76"
x-served-by: cache-wdc5533-WDC, cache-dca17738-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 PSX_20210110_101239.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/01/ 12 KB
13 KB 109ms
108ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/01/PSX_20210110_101239.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 729f46c07bda97c7264324ceddbd4eddab07eb000f208c2f38d0f97333dd5180

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 687885
edge-cache-tag: 617796176151012589466588037220591336902,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Sat, 24 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/01/PSX_20210110_101239.jpg
content-length: 12352
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 24 Mar 2021 12:52:10 GMT
server: nginx
x-timer: S1619246241.865945,VS0,VE89
etag: "3a9afe82f8ea1fee62ecdbf17a47d6ca"
x-served-by: cache-wdc5525-WDC, cache-dca17740-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 Screenshot_20210306-120908_Facebook.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/ 6 KB
7 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/Screenshot_20210306-120908_Facebook.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b94fe98db35412d776b8586bcc7d806cce1356a575c830c23a1ed4b91b668c67

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1865757
edge-cache-tag: 570986954868674095080993065880887369681,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/Screenshot_20210306-120908_Facebook.jpg
content-length: 6266
x-request-id: 93d064694e997172e0bb6f35307a7899
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Sat, 06 Mar 2021 12:34:39 GMT
server: nginx
x-timer: S1619246241.906771,VS0,VE1
etag: "c4be6703fd19e50d1eb008579ead0ecb"
x-served-by: cache-wdc5570-WDC, cache-dca12925-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/ 32 KB
32 KB 22ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/3.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b7c22ce53a6ef6b77386f3cc1398693abad3510695a461cd3056ec9f350dc682

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1766043
edge-cache-tag: 412204102670973312098921536734139540452,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/3.jpg
content-length: 32568
x-request-id: 97096e57bfe2c709ed5365f63e4b740b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 11 Mar 2021 05:20:25 GMT
server: nginx
x-timer: S1619246241.907415,VS0,VE1
etag: "1484347313e93627bd33d6aea9a61005"
x-served-by: cache-wdc5571-WDC, cache-dca17725-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 25ed39a4693d7483c5f30fb60018f08a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 110ms
110ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25ed39a4693d7483c5f30fb60018f08a.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cc4872d1026ce4f14d5083375896241879e21d99d1fac9e31748f3d4c59c6035

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 416707
edge-cache-tag: 519315815688369629727355625913089603346,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25ed39a4693d7483c5f30fb60018f08a.jpg
content-length: 18830
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Tue, 13 Apr 2021 12:01:22 GMT
server: nginx
x-timer: S1619246241.920752,VS0,VE90
etag: "a9d35115197eb5eea04b3a2da1223087"
x-served-by: cache-wdc5579-WDC, cache-dca17742-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 20210305_122941.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/ 24 KB
24 KB 111ms
111ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/20210305_122941.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3936c77f7d21abcde8f78d53518e845e22a945eab8535195bdb3a23ce6ae149

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 793868
edge-cache-tag: 606732998071548957840036727820575494135,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Sat, 08 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/20210305_122941.jpg
content-length: 24116
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 07 Apr 2021 13:51:30 GMT
server: nginx
x-timer: S1619246241.927595,VS0,VE90
etag: "22576b92ce61f3e23730f663ca6f645b"
x-served-by: cache-wdc5569-WDC, cache-dca17735-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 Ali-Sabry-Hirunika.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/ 28 KB
29 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/Ali-Sabry-Hirunika.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 08ac346c114650cc64312fa30c921bc32999765566c9c35b12e5c8055e2ec4f6

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 744712
edge-cache-tag: 535813955538068005771608019570052687330,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.newswire.lk/wp-content/uploads/2021/03/Ali-Sabry-Hirunika.jpg
content-length: 29164
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Mon, 12 Apr 2021 08:51:40 GMT
server: nginx
x-timer: S1619246241.930038,VS0,VE1
etag: "882868be52529806366d6d64fcb0b99c"
x-served-by: cache-wdc5523-WDC, cache-dca12923-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 5280d7375b52413ea89a59962307dd14.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/52/80/ 14 KB
14 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/52/80/5280d7375b52413ea89a59962307dd14.jpeg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ed1165504b0714d8e91c8434680e5d3bf02384094c279269adcc4b4a94688a96

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 2529368
edge-cache-tag: 351177776742748121262212622872259149638,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 93
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/52/80/5280d7375b52413ea89a59962307dd14.jpeg
content-length: 14064
x-request-id: a3f864c8eb3d1448b0f0a3cd0eb7bb00
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Wed, 24 Mar 2021 17:11:39 GMT
server: nginx
x-timer: S1619246241.952599,VS0,VE1
etag: "62032107cb22fe44e7d62e1a26af6f05"
x-served-by: cache-wdc5548-WDC, cache-dca17729-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 466b97ea494a23585c8023a3853cf2a3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/466b97ea494a23585c8023a3853cf2a3.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8321d79dde8d30b967fc215a83dd01c22342cdca611511c14a045d6cd51f7098

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 771320
edge-cache-tag: 500043256611924867881002656281272524298,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Sun, 09 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/466b97ea494a23585c8023a3853cf2a3.jpg
content-length: 13252
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 08 Apr 2021 07:51:40 GMT
server: nginx
x-timer: S1619246241.974279,VS0,VE1
etag: "5bc24bb8625459d40bce354543a180a5"
x-served-by: cache-wdc5526-WDC, cache-dca17744-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/ 32 KB
32 KB 110ms
110ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/3.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 578ac5f5a3cfa6d9ccb2962e7aa35f388043e98ba6b25cf07a6371011e9d8537

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 415658
edge-cache-tag: 412204102670973312098921536734139540452,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Sun, 25 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/3.jpg
content-length: 32502
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 25 Mar 2021 19:35:47 GMT
server: nginx
x-timer: S1619246241.975022,VS0,VE90
etag: "2ee4e87a0f4e6a2ec435d56f0122e612"
x-served-by: cache-wdc5521-WDC, cache-dca17747-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 25ed39a4693d7483c5f30fb60018f08a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25ed39a4693d7483c5f30fb60018f08a.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c539278dc5c40ee3d2e96f0f614d9dc79a2ce0130e63bbb27dd13171d600cbf9

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 839649
edge-cache-tag: 519315815688369629727355625913089603346,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Wed, 28 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25ed39a4693d7483c5f30fb60018f08a.jpg
content-length: 20814
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sun, 28 Mar 2021 05:11:25 GMT
server: nginx
x-timer: S1619246241.989028,VS0,VE0
etag: "9320226daaeb5058c723036ec5dd7e02"
x-served-by: cache-wdc5558-WDC, cache-dca17729-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 fe12e5b08ce3c6b77931aa91826b98da.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/ 31 KB
32 KB 21ms
21ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/fe12e5b08ce3c6b77931aa91826b98da.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d19442082a27c03598cd4fb13d5df882434616d1935423fb65f008ee2e80305f

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 758870
edge-cache-tag: 360007341814276960136277303412388966769,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
expiration: expiry-date="Sat, 01 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/fe12e5b08ce3c6b77931aa91826b98da.jpg
content-length: 32128
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Wed, 31 Mar 2021 10:07:37 GMT
server: nginx
x-timer: S1619246241.996214,VS0,VE1
etag: "aff04180978bdb6506f8e3f0c4a5be96"
x-served-by: cache-wdc5551-WDC, cache-dca17761-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 e11f7c7a41083f6f8e99f948557cacd3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 22ms
22ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e11f7c7a41083f6f8e99f948557cacd3.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 11c09b0859e0d7cbe027635a4d019eacb61065d8e1dbeebe60e761e662f5baf7

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 751890
edge-cache-tag: 325799007738762043566074158192241420698,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
expiration: expiry-date="Sun, 25 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e11f7c7a41083f6f8e99f948557cacd3.jpg
content-length: 17396
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 25 Mar 2021 15:56:03 GMT
server: nginx
x-timer: S1619246241.010438,VS0,VE1
etag: "41965925ebc72162544e0fd11312f7a4"
x-served-by: cache-wdc5523-WDC, cache-dca12925-DCA, cache-hhn11577-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.1/ 94 KB
27 KB 24ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78d4b1bfad5f7237f004103007e56d9105496e59657de253da86c590b54bf08a

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront), 1.1 varnish
age: 595974
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 27270
x-served-by: cache-hhn11577-HHN
last-modified: Sat, 17 Apr 2021 09:03:25 GMT
server: AmazonS3
x-timer: S1619246241.768854,VS0,VE0
etag: "3db24b0db37c47ddfbe49c9eac7846eb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: wrKK9EDqpkx44u1iXUeRh0Yu0b3syYEsyoSyi2jXqyLEtvghK6nkRg==
x-cache-hits: 33754

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2C18 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43857
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C18 133 KB
47 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C18 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C18 0
0 32ms
32ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstem__5Zdp_ZA6n0hjk2H4HzG8X7b5SNM64_JcfuuwHqMtK5wz3L6od6CIz2NJz9wC4cEtfY35zB3aFSprziMvfFJ4BttCjLk-bCSTrisEQj71Wkxppe5rm2ZLzQbrjv2cjizfjcRo4h_IkNsPfCwYAXyifY6YthaKQa_BJQaIM8G0rZ4Vp0_xnt8ztaWxQ35NUOXbmairGInJ3gM3RsIGpCDyN67BmrmnIAotNpKgzEbHopZFT_mQIr42aBLRd9CgtucKUZsvyDxzN3rm323iNet2h3QRuh1jqSOIAjdtLZxLGJdW2IQLPyt4CLXOWX96S&sig=Cg0ArKJSzEJM0e2XzD-8EAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 2C18 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72efced1cc4c7087e0a915845448f8b033fe668551ad76b43b2d49f4d9c52286

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame 2C18 223 KB
83 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 176248769746065646
tpc.googlesyndication.com/daca_images/simgad/ Frame 37FA 39 KB
39 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/176248769746065646

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046728&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240305&bpp=2&bdt=45&idt=131&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=5566027991424&frm=24&ife=3&pv=2&ga_vid=1963971723.1619246240&ga_sid=1619246240&ga_hid=2090942926&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=2148772391688422&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.doe3ul6u4tit&fsb=1&dtd=150

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd8f3ae60feebf6e2ab592a5381768cf3dc4337f36cc26859495c9db6924b50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 01:46:18 GMT
x-content-type-options: nosniff
age: 17462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39834
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:41:54 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Apr 2022 01:46:18 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 37FA 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 37FA 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37FA 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 37FA 13 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 37FA 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 05:31:06 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 37FA 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf5nNoLyDYK3pHKSJ7_UP9qGP4AKoxN-2Yq2AmdzJDdvZHhABILqH1XtglQKgAcj-q6cCyAECqQIIM8pmM0yBPqgDAcgDyQSqBK0BT9DoLedBv-Fwf9la2yW5rEOI3E225gnm3ZV_kWyljijjubLEpGpHnMoGUbNmpWHDap7raxhitfPdbb7f04EJ6XIH_UuVvGeJTLzpv9i_a0XLdLNqpjynqR6slQmeygisS02_yQUO7HRRfkHrIqwRil0W5HQPfet-R66sCNpVZbSz6tPGORF6f1GParLRes36DYHqnz30Ct8YEiins_tW444kugD2KhaAUirC8anABLOAro7ZA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAex6r7eAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDKhQbSCAkIgOGAcBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTc2ODA3OTI2OTE0OTgyOA&sigh=qklJBzrgZ5A

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046728&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240305&bpp=2&bdt=45&idt=131&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=5566027991424&frm=24&ife=3&pv=2&ga_vid=1963971723.1619246240&ga_sid=1619246240&ga_hid=2090942926&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=2148772391688422&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.doe3ul6u4tit&fsb=1&dtd=150
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7DE2 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046728&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240305&bpp=2&bdt=45&idt=131&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=5566027991424&frm=24&ife=3&pv=2&ga_vid=1963971723.1619246240&ga_sid=1619246240&ga_hid=2090942926&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=2148772391688422&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.doe3ul6u4tit&fsb=1&dtd=150
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkufIdLZ8mqTXeJGCppQsi_jEyVRfS81pQ6_1--s1yPMW9H5eQL_ucaJSkUE8E
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046728&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240305&bpp=2&bdt=45&idt=131&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=5566027991424&frm=24&ife=3&pv=2&ga_vid=1963971723.1619246240&ga_sid=1619246240&ga_hid=2090942926&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&eid=42530671&oid=3&pvsid=2148772391688422&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.doe3ul6u4tit&fsb=1&dtd=150

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 24 Apr 2021 05:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2425
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7DE2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkufIdLZ8mqTXeJGCppQsi_jEyVRfS81pQ6_1--s1yPMW9H5eQL_ucaJSkUE8E
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 06:37:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 24-Apr-2021 07:37:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 06:37:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 06:37:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 37FA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6255b4f073d0dffec81f531a807772204f364523bbeb8187fab4bbdbf5ad6bff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2C18 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2C18 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C06B 68 KB
23 KB 647ms
647ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=3173046725&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240849&bpp=1&bdt=96&idt=109&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3170655155370&frm=24&ife=3&pv=2&ga_vid=21265184.1619246241&ga_sid=1619246241&ga_hid=1825340300&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C21065724&oid=3&pvsid=3355082669149295&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6yaexlps0j4m&fsb=1&dtd=124

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b1b6cbdb5237085fc241f958915008b3854a8881457deaa4272f2a8551b6d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=3173046725&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240849&bpp=1&bdt=96&idt=109&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3170655155370&frm=24&ife=3&pv=2&ga_vid=21265184.1619246241&ga_sid=1619246241&ga_hid=1825340300&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C21065724&oid=3&pvsid=3355082669149295&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6yaexlps0j4m&fsb=1&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkufIdLZ8mqTXeJGCppQsi_jEyVRfS81pQ6_1--s1yPMW9H5eQL_ucaJSkUE8E; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:21 GMT
server: cafe
content-length: 23751
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C18 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:20 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77A6 0
0 32ms
32ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMpFS5a9lZoaCMOd_gsbjl9SZVKU5WlhYdYPI3gBp6KR2I6Gp_1-n1K1nS0demYoSgakri8_Y27TLvaGZz6yorVXNPHJq37sXxZs8l0PnJNeX_14NbKlZAW2KT7TZADMv11Oj-lq1c4C3o_F-C4ys2HmQ9Ty8KMLkMY4Vf1EfVTJ22AwHFZR0efJ8uJ8Bl1eHH2amWbqwezWQE-NatZiHcArAdFBVmz6HLBnXc5gep2ttZ6RIjniMwp8bsmqqGqLoThg3dFxRFXzj0GWsVcMuZ2PcbnQpqLicCuitgoQuhEPS8Pk_6dxI_yrn_usip1beNmA&sig=Cg0ArKJSzOSOdhLkDxUJEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 77A6 9 KB
7 KB 34ms
19ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bae09d2e9c9d9008c303fbc5cf5ef8a514723dbdf5c746880b6c5352aeb18da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7029
x-xss-protection: 0

GET
H3-29 200 176248769746065646
tpc.googlesyndication.com/daca_images/simgad/ Frame 221F 39 KB
39 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/176248769746065646

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd8f3ae60feebf6e2ab592a5381768cf3dc4337f36cc26859495c9db6924b50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 01:46:18 GMT
x-content-type-options: nosniff
age: 17463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39834
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 10:41:54 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Apr 2022 01:46:18 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 221F 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 221F 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 221F 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 221F 13 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 221F 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQISEVEaWd9KAnLrOUXWgcy8R9NkTqmJVmfGZJIIynElaJmjsNfvNdWmemVGuBoOqCCheD4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 221F 25 KB
10 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 05:31:06 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 221F 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cn4KXoLyDYNqwJKrJ7_UP27KhsA6oxN-2Yq2AmdzJDdvZHhABILqH1XtglQKgAcj-q6cCyAECqQIIM8pmM0yBPqgDAcgDyQSqBK0BT9DedOv9O_oFwMdAITXtbBLMxWjm_wteJBMJHEZ-KUIr_BziN7yVDHaEi7XaYuF50lVPnaLFxN3mTF4YKTTcF0YFwOTAZWYjbJZo20lwGTVZsNyMSwC6wU2_wZeFfOc3ygqbuPTWeKWhedebCelMUoCjEuQYHa6f2ukPfnOGZN7AcMM-72nrgwURmxfgt2dNfmyLD7gX-9q7UUvvewwdIlFzt_Un9zsnIoU3kh7ABLOAro7ZA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAex6r7eAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDlhQbSCAkIgOGAcBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTc2ODA3OTI2OTE0OTgyOA&sigh=cwsi09znN-k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8966 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1319 143 B
163 B 7ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkufIdLZ8mqTXeJGCppQsi_jEyVRfS81pQ6_1--s1yPMW9H5eQL_ucaJSkUE8E; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 24 Apr 2021 05:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2426
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B821 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 77A6 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
DATA 200
OK truncated
/ Frame 221F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5510b864452ae235ab55b8e1c82bd69624d8fd16f92d6c5e4429acb843e63503

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/ Frame E810 12 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=7807194526&adk=1018110699&adf=3173046726&pi=t.ma~as.7807194526&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240531&bpp=1&bdt=69&idt=63&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3851785878586&frm=24&ife=3&pv=2&ga_vid=1977699145.1619246241&ga_sid=1619246241&ga_hid=1098302611&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3848688452&scr_x=-12245933&scr_y=-12245933&eid=21066434&oid=3&pvsid=1135461695726965&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oiesykkfiv85&fsb=1&dtd=77

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37962c64f14af18a04ca0f306739facb179ef2082f8120f3546d6f1bbbe1779d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10629951720919750275/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3375
date: Sun, 18 Apr 2021 21:24:01 GMT
expires: Mon, 18 Apr 2022 21:24:01 GMT
last-modified: Thu, 01 Apr 2021 16:57:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 465200
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9A57 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_rw0oLyDYMWOJr6AjuwP0-2K8ATLitupYrGh56LYDdvZHhABILqH1XtglQKgAbWQxMADyAEJqAMByANIqgS4AU_Q7pWrEqfsYPgcQpRMAYWPpsWSrk54XUnnUYqW_Pm7Vq8kcjwV-AkAZ7tjA99b6JjnbWJQHq4l7fkEDnhzeTGbO6cMNEKGxsvSN2Lm6OtHTbcqapKJAz2LnmUNBQlGuIt4uL2P93rg5Dt36rsyjlKBpBSglhi9zpOpYCEe9wliKOv_ST8LNKPqeZrxbs8we-1kh4QJZuHpdJoJwqK_LrEMbFJlYib6I61OruaLSE6ODDgbkaSFMoLABL-Vj_PNA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAez77s_qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOTGB9IICQiA4YBwEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi05NzY4MDc5MjY5MTQ5ODI4&sigh=C-DIwM8jBAY&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=7807194526&adk=1018110699&adf=3173046726&pi=t.ma~as.7807194526&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240531&bpp=1&bdt=69&idt=63&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3851785878586&frm=24&ife=3&pv=2&ga_vid=1977699145.1619246241&ga_sid=1619246241&ga_hid=1098302611&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3848688452&scr_x=-12245933&scr_y=-12245933&eid=21066434&oid=3&pvsid=1135461695726965&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oiesykkfiv85&fsb=1&dtd=77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 9A57 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 9A57 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A57 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 9A57 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A44C 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A740 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 st Show response
imprammp.taboola.com/ Frame CE01 602 B
493 B 32ms
29ms Document
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475705&crid=6149085&dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&cmcv=&pix=undefined&cb=1619246241186&uv=2957&tms=1619246241186&abt=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&ru=https://t.co/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=1363BDD10169982790833708871&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1b11818c028d63bac545285bca5da170958e5a0dff92c90f3037255d2ee41c1

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475705&crid=6149085&dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&cmcv=&pix=undefined&cb=1619246241186&uv=2957&tms=1619246241186&abt=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&ru=https://t.co/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=1363BDD10169982790833708871&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn11577-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619246241.200629,VS0,VE9
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4EC4 602 B
688 B 65ms
19ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a1b11818c028d63bac545285bca5da170958e5a0dff92c90f3037255d2ee41c1

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

server: nginx
date: Sat, 24 Apr 2021 06:37:21 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
711 B 81ms
80ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6149085&noaop=3&sortOrderType=0&cb=1619246241192&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1215&pt=902183794&tz=120&viewable=true&ddast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2517625&dpubid=472335&abtst=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.newswire.lk&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a35638a6c54bdfd6b403764bec1198d7d01b2d57e21565c64148f0f3634cd8b

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
access-control-allow-origin: https://www.newswire.lk
machineid: 1465
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11577-HHN
pragma: no-cache
server: nginx
x-timer: S1619246241.203768,VS0,VE60
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 61ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66475705&crid=6149085&dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&cmcv=&pix=31589837&cb=1619246241186&uv=2957&tms=1619246241186&abt=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&ru=https://t.co/&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1619246236057.5269!ts:1619246241186&mntl=1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-length: 0
server: nginx

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6E82 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43843
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B69 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=7807194526&adk=1018110699&adf=3173046726&pi=t.ma~as.7807194526&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240531&bpp=1&bdt=69&idt=63&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3851785878586&frm=24&ife=3&pv=2&ga_vid=1977699145.1619246241&ga_sid=1619246241&ga_hid=1098302611&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3848688452&scr_x=-12245933&scr_y=-12245933&eid=21066434&oid=3&pvsid=1135461695726965&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oiesykkfiv85&fsb=1&dtd=77
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnUbF9pRmM-XlBpZ_VGbkqX1sGZmRK6LVnD9MWGV_4j8stbtIU2sn4Z8pvGN7M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=7807194526&adk=1018110699&adf=3173046726&pi=t.ma~as.7807194526&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240531&bpp=1&bdt=69&idt=63&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3851785878586&frm=24&ife=3&pv=2&ga_vid=1977699145.1619246241&ga_sid=1619246241&ga_hid=1098302611&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3848688452&scr_x=-12245933&scr_y=-12245933&eid=21066434&oid=3&pvsid=1135461695726965&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oiesykkfiv85&fsb=1&dtd=77

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 24 Apr 2021 05:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2426
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9A57 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40cabcece3ef2480ed1d3a866357738ad298173c0e8ecd97ba37a9f0dd8642e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B821 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B821 133 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B821 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E810 9 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Apr 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E810 22 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 24 Apr 2021 18:54:37 GMT

GET
H3-29 200 2b9bca78717e44645984f4bd46ca7462.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/ Frame E810 71 KB
19 KB 11ms
9ms Script
application/x-javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/2b9bca78717e44645984f4bd46ca7462.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 341496
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19087
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:57:06 GMT
server: sffe
date: Tue, 20 Apr 2021 07:45:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 07:45:45 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A44C 22 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H/1.1 204
No Content / Show response
backend-ssp.adstudio.cloud/ Frame A44C 0
183 B 111ms
110ms Script
text/plain 88.214.207.236
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://backend-ssp.adstudio.cloud/?c=b&m=api&res=js&placementId=3494&domain=newswire.lk&page=https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjss_9i90JzPCu4qNQzTg1s3zM8Com-ItKEJ3UhlPKdkLZH9BJ9qDajc0AQ7WjMDsd9LCxPh7DSujypQgobDhuCNaUGWMad8yM1Brf2Qb_oaRnbrzJGjP4nWB-U2yf9A5D0P2ey_BtNrF-2TiuJA3vJ-tjmQIsllmRqPkP1bBrM79cjTtxrQ5AsqqXlIwCcsQQ0O2U_ntSgFZ4IeXNNjCXdGZQqFvo1qGKYOwZV2NL6kr57NhjT7jv5UdZJB5z_-W1flgxsBdp6BmAjwWtsmMq-uUjhqZ8aWsnL1YvufRkiDUehQNdHr5EFXFxCA_lhJli36T5mOb109y6kY%2526sig%253DCg0ArKJSzOHr-jretxRLEAE%2526urlfix%253D1%2526adurl%253D
Requested by: Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.207.236 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Apr 2021 06:37:21 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A44C 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/29_5_7/infra/ 635 KB
109 KB 68ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_5_7/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 559c3c9967dbaed902e58956628f48222bd5b0f63e79b0c80859e8e20234d78e

Request headers

Origin: https://www.newswire.lk
Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish
age: 237781
x-amz-meta-mtime: 1619008360
x-cache: HIT
x-amz-meta-ctime: 1619008361
x-amz-meta-mode: 33188
content-encoding: br
content-length: 110591
x-amz-id-2: 33Q2nKEMDoKgFkd970ANPZ0v6ZxrPlFL66sOxrqFq2D+uOhgpjTL1FNZp3mG4TuM/wKlfdrE0rU=
x-served-by: cache-hhn11568-HHN
accept-ranges: bytes
last-modified: Wed, 21 Apr 2021 12:32:43 GMT
server: AmazonS3-br
x-timer: S1619246241.346615,VS0,VE0
etag: "a13c9c388775b83e83cd46feacfd87c8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8RWDC3VP58GZ299C
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 37472

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_5_7/assets/css/ 60 KB
8 KB 25ms
20ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_5_7/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 096ea93670db54d4c83b39a992f2524583d55b1cbb3b283d71c3295283fc480c

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish
age: 237784
x-amz-meta-mtime: 1619008401
x-cache: HIT
x-amz-meta-ctime: 1619008401
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7939
x-amz-id-2: 5HoZWkXRmC6ZqIr1p2S8J8FAj6eb/AMFU/IYQnAxWnRkMAdCgS0gv2tgEZx4Gey0Kjjr4CdEo9s=
x-served-by: cache-hhn11577-HHN
accept-ranges: bytes
last-modified: Wed, 21 Apr 2021 12:33:22 GMT
server: AmazonS3-br
x-timer: S1619246241.305134,VS0,VE0
etag: "37a449babbcfb953b41079480969354a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: NMGYGQ5PGPSATCE5
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 472834

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A740 22 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A740 133 KB
47 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A740 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D77 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZcd4j6zve_xP_ciLeEoRQFZDzwVSwqtdxJr_p-G5_OK3g0UeRWULnDtin4owfFp5vaqCrb8y5x3a9KvEfFgMJNHF4P1cuENmhUhcv4R7s6hYnpYDeSO3vRiYkBsIW3PybBHkym3z8IVrig-sfWC11PHwCN1o7Y5Ea3G0er6XPW6OfYaywPi2G5gr7Errms8c64nvGqjy2PG1s8rb_sLwlybH7yx-RAdh6_cK0axo37aUWM0NhBOb3Vb73RMeAe615THL3-P9LDvs2marxfkNWovAjXO256qVngdAr-KudCk00Idl0lFbR09uUZibfiIpOIFneNW4&sig=Cg0ArKJSzHpNFSS_lkQoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D77 9 KB
7 KB 19ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4bfe4c63e1331b32bd86248fdbf89c2429f4268d8725ea206c82eaac54e17e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7000
x-xss-protection: 0

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1908 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1307 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1319
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 06:37:21 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 24-Apr-2021 07:37:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 06:37:21 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 06:37:21 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAED 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6D72 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 06:37:18 GMT
expires: Sun, 24 Apr 2022 06:37:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FC3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=90&slotname=3437345301&adk=1583095463&adf=3173046727&pi=t.ma~as.3437345301&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240500&bpp=3&bdt=189&idt=64&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1329043600936&frm=24&ife=3&pv=2&ga_vid=989266565.1619246241&ga_sid=1619246241&ga_hid=470889026&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3832524332&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=607782698688680&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7tfpo1i6c5zo&fsb=1&dtd=78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CE01 70 B
264 B 110ms
36ms Image
image/gif 52.31.220.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475705&crid=6149085&dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&cmcv=&pix=undefined&cb=1619246241186&uv=2957&tms=1619246241186&abt=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&ru=https://t.co/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=1363BDD10169982790833708871&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.220.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-220-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame CE01 43 B
183 B 264ms
87ms Image
image/gif 2600:1f18:612b:4264:9a95:fbee:2d35:58d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475705&crid=6149085&dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&cmcv=&pix=undefined&cb=1619246241186&uv=2957&tms=1619246241186&abt=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&ru=https://t.co/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=1363BDD10169982790833708871&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:9a95:fbee:2d35:58d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame CE01 0
125 B 71ms
23ms Script
text/plain 35.156.106.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66475705&crid=6149085&dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&cmcv=&pix=undefined&cb=1619246241186&uv=2957&tms=1619246241186&abt=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&ru=https://t.co/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=1363BDD10169982790833708871&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.106.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D77 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame E810 5 KB
589 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/2b9bca78717e44645984f4bd46ca7462.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aeda827f439d97c90a633d8fa27a1f01d882d133573c2f694c7ae9dabb5f9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 06:17:25 GMT
server: ESF
date: Sat, 24 Apr 2021 06:37:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 b82bba09c0699ff4809b7770cd756098.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/media/ Frame E810 24 KB
24 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/media/b82bba09c0699ff4809b7770cd756098.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b07320f27263a44444a651535b17fc22de523ffa61dae7604b6a84c365a18e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 465199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24957
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:57:06 GMT
server: sffe
date: Sun, 18 Apr 2021 21:24:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 21:24:02 GMT

GET
H3-29 200 0bb0b556057d4af622a9e81919f119c5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/media/ Frame E810 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/media/0bb0b556057d4af622a9e81919f119c5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff16dfda5afcbbd3ab07dda590dad03cbbac08bc1ba379f311fc42ad00719869

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 465199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4277
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:57:06 GMT
server: sffe
date: Sun, 18 Apr 2021 21:24:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 21:24:02 GMT

GET
H3-29 200 9b5ca0e619304b87f02d1328d2019b0c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/media/ Frame E810 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/media/9b5ca0e619304b87f02d1328d2019b0c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10629951720919750275/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88fa78252ceba6149e4df4e061d73e928ff4a2fc27b24eaeddf10681d6fcd098

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 465199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:57:06 GMT
server: sffe
date: Sun, 18 Apr 2021 21:24:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 21:24:02 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B821 0
0 32ms
32ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSXLPOe7rkvknzqn9-zN5PFk4V1w-CPg5mK-D7EuTwkxIZBc9T_CNztldTvDBfW5lw-bab7BrTnBs5ub84fUYHoRScdDYrZUKYB_Qz-6OZQstLUCiho_Q3JlVqX_DHaxa0gIkpG9TeAo6xNOjAAVwC-W5mT-9NE0fIoEihJ7wsqyFPaRS84yM1kSmKBXAu0_xCCYX7YEywakD6qH84K65NuYxKA8UpZCpABnPKkqr-TWJbmP2rWKWIUN1JokrPht7KYN8JETbUWXzQFKvjFvvdc8APIx3aLADq9sVkND7dVRcZsAib8y3SwS0GgxJzO5L8&sig=Cg0ArKJSzPHHz78YVR-yEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame B821 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41d64bdb4fdc63cea64dbb08f909b01b6679eca15c75f3f400c9098593376a07

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4EC4 70 B
265 B 45ms
36ms Image
image/gif 52.31.220.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.220.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-220-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 4EC4 43 B
182 B 200ms
88ms Image
image/gif 2600:1f18:612b:4264:9a95:fbee:2d35:58d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:9a95:fbee:2d35:58d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 4EC4 0
124 B 23ms
23ms Script
text/plain 35.156.106.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.106.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame B821 223 KB
83 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A44C 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0gW7Biki4AXKAzyMRewxI-wtA5cmqJwqpVwGBd0m3oWIsrKSW-EbREr6LaFOUrWOSatCuG0bOKV1IntXSyvDqMX-GDAfbOQUE9kNX6WSh8l4kSzIsuYECD6gy2dVHY2ERECT5JfeGKmjUlT2z4r9LyicTBJr5JxkImnbdijA5BU2igNCDiQm1Qw2LuCbgns8qOc3kdYdKIcIunOcTBugKUDeGJqV0fUbh7kv0OjQfFwZIkn24d8coBh48SbqtCg-GTAjXAdDs62-_TRIwrCaZS488AZuAkWLHfSUODXHqp88NVESTTQJh0civVkkagXtlVeQAnkSKw3ZhqSo&sig=Cg0ArKJSzGc5UkUyP831EAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame A44C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb8cbfd2cfedbbde55e1d673bdcc01dd71e711f7b9ac2f12e48686747fa0a40a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A44C 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP9t-c3_oFBA94DBYPvQo6DwFOgs0nNodYDhGFPW78mPMn10aGIidxSLsiXdTDM21Vd4rP3ov8BZp5BDnrnhRPgl0r8Tk6rkednSaKncuy7PvvSq5otUJrQEeXxUu-iyEZ3qe2sNfPeybmMSoCyBEIX1c-XQZQI0cvNMCcgD6a_OsFetVNo8Tj5SPqqIACdzwTG-9bdyRA6OBHtDCUZKShJv8UmOwS8RRv46Q0DXaa8CTXCXwWgo1wgJzhoMKeLXZzwQnybQD865UC6DqNdumjAXMCqKx3cy1GKNmjxr6otZK6dtG25GrxBz4xmkMcZPwX1IEpev3Tm_JUklZWQw&sig=Cg0ArKJSzK0PtxpsytY4EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A740 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNkfEiQuAh-_2MRTixmaTTN2WJlHPhdr1i0Tc6W7_VUy3YA1HHv5k3CM-Zdg0cotBqElI2MkRssFvpzDZaSOoXiGAkKFUpD8AYGvqHsOBDbtedvGbQAxkyNEu1Ar9FeoJTQT8ALT0mjLA0xgwRLbLiNblKps_EKLI_kL8B_ej91Y9u7C6T63FHTfi4jrxvwHYnayI69AXrYOhuzA0wVeY4VKWLTbtul_B1VZFsFDqsvIZ9SsA47mHn8_hJcIFUJMWs2se6b8K3OfVRizPp0bbe29sWQjFHLMW8cLehUVHlwkuVapIIPZLb1wR_uSH4EXVK&sig=Cg0ArKJSzHH0I_fYaX9JEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame A740 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f76aa5825ee24252ce5bf9a128fecb12c279045679c3bca9c1a8684c9ddc7a15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame E810 19 KB
19 KB 18ms
16ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:56:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 96028
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Sat, 23 Apr 2022 03:56:53 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame E810 19 KB
19 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:15:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
age: 76923
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
expires: Sat, 23 Apr 2022 09:15:18 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame E810 19 KB
19 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:56:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 96033
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Sat, 23 Apr 2022 03:56:48 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
18 KB 21ms
21ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_7/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront), 1.1 varnish
age: 4101577
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn11577-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1619246242.655053,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RuZTYf9ZWA96SQeo8HHRHLcCv200QVgjNg5SQ7cxYBxr9Ka4rjgQ-w==
x-cache-hits: 10145145

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1908 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1908 133 KB
47 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1908 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B69
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 06:37:21 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 24-Apr-2021 07:37:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 06:37:21 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 06:37:21 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1307 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H/1.1 204
No Content / Show response
backend-ssp.adstudio.cloud/ Frame 1307 0
183 B 101ms
100ms Script
text/plain 88.214.207.236
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://backend-ssp.adstudio.cloud/?c=b&m=api&res=js&placementId=3494&domain=newswire.lk&page=https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/&clickurl=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstD2Tzrtl3za-IXbJ5ACC1Ix8G1WA_uKHcQemU6FYYrwIP6E32UCxCmsL1O5L-xmFtObSuzlm7nmqfN2DgXJExLMWokp3li6Hi19SdozPBRXGx_qfysjfUtstO6LfiTMSuo8rnrBk8TsK2KdE5HMhFNaa6Oc6TkhzVkhbCxASLQWK_V6MY0OsGA41cHqahaGEnKbTLskWErzuEhnBZBRZGmq6HqTAYaIfS_G8zx9JV53370OzFw5jO6yJeiOGaXZ2NJ5jBWtnBMarikGzyMsyHMS1M7SILaINrxYxZX3tkO4WOuLF1nIiVv_WrAypys6uJGsbJodNknaQ%2526sig%253DCg0ArKJSzMB5kDlMZc4gEAE%2526urlfix%253D1%2526adurl%253D
Requested by: Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.207.236 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 24 Apr 2021 06:37:21 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1307 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D338 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43843
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E4E 783 B
532 B 15ms
15ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e68f1e32958bc76a84292640570342afa69eafb6b7f39d01cbf113f987d30230

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ASDru6K/dBseJLqC4SfZfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

expires: Sat, 24 Apr 2021 06:37:21 GMT
date: Sat, 24 Apr 2021 06:37:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ASDru6K/dBseJLqC4SfZfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FAED 22 KB
7 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FAED 133 KB
47 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAED 116 KB
35 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6D72 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 18:26:23 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6D72 133 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D72 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame A740 223 KB
83 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:21 GMT

POST
H2 204 bulk Show response
trc.taboola.com/wiredigitalpvtltd-newswire/log/3/ 0
292 B 96ms
95ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/wiredigitalpvtltd-newswire/log/3/bulk?route=AM%3AIL%3AV&lti=stories-infra_var&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210408-15_b3-PR-35186-DEV-87021-stories-rbox-infrastructure-bc60fe6b675-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 61
pragma: no-cache
date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246242.762574,VS0,VE61
x-served-by: cache-hhn11577-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame B821 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B821 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4014 51 KB
20 KB 496ms
496ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=6584885844&adk=524908346&adf=3173046723&pi=t.ma~as.6584885844&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241431&bpp=7&bdt=282&idt=314&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8421821275027&frm=24&ife=3&pv=2&ga_vid=820117165.1619246242&ga_sid=1619246242&ga_hid=207804358&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1337229020215277&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.i0hh1kfr6wk0&fsb=1&dtd=330

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10aab2eff18c36f52ee23e981375a519ce3705527c30a8d1614aa30aee4f6392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=6584885844&adk=524908346&adf=3173046723&pi=t.ma~as.6584885844&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241431&bpp=7&bdt=282&idt=314&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8421821275027&frm=24&ife=3&pv=2&ga_vid=820117165.1619246242&ga_sid=1619246242&ga_hid=207804358&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1337229020215277&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.i0hh1kfr6wk0&fsb=1&dtd=330
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:22 GMT
server: cafe
content-length: 20085
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B821 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E82 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame C06B 4 KB
617 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=3173046725&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240849&bpp=1&bdt=96&idt=109&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3170655155370&frm=24&ife=3&pv=2&ga_vid=21265184.1619246241&ga_sid=1619246241&ga_hid=1825340300&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C21065724&oid=3&pvsid=3355082669149295&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6yaexlps0j4m&fsb=1&dtd=124

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 05:17:49 GMT
server: ESF
date: Sat, 24 Apr 2021 06:37:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 20ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_7/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age: 4004693
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn11577-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1619246242.879400,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits: 9814995

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 20ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_7/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age: 3510336
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-hhn11577-HHN
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1619246242.881762,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits: 7528194

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 20ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_7/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront), 1.1 varnish
age: 2832506
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn11577-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1619246242.882157,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: duXZV0i4ZSVC1-tAr6cZHFunN-GB24YQyZTOQIqiUhVHBP_fxBkvMQ==
x-cache-hits: 4068243

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.1.5/ 546 KB
112 KB 20ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.5/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_7/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3568512d0be98b22bedeb480afd91eeeeb39d2d970a78401b2d918fdeeab7d39

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 varnish
age: 336930
x-amz-meta-mtime: 1618909250
x-cache: HIT
x-amz-meta-ctime: 1618909264
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114166
x-amz-id-2: dyMeeu6ZL5RAVDevZcMOto6sVdopnzOR2Jws8x8UbxiKx0jQdh2BpUj5WYHv57vilCGs8basKC8=
x-served-by: cache-hhn11577-HHN
accept-ranges: bytes
last-modified: Tue, 20 Apr 2021 09:01:05 GMT
server: AmazonS3-br
x-timer: S1619246242.901105,VS0,VE0
etag: "ec01d005626b09d619d198c5fe53afb1"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: MXWNFC59TKN2EW8W
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 679670

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7A7B 602 B
687 B 19ms
18ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_5_7/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a1b11818c028d63bac545285bca5da170958e5a0dff92c90f3037255d2ee41c1

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

server: nginx
date: Sat, 24 Apr 2021 06:37:21 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 21ms
20ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront), 1.1 varnish
age: 1446371
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-hhn11577-HHN
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1619246242.919758,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: *
x-amz-cf-id: G4P2bsVURwUd-6ftn_beps3mb7kmsffmK8YE2wwAUVs5--MeiZC6SQ==
x-cache-hits: 611601

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
940 B 22ms
21ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 d79148f01e44f5598c15bdd5ce1c1997.cloudfront.net (CloudFront), 1.1 varnish
age: 412334
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 701
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1619246242.919903,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9zE_eWDK4NC0Cf3n34DtvXZ4SmjGDoHgXgi77pm7LgxGlqrjH4P-Yw==
x-cache-hits: 156803

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
1009 B 22ms
21ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront), 1.1 varnish
age: 2181565
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 709
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1619246242.919883,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: BvOIM6Ru-sj1Zuk8Pv4KwWWtNjjN_qkQBQVKUVBbjGSvlxOJWOiTWQ==
x-cache-hits: 811017

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
933 B 23ms
22ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront), 1.1 varnish
age: 1995632
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 634
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1619246242.920115,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oN72cAAVKwvn1GJ4MZDIQi3y4vHm--RqZWj9LNg2dBhXT141wINHrw==
x-cache-hits: 836754

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront), 1.1 varnish
age: 1966045
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 660
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1619246242.920030,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZDqQ-5Xcpbcna9hH6Q_Y9h6blg6jnT4mc-LZJehSirPojNmToP3qjA==
x-cache-hits: 861000

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 23ms
23ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 45
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: UhW0L8K6KECybbFthBitW/ieJNWKgz9imZu5jUULtvlY30xTlypmU2dUNNHECE+OqsFn+khhJP0=
x-served-by: cache-hhn11577-HHN
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1619246242.920279,VS0,VE0
date: Sat, 24 Apr 2021 06:37:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: WBR9M535418EKH26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 65
x-cache-hits: 58

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E790 0
0 32ms
32ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSr4psd_ypFKtVjoTVmID88jEBWfLJyBd-KjQGK7iZ-7lPWiNxjOZWuS5AkcEN3huQUa6iB3JO75Bk3LjZOy3OYQ09hcGyYfpaNb_Sx_L7pjPXGoQOw0Z1MS53wqEZ2ehTtLJWDppvbWOWtDAquzezS5Bg9B4a1sbMVfeuATUFdDdYEHBGBGXnHkwysa03ZKzilLp43mobkL6ZdBDdyoOHlBkCi51qJL7ZqIM1NNj1S4yT2boLkBq-CoO1IJDRSeq-avUmsRyaYmQ-Ay78HkEFbI_PFejJK6hP_CGoXlI0kb-zvJChUTdR322wSysPI_iTvKhV&sig=Cg0ArKJSzOBbMSMTF0uHEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E790 9 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30fd2ea444ba04ace1b14e06f136c2eaef1aa9a49e1803e0933092140138b1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6940
x-xss-protection: 0

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame C06B 1 KB
919 B 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:32:12 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame C06B 17 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame C06B 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C06B 116 KB
35 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame C06B 13 KB
5 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C06B 0
0 21ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXwv0G29S6lHj3kRa7V57YBeR80aw2XHwlQcjocBEVcJwpzAaviFFClVY3OIQHBLBtBJWd
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=3173046725&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240849&bpp=1&bdt=96&idt=109&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3170655155370&frm=24&ife=3&pv=2&ga_vid=21265184.1619246241&ga_sid=1619246241&ga_hid=1825340300&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C21065724&oid=3&pvsid=3355082669149295&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6yaexlps0j4m&fsb=1&dtd=124
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame C06B 25 KB
10 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 10:35:46 GMT
server: sffe
age: 365745
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Mon, 19 Jul 2021 01:01:36 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame A740 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A740 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96D2 51 KB
20 KB 413ms
413ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbb1f91d1f211fa32271ba3341dab5f5bd4a7a51f02ef87aba24725b8fbce4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:22 GMT
server: cafe
content-length: 20069
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A740 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:21 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
639 B 20ms
20ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25328
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by: cache-hhn11577-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1619246242.967338,VS0,VE0
date: Sat, 24 Apr 2021 06:37:21 GMT
x-amz-request-id: BZA2MM8GAVQZA74K
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 65
x-cache-hits: 9615

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1908 0
0 32ms
32ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5sf_x2MV8eZ1P5jS223NVInbQJpqcrZdhnULSDdfeQy8TCMb-0qrQ5tlCNVe0gmJh9w8atFfd86oWHHECLboEnU-PkWUdKq8bWibm0tx94eV7m5gbsVR_Vb9hbv2JFwHEE87e_xc1EqdjGb3kkIxX5bowVm91mfEd7InjBXG3_cJoAROg1m5W0w1ziL_jbEZEQvqNaUpULtZQXHqfW0KDbtxiERU18dcKf_boeyjwlEgiAXV9wj3rSN-aAxL42me3R-21eoxkWls77blIJZxIKz4q28q3qHwWRXFf55MmdnpeByGnkHhp-SFl3D4LktZQ&sig=Cg0ArKJSzKvEdedIkPEMEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 1908 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 972d63e152160eb1f1b24071360d4f6661b16b84b57292548357d71823168f8c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1307 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4OdzCzZNdBNpA6jKSmCAr9cteoeetDp5sVqkPt6Euf8btIXsU3IIFEJ5-X0shMwXfxuKoKSVJk1sMMUpe4NuVBWLKwedbU9-qjMWOVfmE758VbqZqPJbsaJw72e00au3k6Skrqfuh8V7Mm9wPqs47CCRyAwpzlZpEYhhLZbNESS55_qyPxJlKSFEo7wMVhv-WCJ19RsXfOE7eMIYPSiAwLB6NoJC-blPjVWcWWurqC1qo9pezzyMPfimIynzc2THUtmmWWALsTgHNuvUCKZ8sBzIOsGGYXCKWLHlFvSMDcpTrULVdWpaCV2s9VvxG9LVw9LRq9gM7Q64qKg&sig=Cg0ArKJSzJ3x-w5d3_YSEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1307 0
0 31ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrFdJQ5-jHTrNtFP-u0B_7CpCFKl4K7lvJkMaHaitA7JjqPvtu3t5d6V78Fy7COA3Hv4wzhr_XAwdFboR4Ym7jg7IenfX23zYh69SZzNGhJScdNQDj0cxUaJRhpaqltJGg_oaastWnEeapHcsrDLq3wAURb9xbSmjAS2IMvj3fyggfQBLMA5luy5PHPr9233Gj1qeFPjPtfdOBxTmk4Q0L_e3SWmJy5pfrn7cMl-nfU2dvQbx68c0zl52b35tW3AjkQcKOLYNQzVJI8sonttMDhuV9AXF-w1PTGYXFHaynvyq-vhfROExT-S-19DyCENq3I7bBd_qLL5qP_Bn4&sig=Cg0ArKJSzD9iEH90370HEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/633398928939785872/ Frame C06B 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/633398928939785872/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2610e2de5ce5eea108a1db978abb0214cc8d9483043f6525b1800bf4246074e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:57:21 GMT
x-content-type-options: nosniff
age: 96001
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4434
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 10:47:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 03:57:21 GMT

GET
DATA 200
OK truncated
/ Frame C06B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAED 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvKMIB9PcQE6LfNnTzuouhDsb-3DsrzlgApN2vsJuBZiOkV6-Zb6mTgtEnxE_HAxhWbuJDj_F8y6h4kyaCp5WqxAE1UygfM4c6fikKLwbQaypU3BUhM6KuO93lHmgqdyKAhnBoCr50Y__4DODvT-zAHISBwkn3AiOYwdPOyc9-8fJKwf7Rkt-fP_XggGEZLRHM-4NdUHO4booVNijPArcpwno8GqnlwqqeBoKHaqjmqSfL-1T381D7miwacdl1ymOhGO4f53kyTpKIcymjvbfFllGAN2Si20VGfIhRl4HiXEvjJPKfkIGm34uHVLzaCSYi&sig=Cg0ArKJSzMTZ3I7gMYPDEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame FAED 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f14ccdf6cd8492ec37f92e2a90354e903d04e7b5e259f4d73a3b491fdf3e5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6D72 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwqVG-siitrujaw5enxs3IyYPqNe__d-jLMAK4r_WWN4MJnz_dxTXK_HDXI3KnfjieaDGzcDEI_xR_xsCWpimfSL7s0rAY8m7bQdadFrYdJ2ZD2MJlxg19NAUxE2ZQGars4HHEGzaqu6RQccBCpMYqDppImLcd5G51yNolhNl3uxqT5mQ5JVsnbSZDG826F_7v0BbGyTvmSNRaeT_ojVvQs7SJi8m1aVhBjXR8OSc3Jwgrxp-TVkcCnGZr7Qxg7YFltfbrq504M3CfoR3-9sUUnWfyJWC_WU_P_cQomyJaZMNEiwIzznHea0YdV2zkrQI4&sig=Cg0ArKJSzEc7C34BI2npEAE&urlfix=1&adurl=

Requested by

Host: 62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
URL: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 6D72 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba2b96e6da2143f0619567bcde3f21ceb21adb7ea7e58d74b18b29f911ea3c69

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame E810 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C06B 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqbDCoLyDYLjAPNGq3gO4jbpYv-7_p2KIwvzZqw2gh4DskAIQASC6h9V7YJUCoAGh9vHFAcgBCakC6JrXqPFLtD6oAwHIA8sEqgStAU_QFvvmfp5gm6sRW9OLWzYyN8TQgZ9LuhYjn583GQz4r_5qyUZ-S5Ej4_uoMcic-Bq3O0WaZzJ4ZOpNJtQhlCDudu5KFOyeMFjtDs1s1zYpJQ1jxBQUsmw2cRtPyvrvtWM8uB5l-wjspgmS1vxZqgILXcRur4N9QQpqQbwcHpm6SJJl4PdFYKyb4gvDsU1DecrTpR4LGDQRWfsrHkFPjVFx5gMjesbysrt2dmZMwASS5syosAOSBQQIBBgBkgUECAUYBKAGLoAHx4mOugKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQs50R0ggJCIDhgHAQARgfgAoByAsBuBOIJ9gTDYgUAbIXGgoYCAASFHB1Yi05NzY4MDc5MjY5MTQ5ODI4&sigh=8GvjuztHLNg&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=3173046725&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246240849&bpp=1&bdt=96&idt=109&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=3170655155370&frm=24&ife=3&pv=2&ga_vid=21265184.1619246241&ga_sid=1619246241&ga_hid=1825340300&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C21065724&oid=3&pvsid=3355082669149295&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6yaexlps0j4m&fsb=1&dtd=124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E790 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 37FA 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmCtisN2TTkIkq4i_f5VBrv9UipMc1h4G9Z8hFvXV2BsK8x9JSbS1aemZowD14g2mSXz2SmgktoxHhBSouw5jxxYO-dIg2KDkOnEopiHR_5BL1yAxn8tsaZFNB4Q&sai=AMfl-YTvwX9vVW3TtHile0sTFnilsZSbbaG2bud5_c62yj8bJAJaeH8nakiBZGLUBmIzrDhG6NBfOvMavv0ETj1HFWBEDX9RkJC10mM&sig=Cg0ArKJSzK220Bczoj9MEAE&cid=CAASPeRoVNY96UDwCUN7veZrJT1Hh2DBy8HdttTn4q71zF175vqIpJUdLfoZrSNYhmXsCOSwokW0Bff1ypmB7GQ&id=lidar2&mcvt=1148&p=0,0,90,728&mtos=1148,1148,1148,1148,1148&tos=1148,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1583095463&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619246240456&dlt=411&rpt=60&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame 1908 223 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77A6 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4YU65ArJls9dNIv15hH6qt8JyR4ZrJ1_X1FbLD0XeDkpsxAu6gjaB4lGBVce-NgIn9ll-jpRdhmjKyfBUPVDOpIKjYVp3Rwr6pJiKnV8&sig=Cg0ArKJSzNG66IaPO35WEAE&id=lidar2&mcvt=1167&p=10,762,100,1490&mtos=1167,1167,1167,1167,1167&tos=1167,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=111942606&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619246240251&dlt=9&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame FAED 223 KB
83 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ Frame 6D72 223 KB
83 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
DATA 200
OK truncated
/ Frame C06B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 009f28211bc86822be976704587ff33bc50b60ba1f2315c8a2e6288b9634d5e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C06B 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 300117
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 20 Apr 2022 19:15:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C06B 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 379322
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:20 GMT

GET
BLOB 206
Partial Content 7594b200-d49f-4862-be28-09519edd7656
https://www.newswire.lk/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newswire.lk/7594b200-d49f-4862-be28-09519edd7656
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 7a33e10a-e0be-4b59-8797-44742fcdd966
https://www.newswire.lk/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newswire.lk/7a33e10a-e0be-4b59-8797-44742fcdd966
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A57 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVRvAUK0lMb5eB-0gCImatZyAyOfz_TOP8tpJrn06XOSK_86pKCT_jCKqqZ1kCpoouHeM0BcnoFLKuQeXe0Qef5s6FJcQzpTNUxijlBLBv-9wcNz7i0eel6yU4H78IVyzbhk-vKptwG0lvoiKe7jhU&sai=AMfl-YT4AlmNyNb9riRiq0SkD-zgOYhJDIcmiSTwa7nJjiUzZUxktoBY47ik6TfQ-_ZacaxB4gdRpSAUFGMemzxqQljSiJEQJI58K_k&sig=Cg0ArKJSzGAfNflDFAQMEAE&cid=CAASPeRoo2NPwkLwVHlHCI0ar8-QxrQabOYX7YwkDO_TjlO6b4E04R6VA4v_lWTBHgBwZzKnsiF2BzPO3xKYVCU&id=lidar2&mcvt=1082&p=0,0,90,970&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1018110699&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619246240609&dlt=416&rpt=159&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7A7B 70 B
264 B 36ms
35ms Image
image/gif 52.31.220.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.220.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-220-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7A7B 43 B
182 B 88ms
87ms Image
image/gif 2600:1f18:612b:4264:9a95:fbee:2d35:58d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:9a95:fbee:2d35:58d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 7A7B 0
124 B 24ms
24ms Script
text/plain 35.156.106.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.106.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C18 0
0 31ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtj6Ls2vBR0Mso-Sg_dNjYOJktbdQDdfYMC3rjTxJxvHcc5JRQxyfWPQH-QqA4c5AJypkzxcwBqZl4vmauD3mmbeH57PgDHUxvakNU6eWmvtTh1TLmSEHEQScBX2LxgCLustiDZq7o4YfCgvewzHyprQ5s5xiVYil0PiUAdRlcq8uvI8reJZwzq0SFIUq0hYGAIQ27hh8fmCMDtP6UP8CXEzjlwsDWP25iF_T6lujxrsp4lBsYqDcfB8IBEbMPVboAPiON5vzGUVp7J2R8doBxWWu9KtqUkFdLZGsvebR_2Ld3Bz3d0HkSu54HOwvvIsLbwaA&sig=Cg0ArKJSzHjq6Ajb-aoPEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2C18 9 KB
7 KB 17ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f90943b359d2b7e66b6b25459b0d1fa6161ef8126ac882bb4e6ea15d0b487f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7088
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1908 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1908 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 884A 51 KB
20 KB 220ms
220ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=4424985736&adk=3762722731&adf=776186317&pi=t.ma~as.4424985736&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242163&bpp=5&bdt=798&idt=226&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1171987312487&frm=24&ife=3&pv=2&ga_vid=540531376.1619246242&ga_sid=1619246242&ga_hid=1322867803&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=182982100%2C21068109&oid=3&pvsid=868317288711218&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2l4rfyghj9pu&fsb=1&dtd=236

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e61ef89dcea1bc53292269e01d488c3a37574eede24ad38b9428cb4540f378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=4424985736&adk=3762722731&adf=776186317&pi=t.ma~as.4424985736&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242163&bpp=5&bdt=798&idt=226&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1171987312487&frm=24&ife=3&pv=2&ga_vid=540531376.1619246242&ga_sid=1619246242&ga_hid=1322867803&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=182982100%2C21068109&oid=3&pvsid=868317288711218&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2l4rfyghj9pu&fsb=1&dtd=236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:22 GMT
server: cafe
content-length: 20010
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1908 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame FAED 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FAED 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DEF 51 KB
20 KB 311ms
310ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7226649d797feb9cfa3dd282f4dc06d8717944bf8cad807806f5edce71bd28b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:22 GMT
server: cafe
content-length: 20217
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAED 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E5C8 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43844
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6D72 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6D72 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFC0 51 KB
20 KB 227ms
226ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1011fc29f967cf32cb58848e21744776946454b7a4f2db819332ad9c92ef796f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 06:37:22 GMT
server: cafe
content-length: 20166
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D72 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 79A8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame D338 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C18 17 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/ Frame 4014 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=6584885844&adk=524908346&adf=3173046723&pi=t.ma~as.6584885844&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241431&bpp=7&bdt=282&idt=314&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8421821275027&frm=24&ife=3&pv=2&ga_vid=820117165.1619246242&ga_sid=1619246242&ga_hid=207804358&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1337229020215277&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.i0hh1kfr6wk0&fsb=1&dtd=330

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:35:08 GMT

GET
H3-29 200 10146984835795206539
tpc.googlesyndication.com/simgad/ Frame 4014 49 KB
49 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10146984835795206539?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlDqXeOCzDKRycK66c_0O3MGZl_Gw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6ae2cb49455057f343f5146648cb2641bfe528973c383ca7f60b91f27958219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 08:37:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 08:00:57 GMT
server: sffe
age: 424763
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49803
x-xss-protection: 0
expires: Tue, 19 Apr 2022 08:37:59 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 4014 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 4014 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4014 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 4014 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4014 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCtJGfou_5DEl0vUj3ryMkhVZyUux3aC25ZyTDcQcMh6fwpgNhiV0chf6pupntacolD_IS
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=6584885844&adk=524908346&adf=3173046723&pi=t.ma~as.6584885844&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241431&bpp=7&bdt=282&idt=314&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8421821275027&frm=24&ife=3&pv=2&ga_vid=820117165.1619246242&ga_sid=1619246242&ga_hid=207804358&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1337229020215277&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.i0hh1kfr6wk0&fsb=1&dtd=330
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 4014 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 05:31:06 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/ Frame 96D2 6 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:35:08 GMT

GET
H3-29 200 10146984835795206539
tpc.googlesyndication.com/simgad/ Frame 96D2 49 KB
49 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10146984835795206539?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlDqXeOCzDKRycK66c_0O3MGZl_Gw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6ae2cb49455057f343f5146648cb2641bfe528973c383ca7f60b91f27958219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 08:37:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 08:00:57 GMT
server: sffe
age: 424763
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49803
x-xss-protection: 0
expires: Tue, 19 Apr 2022 08:37:59 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 96D2 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 96D2 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96D2 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 96D2 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 96D2 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFnazl2yeXVgH2S5ZRNi4HoF0RmUo8qAh8fPhPfvoWAlS12zAt97G5W7lVoR8qLEURZ8iI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 96D2 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 05:31:06 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4014 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDt1kobyDYJPAL430gQfAt5VQ0uyVo2KqgcTL-g3b2R4QASC6h9V7YJUCoAGt3IqIA8gBAqgDAcgDyQSqBLIBT9BBj5sDdHW6Sln3m_DIfQPoh3OAHUgt1KERp2nOk37EUV5sKgb0q330HXY6V3fvdssihBfyeM0XQsc0kME_g3FlU-mTbOWweWrQ40_t-e-mszq8Ge9EJhxq2Lm-XvgIrqcN20A4nQVqQEZy9mMbM6qopp6YXTTlovLmUXGpzBaa3QXO0rIw8NrjRuvKVcqNt2kpq_c44XT8to239EPVDKSDmisTpq-5AcVIvFo-1zXjv8AEsOuF6tEBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4KmxWqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQt5oe0ggJCIDhgHAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTk3NjgwNzkyNjkxNDk4Mjg&sigh=F4kLbiMjOk8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=6584885844&adk=524908346&adf=3173046723&pi=t.ma~as.6584885844&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241431&bpp=7&bdt=282&idt=314&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8421821275027&frm=24&ife=3&pv=2&ga_vid=820117165.1619246242&ga_sid=1619246242&ga_hid=207804358&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1337229020215277&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.i0hh1kfr6wk0&fsb=1&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9B43 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43844
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame BAC4
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-...

0
76 B

30ms
28ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246243.008915,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0
tbl-x-upstream: 10.41.10.104:10213
date: Sat, 24 Apr 2021 06:37:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 10083

GET
H2

200

sd
u.openx.net/w/1.0/ Frame BAC4
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=

43 B
180 B

25ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=
date: Sat, 24 Apr 2021 06:37:22 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame BAC4 0
239 B 103ms
25ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame BAC4
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=U5TKNQLFgMfd&ev=1&orig=trc&pid=562107

0
218 B

19ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=U5TKNQLFgMfd&ev=1&orig=trc&pid=562107
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 11139

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=U5TKNQLFgMfd&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-kx42z
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame BAC4 43 B
689 B 67ms
25ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 06:37:22 GMT
X-Proxy-Origin: 82.102.19.217; 82.102.19.217; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid: 9e514f76-b4fe-44ea-8498-15333e1c5c68
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame BAC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1

0
235 B

80ms
79ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 60
date: Sat, 24 Apr 2021 06:37:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246243.851538,VS0,VE60
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame BAC4 42 B
805 B 101ms
23ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220:$UID
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 06:37:22 GMT
X-lat: lhrpug014:0:481
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BAC4
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222

170 B
506 B

38ms
31ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222
tbl-x-upstream: 10.41.10.104:10213
date: Sat, 24 Apr 2021 06:37:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 10955

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame BAC4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2

0
56 B

80ms
80ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 58
date: Sat, 24 Apr 2021 06:37:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246243.858295,VS0,VE58
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame BAC4
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

24ms
24ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 06:37:22 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 06:37:22 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame BAC4 49 B
406 B 311ms
96ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-mtfsm
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BAC4 43 B
696 B 72ms
23ms Image
image/gif 185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame BAC4 0
59 B 149ms
22ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BAC4
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea

0
228 B

20ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Sat, 24 Apr 2021 06:37:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 10083

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 06:37:22 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea
cache-control: no-cache
server-processing-duration-in-ticks: 3255
content-type: text/html; charset=utf-8
content-length: 222
expires: Sat, 24 Apr 2021 00:00:00 GMT

GET

check
pixel.tapad.com/idsync/ex/push/ Frame BAC4
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAd35ACS4h0VS4C7caeU9uZ-oHp6f0TLNKBGhfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAd35ACS4h0VS4C7caeU9uZ-oHp6f0TLNKBGhfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=7700ca26-8d8f-4b5f-9d08-44c82363ddca&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEjay8OLZBvHWFw4zvvEU...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5963093424194530509&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A17093385621&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/4/4.gif?puid=8879a1a83368d30772de12e898a32488&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/3/5.gif?puid=e012a27d-cef2-4a65-a30f-59d7258a50a9&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame BAC4
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B7dVIpSFDAS3fyM9o7yDYA

0
219 B

18ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B7dVIpSFDAS3fyM9o7yDYA
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 11868

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=B7dVIpSFDAS3fyM9o7yDYA
date: Sat, 24 Apr 2021 06:37:23 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame BAC4 35 B
380 B 383ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Sat, 24 Apr 2021 06:37:16 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame BAC4
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=fc02d2f3-1b50-4542-937f-27a02049346e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=fc02d2f3-1b50-4542-937f-27a02049346e
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e

0
228 B

20ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 13019

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e
date: Sat, 24 Apr 2021 06:37:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 8F83
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-...

0
62 B

28ms
28ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246243.165436,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&tbid=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222&query=taboola_hm%3D3e10a3d4-a0d7-4ec1-b74b-5fcd3abc2067&isDirect=0
tbl-x-upstream: 10.41.12.133:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 10195

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 8F83 43 B
106 B 24ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 8F83 0
239 B 25ms
24ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 8F83
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=q7JRtZ1aLRd9&ev=1&orig=trc&pid=562107

0
219 B

18ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=q7JRtZ1aLRd9&ev=1&orig=trc&pid=562107
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 15793

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=q7JRtZ1aLRd9&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-62jpq
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 8F83 43 B
689 B 44ms
41ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 06:37:22 GMT
X-Proxy-Origin: 82.102.19.217; 82.102.19.217; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: 81d6900b-a59e-4906-80f0-1e4cbf4e1e2a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 8F83
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1

0
179 B

77ms
77ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 58
date: Sat, 24 Apr 2021 06:37:23 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246243.165591,VS0,VE58
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEXA0mwAv1bXzKv5AP23XJM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 8F83 42 B
805 B 25ms
24ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220:$UID
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 06:37:22 GMT
X-lat: lhrpug001:0:559
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8F83
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222

170 B
188 B

33ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222
tbl-x-upstream: 10.41.10.104:10213
date: Sat, 24 Apr 2021 06:37:22 GMT
server: nginx
x-fastly-to-nlb-rtt: 9766

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 8F83
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2

0
60 B

80ms
79ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 58
date: Sat, 24 Apr 2021 06:37:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1619246243.858308,VS0,VE58
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11577-HHN

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0fdcd38e-be94-46df-b6db-2c127bf65ec2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 8F83 43 B
687 B 20ms
19ms Image
image/gif 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 06:37:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 8F83 49 B
406 B 96ms
95ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7c488d4f5b-mtfsm
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 8F83 43 B
438 B 26ms
24ms Image
image/gif 185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:22 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 8F83 0
22 B 29ms
27ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8F83
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea

0
228 B

17ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 15793

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 06:37:22 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=34319c5e-9bc7-4bd9-8e13-61e6c99a62ea
cache-control: no-cache
server-processing-duration-in-ticks: 3584
content-type: text/html; charset=utf-8
content-length: 222
expires: Sat, 24 Apr 2021 00:00:00 GMT

GET

get
uipglob.semasio.net/id5/1/ Frame 8F83
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOAd35ACS4h0VS4C7caeU9uZ-oHp6f0TLNKBGhfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://id5-sync.com/cq/464/124/6/2.gif?puid=7700ca26-8d8f-4b5f-9d08-44c82363ddca&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEjay8OLZBvHWFw4zvvEU...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5963093424194530509&opid=apx&ops=&utidl=tech:goo:CAESEEjay8OLZBvHWFw4zvvEUts&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A17093385621&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/4/4.gif?puid=8879a1a83368d30772de12e898a32488&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/3/5.gif?puid=e012a27d-cef2-4a65-a30f-59d7258a50a9&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/2/6.gif?puid=87cae3c4-a4c7-11eb-b205-0efe0b267eb1&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 8F83
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OMeq644sBgqcaXWoo7yDYA

0
219 B

18ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OMeq644sBgqcaXWoo7yDYA
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 11868

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=OMeq644sBgqcaXWoo7yDYA
date: Sat, 24 Apr 2021 06:37:23 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 8F83 35 B
380 B 301ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Sat, 24 Apr 2021 06:37:15 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 8F83
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=6dUjcFYiTABfeYtZVMvOElJmE9k&user_group=1&ssp=taboola&gdpr=0
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e

0
226 B

18ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Sat, 24 Apr 2021 06:37:23 GMT
server: nginx
x-fastly-to-nlb-rtt: 9982

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fc02d2f3-1b50-4542-937f-27a02049346e
date: Sat, 24 Apr 2021 06:37:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 96D2 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSR58obyDYKiXO9b43gOOuqT4CdLslaNiqoHEy_oN29keEAEguofVe2CVAqABrdyKiAPIAQKoAwHIA8kEqgSyAU_QhndYTbqw9vTBQRxs9xUmzZUEljcQi07uqYThs_FcNc3HtxTn9iPqiheZZVb8a0-Bx1bJPGng2HxW117F7xGRFvNj1J1HG-XH3TziDCPHSYNlFPyaS4uWPkXfq7TJE6bteX6_IjFPaNPIdmxU3Cc2ShdqNCwBv5ij9fBzVRaXF9sKlw5f7bgHPDqaGQxTh6VWwQAu-TsT9TSInLxQxeJsprKm4Lq6mP-8ZEOQjvRXd1_ABLDrherRAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeCpsVqqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMi0E9IICQiA4YBwEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi05NzY4MDc5MjY5MTQ5ODI4&sigh=MFJOtV6ydu0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4014 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8080eab4cf298a23c630d26c885c352d0a47b5008b2bd9746a3919bac7fcb85

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 96D2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a021e772e068cd9ffad7d78af04ae6edde9552fbddbc1c1e4e54d81692e4595c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/ Frame 884A 6 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=4424985736&adk=3762722731&adf=776186317&pi=t.ma~as.4424985736&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242163&bpp=5&bdt=798&idt=226&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1171987312487&frm=24&ife=3&pv=2&ga_vid=540531376.1619246242&ga_sid=1619246242&ga_hid=1322867803&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=182982100%2C21068109&oid=3&pvsid=868317288711218&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2l4rfyghj9pu&fsb=1&dtd=236

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:35:08 GMT

GET
H3-29 200 10146984835795206539
tpc.googlesyndication.com/simgad/ Frame 884A 49 KB
49 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10146984835795206539?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlDqXeOCzDKRycK66c_0O3MGZl_Gw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6ae2cb49455057f343f5146648cb2641bfe528973c383ca7f60b91f27958219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 08:37:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 08:00:57 GMT
server: sffe
age: 424763
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49803
x-xss-protection: 0
expires: Tue, 19 Apr 2022 08:37:59 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 884A 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 884A 2 KB
1 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 884A 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 884A 13 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 884A 25 KB
10 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 05:31:06 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B821 0
0 34ms
34ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7t4788dyAqBNAO22UOnEFI5QeWVl3WueEHwtYJwiK-CZ4NtdiaEkmn0uty1Gvp5R1nDRpFYvxExy5xzMAEouf_H0W4gziy6SoaJJN8QxvrupsjuCZmUcMt_D5nbWUf7ZprmL_E7bpI6g9D5QzzGixlApPFIcPwKWxvX2hyzCY6FtJKrPkpCWMq_nWegCCIKapORFssefkcJpUrx1Cs_SBanVQL5AT5c06JKhf3t5RSr7rTjdxxKcjiwjOQLdhDEyHSUB61z7q-yvGHIGXFJ5H9eFWe9iyquNPzo_gybZAWkDdFinexxTJHRzZWFFvTdQvlpE&sig=Cg0ArKJSzCaUR2fovQ_rEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B821 9 KB
7 KB 33ms
32ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

798fe1459ee6e8b6cc521b87caefa53d7da3e2430abc23193aeb820184411abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A740 0
0 31ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssucVk8I9qMV4MAdAmmgWWauQRRgP-x5QELC7OeFj-EpORo3UdNpfhIvzONrxQbMfoXq89A1OT0at9POul4RgmGFwnewuKd2RWhJcHFnlwhrpI4A2Md_yBb7NwY7wQmgN6K-LME5obQC9EHndtB0IgjMJ3asF_tQ8tU0429krqoD7b0clHdgNJECzHZ8Y5RApVR1v2gRAQlpyDbp3Pu-txUUPNyFLcPYAlaXUlLsPbfbQ75Y3NoiGPXmEGQZmY8SwgHvJZfMh3AH1dyPewCFcnylG1RU3uvwn90BufWgUzBJtk6Lt05n3und3ph2ciUO8HaCtY&sig=Cg0ArKJSzENiiMIM4ibXEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A740 9 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec460af6f41cf01af6bf8f446e79216db285dae036f39b66cac3230e2240dd31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6988
x-xss-protection: 0

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/ Frame FFC0 6 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:35:08 GMT

GET
H3-29 200 10146984835795206539
tpc.googlesyndication.com/simgad/ Frame FFC0 49 KB
49 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10146984835795206539?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlDqXeOCzDKRycK66c_0O3MGZl_Gw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6ae2cb49455057f343f5146648cb2641bfe528973c383ca7f60b91f27958219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 08:37:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 08:00:57 GMT
server: sffe
age: 424763
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49803
x-xss-protection: 0
expires: Tue, 19 Apr 2022 08:37:59 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame FFC0 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame FFC0 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFC0 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame FFC0 13 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FFC0 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTI96WOJHfkq1zJa8966lgLd8dmljidr4MlnzA0y_oj8Cv5HK9adsAF-UalHKkBKdYe-bVk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame FFC0 25 KB
10 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 05:31:06 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame E5C8 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 89C0 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/ Frame 8DEF 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:35:08 GMT

GET
H3-29 200 10146984835795206539
tpc.googlesyndication.com/simgad/ Frame 8DEF 49 KB
49 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10146984835795206539?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlDqXeOCzDKRycK66c_0O3MGZl_Gw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6ae2cb49455057f343f5146648cb2641bfe528973c383ca7f60b91f27958219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 08:37:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 08:00:57 GMT
server: sffe
age: 424763
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49803
x-xss-protection: 0
expires: Tue, 19 Apr 2022 08:37:59 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 8DEF 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 8DEF 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:36:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DEF 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 8DEF 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 06:28:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8DEF 0
0 17ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT60P_KOT0SHsCaRSPGu7UkUgOTYbl-bGngzBuWtq_dV4vbJOOLUmjpTBP3GUmm9BMuZJIz
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 8DEF 25 KB
10 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 05:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 05:31:06 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B821 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 884A 0
0 20ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKm_6oryDYN2tGciN3gPc1K3wBNLslaNiqoHEy_oN29keEAEguofVe2CVAqABrdyKiAPIAQKoAwHIA8kEqgSyAU_Qvqq0lgGzshDc62JIeY7-dHyKqK1eH19lLdU08bHDWinHHDMnwF1iE24ENou9YQ3ewuj65GlP4dd8Xeqv2lGG3arNGu8ZXb7HaNh23G0CPDHm8u-1CnPTxZumge5PaVX4RR4zRBNO6bhzlBSRttYUA3X2YrY6jmC4ZFVbcB4wIvF0iU5nz0S88biERtk9qY-mIJX6todkeIeprqN5M4y7T7LD4pOhRzn3srC9iJf0aFvABLDrherRAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeCpsVqqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMPDCdIICQiA4YBwEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi05NzY4MDc5MjY5MTQ5ODI4&sigh=rvpEkPZWgn0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=4424985736&adk=3762722731&adf=776186317&pi=t.ma~as.4424985736&w=300&fwrn=16&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242163&bpp=5&bdt=798&idt=226&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=1171987312487&frm=24&ife=3&pv=2&ga_vid=540531376.1619246242&ga_sid=1619246242&ga_hid=1322867803&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=182982100%2C21068109&oid=3&pvsid=868317288711218&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2l4rfyghj9pu&fsb=1&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F07 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186312&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246241677&bpp=4&bdt=462&idt=254&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=8368785061026&frm=24&ife=3&pv=2&ga_vid=1035551280.1619246242&ga_sid=1619246242&ga_hid=1325317335&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530671%2C31060615&oid=3&pvsid=4294698865717051&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.2q0t61p68bjp&fsb=1&dtd=268

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32648
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A740 17 KB
6 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:22 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame FFC0 0
0 17ms
15ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiqkcoryDYN73HqSJ7_UP9qGP4ALS7JWjYqqBxMv6DdvZHhABILqH1XtglQKgAa3ciogDyAECqAMByAPJBKoEsgFP0KbNZh_osJuNBwRcius3rxUZRYZ22qXCw2Yyc0kh9XBFa-ATX4TCpGQCAyTMrSvwRX6WCIBYzUimsIJlEcIjUL8ZTHw_NykClu2KMsgu9jymALqaWq8kzEaYf_YKAjyrDRWpNeOwJw9wFz-r7Vu4DmSwApSrA1_7OJai16RByjyvOznyfQGjs6IKkRt2kSnLrEES6dlWeOn2bD5EEt6kpzEKl157oDH6TguoqkC_6b2DwASw64Xq0QGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHgqbFaqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDzrxLSCAkIgOGAcBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItOTc2ODA3OTI2OTE0OTgyOA&sigh=ioJ9Rd4K4tc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8DEF 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoTPcoryDYKi1Gt2v3gOsyb3QAtLslaNiqoHEy_oN29keEAEguofVe2CVAqABrdyKiAPIAQKoAwHIA8kEqgSyAU_QCa3hSbEkMy_7yzeYt-0ZHfoBvZnOvnHPq5_jt4QLAVe56G_Iaq3dzYV6ZM9oQFD7Hjx_MVExljQsDtXfsvxqLh05ryrO79BnAgS7iytO3IffJA8bLG28GlNesOdRKItInI3mTSXqgJtwqEii8sM5-X-_SKBhnrQAdzA14R2AqZ98VIW-cR15sPaWhVr2aA3q8EY2LVcht5H0dAgNwqLlTK1nKQaFCWFTDOQ8NmOAY4PABLDrherRAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeCpsVqqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEIiaFdIICQiA4YBwEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi05NzY4MDc5MjY5MTQ5ODI4&sigh=xsqezZC36wo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 06:37:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 884A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19c78cae5ca4b816ada3c4beec1dd7d373b35c12318b3ac939c3b6e5c34b9687

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E790 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyE69CBIek-_dKD5QF6y5cvqYa_YOxxUL7i8CB4ktcj-NFKGmpMzwCyIGpRvoMcFhcQaM2x18ldbEQOSRjCGoVe0Z1LlQ09ZITUMvBzxI&sig=Cg0ArKJSzOgVQaaTd7CjEAE&id=lidar2&mcvt=1131&p=178,315,268,1285&mtos=1131,1131,1131,1131,1131&tos=1131,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2490406887&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619246240425&dlt=38&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 redir.html Show response
p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0ED7 247 B
787 B 95ms
29ms Document
text/html 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

2d5e98e29b1e449b52f7782a892c0fe3b523ad843f8a549265e9808d3cde2829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-ihc_lh0kJm8bEicY7u_3eQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 203
date: Sat, 24 Apr 2021 06:37:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0013 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43845
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8EFA 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61392f3b36b215bed8c3f51b857945a36ffc3223285db9f72bb40116378b93f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PrV69ATKJnFSb9Hfwyr0Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

expires: Sat, 24 Apr 2021 06:37:23 GMT
date: Sat, 24 Apr 2021 06:37:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-PrV69ATKJnFSb9Hfwyr0Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B43 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77A6 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=2148772391688422&bg=!KimlKW3NAAZUuIlwVLg7ACkAdvg8WkupfH5rktP127TyG3mcfXfdoZ75bqfDtUGnVPLfWsO8J5qU4AIAAAKLUgAAAEdoAQcKARBNn8MuPl76ap3ycJ_g4EwkFh33tWtWNoWqux6s_U_z-KhPhTl99al8MTbyvx-s6ezYWbtU2CE02z93-Dq81mOIMFVOj5ouwTShlmdCKACCQmPnWeQcVKnRqbgYEzGEnBp-jTy9YCbKNSlNxGLIon-re0qmvUWQzlH0XlY8-oHKoUoJRl-ScnN7P0lAlUVyT9ZygaeRJXiXKK1O9AipZpJKsIoePRdgLWATQXpoHzp2o_2fZ1-_NwZpWEooSylS-LrViRS6EHF_0LgKPGhKxHdthl1MB_myIo83ZU50ZkozP-TuSulaWWitP0fpCZ3XIPQeDStZf-VHNq7e3q_3Nr0J3p2I_gDxj5Ju14dox9nNOJkCYiKE0vCmZ_f5EQxI18Unv46xDUiL8g0JucX0Zurq2393ZFpG958TR4DZD7E_T4QudpOaK7QJMzq6wFUB305U4yLHkVu_aN3KIZvrsfr1IPrGXz-eAcq6zqo6gXV8z4gRbJJTGPKZhfSm3UtFn08IaJX-P5xZubrxsn1w5CwLJ4bg-3pN42M0h0y6pJSILpFo6FbSSPVP5mQOJsYZpML3nn6cLFzOPuv8l2aOozl60dnMCOwMgmzZ5HwAtYqO4AeBb8xe1ygYAQRbMkL0rXjbTK-CUrLMv87tu58s6SDxSFdqTVal8DApU8mV8Eqdrk4o8GIHbyflWzx9J-yWbjTyxrJ_02LFNN154TDjI0GJTgBVuJhYKux5r2h6u2Z9Zjl27fbIp-Bcr9PD_wDeD6b-5Qb44f2-JZu5WpH7MgSBFuL8u3Dc1pZ5p6LqfhlMbDq8dgOlVYGysHFEh67jF5P1R88beQgw6h8iJbWJaS6rFQPIJ8YrQJGFr-tKMY8cNxLwkKoQDkW-aaILqNZNBwbFsfRLXfDDGgdBsBLPLX-gFko2UXDhjYdEGo_ESp2p5bAjyStaoFjJbboohawhogsIp1xbI1mAWLLw33_QCDJBgYDJIdKQfSP44Dx142lZn_HcaKNjTDZo56pv5zfnUiFw5lQ2b0gQEqfMA44YBN039Gp-nMhHivMGUIpx8HTvP2vQkOhMjNFsrcL7nN7DbMahaWP1tgyyjX57XKEjJXD8j1Ia6SqzrqFHXoE4X9gorEioMg5yVm47uFvIy8bF0XnxSPAmBkXmF-Ae8oOEiCSpZaUVMew

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8D94 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43845
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FFC0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e746e46aa57a7be0476e6b870be33fde323c3060d623a442771ceef333e86de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8DEF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19ac1db3086683e3d7e598710f41c805d1d1da1074804901c697daa938fe332

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1908 0
0 31ms
30ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhF99T7dV9G5GuRY5qkONTr8yKRyG02mYDX9Bd2xNKwRprXUESKY3HsCJMtj0M2OFUd1cjlCWlPG0SO4RjGLNo8j1pv7NfVC8P1RUqsZSvKa1pxa0Y1ne9u86C7BY8PesyJytCXqBT-SLHFNUB3eAHpma1if7y4mcB0s5x4S76rsqYJQmdlk9wqcg5BtiC_RD8lopVG4LLSfNdV3pO2LaYKjBu2OWkrQeDKKD7Z0IBeT0sJk1yiokJLAyflkxzyxe7_lbsc880REst0ZqnYpbLOFFVf7TQjssLuSPiGnHysHQKmnRWDw-45QJUIgllSrQMLRs&sig=Cg0ArKJSzJ8bdbBnsOBcEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1908 9 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74f4aca3a01a3184fb9e5c2ba1a04cfb21dfa7792f65bdb9057d72d43d901ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6982
x-xss-protection: 0

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 390A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6D72 0
0 32ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgbEGbKRjSkCEFD9l8fGIQlAp6yd0tzQ7wBEzR414p2dmi9dxWssoJgPUQuYjIAAN9QPijwRQnej_U8z1W59hnbinqBrWv9XyphThpDhuRa9-FqAEXOMqyxIEHlxPzV16Jc7ccLQLj0g5k2VOq5wQG6mra7Y3WBriDuMiTm4AGgrmWzx1Aci5u5rTJEG4XOc1h_-Beli8uRbhLnWyzy3gznD7PD7ZjUNCFmrxpNfoXrIqy5DeaF63aKfuQmYdmBM8VbQxRzo5nhjrRw9DoL3CsbIb_z3wvhpke190PiQaXnj0_AUAoCGuf-gepcpPe4ebXRTM&sig=Cg0ArKJSzAm7xEY-sY4GEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6D72 9 KB
7 KB 25ms
25ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da5aa0bcaf1c7c115bc90f442474c89ca74408e93401274a1607fd9a7ab2df9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6932
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1908 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 72D1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186306&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242190&bpp=2&bdt=801&idt=294&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=443309320488&frm=24&ife=3&pv=2&ga_vid=384122848.1619246242&ga_sid=1619246242&ga_hid=1912315290&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=42530672%2C31060615&oid=3&pvsid=2483372277990336&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4rkhmtkpkter&fsb=1&dtd=301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D72 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 iframe.html Show response
p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0ED7 6 KB
2 KB 60ms
30ms Document
text/html 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

9c43d6c4bf674c94d1f6aa132d51c55fc7331392904d049f6b9587e67a48fecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-6_MYHfHe7e-V_lhSpQ8HJg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 2308
date: Sat, 24 Apr 2021 06:37:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 15 Apr 2021 22:28:56 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C18 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsun2qSFqbdsYSlzH383297VNcOC-wXgvg8YM_nlW7b_BUzaLmjlGO45YR3TbyRc-bZn7HZe2AAAaiSLVq7C45iMva2Dk932PKHmu8QS6Qk&sig=Cg0ArKJSzMfTwX1qfOOaEAE&id=lidar2&mcvt=1026&p=343,1120,593,1420&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=503977886&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619246240715&dlt=38&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C06B 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjtQhmlYJH8vDYUQ8Icr6VzJ5QVmvxHY8hwlMp_9DTyUAJn0uvwCoNOYEBYLNQ8Y4umG5RUD7oiFxOSegH8JlxqVTXnyk-EGdOPOAfJgPvd_iZciONqZLD_pHAEg&sai=AMfl-YTWmPxEJzppG2_w3CFPktI1ZcJM4pd_ml8QQu5tZLMrHJ9p2budwUn_n2gd5XGYekIsZBoe4eExFb3kNyN2NMH8SeLFpeyV6mA&sig=Cg0ArKJSzDudedGa3w7_EAE&cid=CAASPeRoWToYoN0XsXo8ZdT5A88kv8Zwwrr_5kmhEPEoUyl7mGWdyZHuas2MmVwF9AW_1S1j_59yTtsA3jP5pTc&id=lidar2&mcvt=1028&p=0,0,250,300&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1697683598&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619246240974&dlt=743&rpt=48&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D77 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=607782698688680&bg=!JCelJ2PNAAZUuIlwVLg7ACkAdvg8WoOBCgdbPuaCXXRrUUG91Al0aJwUzhHVre8j3HShQeiLxsSUKwIAAAKtUgAAAHtoAQcKAP3LtThBfJAcwr912uBlTOZqFvyg16i8rTYdQOAG5ojFHyVbmUE3KA7LTXc2tCwOEBf33Z8oMaSvqVqojL9l9A1IfpIdgniZWrttEOPHAqTpJZobq9StF0YPgDKpYzAmIEzSDvg37S-Md2YDK48lVqtjJ5AJDpyHfPZu0Fn16lLCwp1q1zpe3FxVyF9pORK78H4dBTTbm2QqAvmlWNxfSJhkW4KNwB1hSW7bWw1t0fT6HFwAmUq-ceki0Dd7nUAVFKRcxQfFzP6ybw4IGNsxTiKooQtwG1GRu8HahqVZmx2ozbwC4H_WOhJfbZC8EtNv4YtNgpuh80lz7jLBGJlwmQJvKNS77nPArju5tBWW45eYJ59HX_YxmVp6MM1f8f3mFC30TEWyC40QldEsekAyri8ruy5eS5vwZGm259AnGYw5rJv1anJwOJYuUspHllDo5GEtCDJ8Hn1fF4UDVFfokKfXEC7-dDwsq0LgttdhldHkOeXvYk-tukeIbe1cLJjYFzAtp3_Zl76kvRGLn4U-EVgKe_n9BRbd1B1z37zevePwJYZk-PRtJ5SkO0q_HWEBoayZos_O8vtDHsnWt5XQ737ZFmR9u7ukCehxbc3HT286zslW8-fdmUFVUjYpKxYNwUsTAqK9zm3pwFY-V92YunWayzXkITik8BuSVBGGHnhix9KClg1ixOs5Xl7YSKrakGUkM81O1EI-dshZ5l1j-PXYjkD5cylNO-6bPJ-20mpcjspl7TMGd8utfVZ4XCbZpM2nBQYz_dn80sSDrwMFiY8BGguFt3F4nnfSap5iEl9kiNJ_-58gwhk2-lig8pvwB2MZlILQedevQSMKIlmfFUzA7bEkxSR4wG3BlndX6Bmd_vV8YKhYgDuCqpKVSmMuo4PZaG6Hj61plGZI5PjZ1PQlsWSSOqpBPp7dENCgpQFe5-USgupE0Fwz-OmQAxJ-YeB_rzy4rvjuIaKW_TDfeUa8d6OIcNw6I-IVM6gFhrPV04isu9ZVlUytQD_iqyV69Fq_Sfoaqz0MCBERvUUPJQPWn44tTEfl1OpDyDFuqKrhrvttv_k3w-0tWhJ0WPglaIiS_V2_-YRrMd0s6zjDw-zjlYoFt6nqyRLWtkeNnybRKp0hGWeOkO08CACi0auh5c2dA-DnhG3_D3MH569F1yc

Requested by

Host: www.newswire.lk
URL: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6FD7 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43845
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 86ED 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43845
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0013 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D94 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAED 0
0 31ms
31ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM9N2VaRPseacD0UW_k1mtNTTM_6OJdy22bLGRM7oIC7papfxwkIw8ThC1ANh-1eKVw0474T4QeVE0i5EL3e6O5TwVLlrlOxUiiRKE_czvo7T-Ja5VHg4CYTm9hx07z21dbKtpY3rOzGuIstZQ0jn67voE0wcxq8xLulq-w602dskZ36i3JYj2l9dATYvq6NTOuIOzlOMx5G9zrLWIIZ_umJs71T1zY5rpu6UVCD1bcEwvu7Tuv3-HRngrHr7Gyp8IYQXg-2rj7AApQznJnBIHoY3XkE_CKS6fCNf9C9wpdITN27hUbGD8tILozgVRYlWOuX8&sig=Cg0ArKJSzJeMwH5Lkcl8EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FAED 9 KB
7 KB 22ms
22ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9a2106774f427255522ebec48d1dc88b36032207bcfbbe6e8f6add78c30ecd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7182
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 96D2 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvYHNFRysZ9JN5XGGOgi4_JUbJf430D12C_-DaM47C6AN3tIW417ok1dyiCQREhWjfhYQ95ZERSJaA6yJC01rA-nTt2rfy4Vrhl3Xw1zabAmP2IfqkaDIA2G9Oxw&sai=AMfl-YSjbwR6kEq4t5SNxhzPepLThtCiM893TtlDf0zbGDuG64G2PDigqKEA4g4SJAQy03Uk2_ZsPKcnQUgO1WfmkHVqMMCIttTxKLU&sig=Cg0ArKJSzO7u_89vQl5HEAE&cid=CAASPeRoMfam1s_ZQqRq2QcNwh4stKImFMe9UWlQAijs7awN4k6d2nuEIx91-limKkZhrhkTGQiaAdbjToRdA_Q&id=lidar2&mcvt=1029&p=0,0,250,300&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1697683598&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619246241946&dlt=455&rpt=867&msd=0&r=v&fum=1&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4014 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb4zaapOhaSWP9uUCM8i1F8Q9oXx7Yl7qg4rQXejPPN2k6P-AiU2QrHZQa88c5rmrunMFK1J8sphXu4X27Q0wpNcHSyOKkJn_oH_AREGOCjHEE3rts5tDulCdiaA&sai=AMfl-YSWm32ysWtCtYYFq8g2iXWrTV6T030Sz6WFR2_Af9Ru_s25wmaPs5_lzQ9JijR3lzRWF3_MOojikhW3mEHJiE9wsGB1bXQiQ_g&sig=Cg0ArKJSzDyQf01JbPmNEAE&cid=CAASPeRoYBVOxVHxeOOacMiGcZAxNztC-O1d6sSk5ESuNiDxXk1gM6PCz_g086RWgq6wyx98UjPZkjmdVbR9oOE&id=lidar2&mcvt=1030&p=0,0,250,300&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=524908346&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619246241762&dlt=588&rpt=1012&msd=0&r=v&fum=1&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 37AF 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9768079269149828&output=html&h=250&slotname=5789260644&adk=1697683598&adf=776186307&pi=t.ma~as.5789260644&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.newswire.lk%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619246242183&bpp=1&bdt=798&idt=223&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&correlator=4164478693817&frm=24&ife=3&pv=2&ga_vid=2092914354.1619246242&ga_sid=1619246242&ga_hid=1567929761&ga_fc=0&nhd=1&u_tz=120&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4084179362&scr_x=-12245933&scr_y=-12245933&eid=44741423&oid=3&pvsid=2350968911790652&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.icfz2zygoaj0&fsb=1&dtd=233

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FAED 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:23 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4564c67e72064b40674018eeac68b0a700408b9b2ceb1d68916d2cbac4b8e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 06:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7083
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A740 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzFuHl1kZ2JNvxtU1Kco3naraakk_JkUFRw9iXYnnn5irsrcUeCKwns19R0vGmwrMnjSt5ujyFVSG-YAPTpgook4SHQYALUXN8uuLqU20&sig=Cg0ArKJSzALqpj4ocoM2EAE&id=lidar2&mcvt=1032&p=873,1120,1123,1420&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=206333917&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619246241177&dlt=38&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B821 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurpJoPXfeJWDDEn4BXwMvSIzJDox7ad9BGyaeWRpw138Rh6b40jdpvz20LMIuak9_nuuRQ_LjLGn0xSNjoYUeESnhsM9Gd1pAZpEpi-7o&sig=Cg0ArKJSzJmKcxzQ2fuvEAE&id=lidar2&mcvt=1034&p=608,1120,858,1420&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3564121988&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619246241045&dlt=105&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E790 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=1135461695726965&bg=!g4ClgMTNAAZUuIlwVLg7ACkAdvg8Wl9MHFN7G_94YgbaLig3ezTebTe0q81KxVwjoVGpSjELykNCdAIAAAKuUgAAAE5oAQcKARVB1sRbi98K9M5-8nZcxl_b77hkvhQ31UrOt_sDo1B4DMa10ZrHM6W6_Px_l4WE_JCelit7xFlFsMssfm-xYpaPqbFC9VcBd2AS6VNiHOK5pA5QpwhLh_28jp9jHcnfT70W_TIX_gi_WteeMa9EotNqcKCHn8hQmR3Fk8JLBb0GXcR8QFsWu3N6tWQgQOlftmEcGuUvAJM4ymjGvlXOraE4kAzpa8B914pxfj1z8hyZrK8c3UF7rtZy9LX1887WXySRHEtLDpwJlEPBSGfopNwWFos5kgUGzo4LqUV2OXnP9S8OjBJp6PAZw5rDTJKnOMyIxx_ckUUNdWmxR5A0zfWe1ybEOfHgTliZmMay3HPiHYKJxbmdmQJrFdlJgIq2OqckBkHYyDtFAyUa4DXDJ3uzTYGkAEPMLp6lry4QbGBp__y_taltGcn_e8FhsldKTmf8NPGsNYqGGTuYJG6_1uR7IGMirMxg-_7-lWZfGcFabaviT4husuQdxrs9UN5mEjERtUyYxakkJ1QMYZIRms-BMNfYMDsaox32tQRO3tSQquZXILSOmG_brOuu1ibi0MfldYiue-kIk1Ae71JMsBzZIafOCjil-4oflLyo2Ggnfgjp01SI3R2boRGyf3brsiYlSlUw0g7PNpKEeE3GgRk-RAyrUPtQqFJsi2B1X7NuUdz3HC9We5_VEzC2JyG3wDPbD-0u2Pxu-qEzZ5ZW1rLmt4vWSg7AKJuGBTQbWxRiPoj8Ov101lo5RnNCzoSQNDq33c7qlAzP4QxnptoK-7VYcAr3o_jszCXS3pDe8mFEupv4vACBg4vF84TmQFsIFJ18bPq3MhA9E8-DQMtzrilg35Kdu3bXM43BZf3yXK_KubFXTSibrrLD8tct0MJ7GYARqnSNKY-0uX6q2azo159n4o-2tw-7Txwv8hD-99zTYMRrfOWwS2bs_lJv8E7FyhlHu0WhLStf5v3OL-G8gGPi5_xCiT3EUzYaKn2O3TB8BAUF_eeRoi7bSgIe9lH9BaBk4fXaQ2fhip6XChSP6cfI6ZkL1--l4OG4rR7ifOHALyyTEKVBmcCjh7bYnQIg_doBoQwnMmEeu9vsgjF1sb-rn-P_cye5IJ7WY8UVO096Wt7qSJ_xABq9gQROJxlxO57uRZDxC9ToTk85zZtWAlXIrHbbQ0p7ZbiAaXWwPVA3_IdKeQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 06:37:24 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1071 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43846
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FD7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H2 200 desk-new-pizza.jpg
www.newswire.lk/wp-content/uploads/2021/01/ 155 KB
156 KB 198ms
198ms Image
image/jpeg 52.76.241.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswire.lk/wp-content/uploads/2021/01/desk-new-pizza.jpg
Requested by: Host: www.newswire.lk
URL: https://www.newswire.lk/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.241.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-241-211.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f0cfa2a09fe2e3905a5fe3c052545631118e5f5c5a02e266a57a41504fe12254

Request headers

:path: /wp-content/uploads/2021/01/desk-new-pizza.jpg
pragma: no-cache
cookie: _ga=GA1.2.143635041.1619246238; _gid=GA1.2.1400460166.1619246238; _gat_gtag_UA_157377916_1=1; _fbp=fb.1.1619246237947.1755710934; trc_cookie_storage=wiredigitalpvtltd-newswire%253Asession-data%3Dv2_4c8cc72793367718d995f20dc57daa95_b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220_1619246240_1619246240_CGoQm_9RGN6S45SQLyABKAEwFjjqxgdA44YQSOXp2QNQ____________AVgAYABosa_ptcr9986tAQ%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522wiredigitalpvtltd-newswire%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhCN82oMCwjDARCN82oMCwiJARCN82oMCwiRARCN82oMCwggEI3zagwLCKEBEI3zagwLCKIBEI3zagwLCCQQjfNqDAsIJxCN82oMCwirARCN82oMCwitARCN82oMCwiuARCN82oMCwiwARCN82oMCwiyARCN82oMCwi1ARCN82oMCwi2ARCN82oMCwg7EI3zagwLCD8QzdxqDAwTFA%7Ctaboola%2520global%253Auser-id%3Db6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220; __gads=ID=07699fb154bceecd:T=1619246240:S=ALNI_MbHze8xYeGhfDlRvjUTkMTY5F6dLA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.newswire.lk
referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.newswire.lk/2021/04/22/whatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:37:24 GMT
last-modified: Thu, 22 Apr 2021 13:57:08 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "608180b4-26d55"
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 159061
expires: Tue, 19 Apr 2022 06:37:24 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 86ED 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 10DF 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newswire.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newswire.lk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43846
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C18 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=3355082669149295&bg=!KyilKGzNAAZUuIlwVLg7ACkAdvg8WijIOtvRSFsy2g-i3I2_-UWEtcH1NH4BeQLh9ToCOS1WISwmUwIAAAIIUgAAAKRoAQcKAK-yEaU62zrQG1ydNIrL88cOgm_UwcsSSNeynVHHKvLfHG_fh8XY0YuVeiA2GuAY3IRtuV7BLTSHxioQjPTOvO02UQQDuzgh84zF4XhONs1t7Gy6KGF1y7TsG9CWp1fW4iS0JCfroffHaZe3gLj2NH7XV7xc9CwDY0zQTGocbA_NCZJTkOI026crqWns4tCD-d4AkJ0sP-rC5bq9pQEZSDPpAc_XsjBpIhPsk28S5Gl7mQJoZdLZxorTKGxOkgDra9NPFCa4u-lIclhCAD4VR3bNwZLsYt40rqjnPIvFJLKHEimbjtsZuhPrWGwM2wVRV5-I2rGtxlaDCKmuVivZdz-bwlz3HIXzAmry36ceyGaM-4z0nIlG8HfDfF-5neHXJppJN5nEk_wKr-4i5JHFjITOeUvqdOAEqjaQjuGMvvb9A77DnIH1c1n2OGwL2mEHTgk4huMQV41l2GHfIRpHg-PqkruCrvJ4cHeFj9MLHZhKwBGPKBgi3T8kpFwHxGPgQTmdB7FyogjN7RSVrfWOLKQFGfmxw9VzJNZ8uFCvZbkkQ0LmeklOtzswkyu2-1AaWb31f9drDLeyB1fcIOMDTwvuScuc1IJWzJB0rAS7egLmeDnbMoeurXO0tfbcc9-VcTcgMYDbnicJywivZN0MQv7X_m_omzDx4Xh46Cu1vZ1pUNu1gyHWEWB-dDrxntn0k_0VnZgHxhErLOWGbH0SJdOd5D3G2rPgQKQfXCe94B0IoyccoCfalc7xU7DOEuCi0XFJniOlJVxLJk-Wab7H7QMpzl7I67wXlGpaZcgbsibtW9mjqp71VRnO8y7WdUxwNrf_mZvt7xksyLShJtojlfryEEpjwHOMBGrOpjfKzjL0yp5WbjmAVyS3zrITzxu1HGV7axDrVjoFT1WD2mN28fiVoafV6t5DcVwzbUXk_qlH81sBLaQGx0ZSAvSw3QVH2e4OtABe4QZ1aw9dftUwJ8ITPIq1tqiFtQHvd1pXu_EOuftz-OaEoTkVfIE8ry5mf1izEjhsSGu80cxkW0vgeFWQIhPyoe7ro2y8Uw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1071 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 10DF 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 32650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 21:33:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B821 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=1337229020215277&bg=!MjGlMXXNAAZUuIlwVLg7ACkAdvg8WrOxbRijaCtKC-LiSwqbqNRFC6afyavPyga32qgFaQjI_wgcGAIAAAIoUgAAAE1oAQcKAOxf70nMnkPPDdNH0bEI-GefvPTljlAqBIyPMse8tTNWM5cfg1LtyAn1N4_gyCpqoKBFExOyJje-8UtBacO9ChTAvUrFBwtP2Clp5IenBytXyGA44_n6A637h9pyxyc-dGghCoT4R4Qvigg8dSLhInG22BfLDcScibh4WRXGZc3Pb2ZmnoADnBIBZXJytdlwUSe46UfonCsClo4gpUQTqLopfg5akVNqFbPUBJYrzaJlun7kqB5wbgIbZep3aB6dQRpIMpXiLkC0IAJBvfzEKfLEmrUMKT3h8Gi8pDWQLSdU-YsG8MJUt9DDLRKOR5kCXc6AFDeAuH36dcXsKQw7uZ0pGKvDKW5l_jTkUvafLcTlyLj_8PiXkiK_13NVJmA9qt4ZeIQ9ISr1RV4YKBg7IEg0WvfqP1ypWhTbFG61mBZihFqcdfm-EHDCgWeznA9gJ7qzNuxuzxjKOl4T83q9MjizZGD_uGa67tXjHm3U_H8J3XgIiVKAGMq2p6JZvyLmEofmDBmd1t8zE1_1bt78IZmwx4NrYYPLI4VJ06CT85xMFIUL58eljeI-e9CJu8owDR2ZkuzkFLLp5GIccL7ckb_9nbfkBQZbyOQI-EXkFbFJk02rcmCaly0dRHKFiPgAfY5Fj-pm88SrpzEO8oRXs7A-FHq0qLHumAl9vfJK7nscV2USLLIENZ_HAq9_n-PmSSbYXfS1gXwRq_oev9CF4zeD0W2E8wY0M0R6D6vDn4enkMBYKN2pbaRikr59fR9yqtNjfj1DMN8cqZgUSEis4eMX-NsBTqs_MMKQGb5__WvaxZuZBLr0I_fNcIFGdX8zGMZuZg9QyNkNZbg_Io5YZ_N2wAB0rUgEkZ6mMKOLRGk3Xijwzuq7gjVDBIM5PA6PED-eFhLl43jONOnImatCpQ2z1QOQVh2s_PW5FU6u0USHA15igtJHz67c8Os8HhSNQplYwlpwJYMeenvF2XukCdAjp1qIaKlY2kkyI078AoLDzXSU7mcqtaBFlaipONUOzsvddZ2QVGzEMa78i0OTBziVCHHlUhB_wN--m6B2J-5k-3qbXJX5-8Z8sZlYcnaB3jsHXJOvG0jouEdZ5RAVLugmULRobVVu4Yl85orx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A740 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=4294698865717051&bg=!x8SlxIDNAAZUuIlwVLg7ACkAdvg8WkHhH4pQzXHe5LlYdGDb3dCQtRNr_sBMyiRzMsv9Fpf5LhfwTQIAAAI8UgAAAF1oAQcKAMTNYid1uJN7UvslRY5XdC6m7DJ6GUGl4ogE29O7FyQw1f0UcSBR89FPoUSFkYeMD-tP5wLW0dUB0JO44LlabQkVONuCiCBAMqF1IklguwXw15Z2oOtsz_tKaaxQL3te7aN0GBEZzsxpVu3uZL9LnLhWY3UAf-P25k7IQa31uffJYhacwcy7uZNBJkUJc7zyGUOXJLMMtqA-8OUASm17UVyJZ53nQsK844ALfNLJIdVrtYqz-IDV45GlYoeT8JgsZPVtRhqgmQJ2RfAd5dve7nfeVsOi9JgO3IKcr26Xf2QaFzBsm7XkMYyXqAPqBsuDDPf-lEyBNsiKGMYextgafaot4kXwM8hyA1XTOgoGDvAqAaPdCNH8s6pGOYL1Fl92edZ6uc-YTV0_y6GyEfSsPyZrW5EEMfyw3AzCcocQAMPydjIboTB4v8crf88lPJmPAqAHRFk_6f2XT_nIP-l9ZMvccVndWJ3-Qd0P6BoG0QCuEK00jITfYUSTJjdPtjwC8rqcj8j8gKgUBPdtRAyajvURHJG7x-CcXwsxLd3HBPXHfqg5wn0mEk0JZlbAE76vcmHpEViwZBbZihARjlZSin2dpnICzQjjKz3yqfe4cBDfJXwrcpgVNCMyuoBuCG7Dn3ihHi_m9dibsYXesGs8e6k2XtSCyE9QdENnolyzhnu1--Gf1vVHlulG3H4QIYtjcE22Inqt_50s-9Qc0_6AttHFw4lGCgltWWNFKmkAEZN4L7IBYLvee6ba-raGWLE_rj1VqsULb1CqJFixALaywPb6VU1JvBRQVeqZXjdwIHr_EAcwOhnWPcCbo7a7yciU-GFJyQR3Th9POtSjIZvfCimg7KEmgs_fxx_dZWrdQMYFyxAwiXk4Vjpb5vYUFdSOS7d8CWVXdYUKeDcuUjXpWuE4Dnn4Gt3o-FHFLKKzIi-wer4Cuo0pyg0cThPw_PgXADeAvagCaxJqoiVkLtvveVwwkpfz9zq2Nv1orH0o4VY5EC1f6kkV_sFJbW1jPXOEdg4zUj_e0Xzd56cbrKQYJGxuJ23I94ksOl07S5vb9dRhyfx2YqTpq6W1hBQC8xyS1Upbl427llC48HjYMKxK

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1908 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=868317288711218&bg=!iomlic3NAAZUuIlwVLg7ACkAdvg8WvFZUInMFAD7_YfTUrc787auKaB7QFerW-5F4KH0nHDEW997FAIAAAGgUgAAAF1oAQcKAHOBWUZ2YVq3DdjIfFliWGHdXPx0DRONCFumIgiOA4ICyGYTAWCSCgAWfzB8Ch0ZatxbK9jXoD5sYifdEujshP2od7kKzjXnOXTc1AgFZUw4dI9xa9iSOVqYzsKpqP4Qr2IVi7qdGpKQPjQZgRVWovSif0UXmQJpeI8FFMYMl5cg-aZQtDKugZHpC6ijtHRoP9EQyKLvF0Sr3MuD7CNa806YRVpEof5BJHsqUF9SA44_ShyMBWv4hSDe1dWNLlGvNYT5Uo_rq2U9XO3PNmvC7fKr8pAiIYhQguQ6cSJPT4tPsK1_ggm6cVh00YjeHLPT-sh9156omEg_v7x8SvqPtRsyLfJULoapV1cCYLbcYTrSCmIVIO4tvyCHvA1MIhB4RQPbj-CINuV9LfxRkcj1vVqStIWzdgtGE2K1j0JdzOKf82BJPNY-fN8k9k3rCikR3sMdMhFdMH2QlYeqbLM6Rpmbvzy-bBorGa71v56ghhObqeS6q7uyby1Md9Xz0mjR4veA5Z4ksmWfnY3oWJm8YphyBb5V2WcMn7wonNW-z4XhM3dhsY3FyOVDOop-YyR0l9M_iX20Gbbf3-AWbE_zZTiOwsscoRdWKzsppa2geo-Ujg90QUYyYKIHnt7H_J8i-HcZMo_VTM_pLpKlbnkMf67nDvgdRB_Oo0zKdcw5JtBbV6bVv8qZSErzwJSfOoi2FbzNxE4lyniUnE-78HjHflacl4Ry7kLYvxt_q4YbJrvkCASAH-yvs7aaFhVuLyMFnvKNwN9ZnaQE7S_qtOkVnEL1eQbxI8f78xkOzydjcSbsrmp8-j0qcOOsvbAsm33ln9-WtmREN7ZPdkx6Dk3aqKwWh2XIIKGbdzpKm57DggnFQWaLnlc01GUkG_ZeExcM2OKUOdJp-eEi5GBXEVZPc0PdBVkRCHUADpEahonQhZkcAcm_UYNhRcXOI_TDYZvJy6ETlK-HeiTPD0_mW_L7rtM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D72 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=2483372277990336&bg=!kZKlktbNAAZUuIlwVLg7ACkAdvg8WuPAEpzgZucPXEt4PpjE9mXai-W0xDL1EscY15u-uYET9kvXFwIAAAGgUgAAADVoAQcKAN3jg13AESNnnMFInMoUp6s2IXYQYA6oeZy8qzhwAekacTYyC6U6dzOpy31hmXf5tTTHv7kne_v3q7zA7RwR1VI8J_x1nBlfC1Wg8uWddGjPZvyJRYvjEoWXYE1lln2Rb8zzdfDiaIB7HRwbrKmZ8UCL4l3LjlNaz1G_DIWJxk0PvZkGkmJSBJfznnnfPmXt8pJilAGQRA2znZPkNagyOOamJV-qUi4froerQD2nl_DIzRtRvkoXhhFDns1-evSRIxTaN0BhjwJmnOwzmaJ8-coyK0BTzNoDWkYwXk7kr5kCbesm-gUIfT0l_GuYHOHy0_H9BO8A4HrmN-48y06d1ZFfnlavHk3T2jpHXnxShgoseXo2ywWakcql1BtiIPLTVTk-LyEuLPeQNvmpWjOr1nwTuJxe2Tx2LlJPXYRq2BRcMDHLSc5Si7ixDGLYzOCovb8665CR-xiAUoSjuPdt6Ds_P6cLD0vDvBIi-uCLROl1p2KWVfxqw-owkiCORTMpz7l6nzrk4AZ3ycW_iuF1vpVD4HgsHLBQlThyLvFB2IA6FXX2JUWFm_EziZN50zf3xeUYZXSEo0wrHtwSxph9bLmYi9n7zYtmIn_JQ_bLLmUutXFUcm4aTOGNx6OYMkk0Qctb7MptOQSPG7t499qqYS3PEnzIFtKsJRT2bnAg8rvvVErJ-nUOvgJ3_gv5A-X705wYhl_yIFUdf6YLCYgk69nYwP6FmbzJrdtXe3ROC-9UPgn-oKpMx8TQsqG_JYEjwgEhEhLPGkq2VAqKK1ncGjCbCAVMhavCNnfKDMkJd7vsNcLgNbibmm87jQhdwu6mQaHuJAkpNbLMJRWpZ2g9CZseMKnhCcj3amIZIhNJ4ZDX2Vbh1TkkRddQKraud1N82wLmWWRRMCDsfzmkiWSb7caEVcWMh51v6ZLVEaf96kk8bQsGiUWAru_kRnJA94rRCdPWHuDa7ODdCzeU84naPgwfYgbpNDgiLsOIWCFxuH0qEZreXSdDYDsrsloq7oLVkCVwmeEg0fKTtLh89INj1bylNiK059iBL2GqU_6aGz-QZiThlG9l_04L51vx2chTt2UTHAUr7pu-rB_q9tcsviu5TV7GQOrsItU608Jhzg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAED 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=2350968911790652&bg=!h4SlhMDNAAZUuIlwVLg7ACkAdvg8Wv3faQlMbSrbQGrQzb4vBIVJgeEUeUYIbknM5yCu6vaVPvMoxwIAAAEeUgAAAEVoAQcKAIj0TjxlDjAb8Z4ihFiz1rCNdrPx--3icld6U0ZxjL7axGHsfuyNevgWkONjEnYbo_KgSrHqOv4mku2-aa-A3VnamAYlF8sXqBFKp5v5ANcbAoinduQefIXHQIooC8m2AkJaTmbSLsYinPVa0pO6THWzIPyDMnnZSjec9VRlJwr3AcfpFZbbrVFTmQJyNLuvLWdtUj9By56e3jEafIkOHNCoCdboDsH-y7e-4IO9gwyo2xEW4W7WW_mP7QCqr9CtLPCA8YwlcXvg9ggmSa_3Zq3J_TcgU0aLubsO7q6L-p-vpxFxLNg7Ga1yWnBqzA0XiLEiKkddDI2Tdhv_77iDcz9AE5jTiXx7m1VcZCTS69pKroTnzx8gt00kjGt45rWij1NfzvI2G_bASUObbVXFbge4diq7VFi16Thwicf2BJITeVxUPpMGVEKP4nOIhZoZXSfMY7UIB52fWEKF1Fg3VkTSzPmvkJlZvTt-gz01yyHHuz07aQlWfNRf9r1P2LjO-XfJ5eXu4yO6YP-L9nVK56pNr_0QufJZ45Qt0NxI3NQ6PjnvvUEHns0Grfqq_hoc73G-sPBiFQ-iGtGclCam7TEcZW-4R3gH2Q9reAPnFL4ACxVL_V7ubMX-klOAm-9SPzCOikXM4muYyqRe1Y3ZgUOb0cdo4JSrbY4H64ZTEmMZsxKUH8yXPe1buZkFcSotCRioXI4jqwXd7XfLqJFmpJDmEAdV6KG6L4f4t77IJwrPXtkn0vr58t4fYn5sACMxTMK-oRe4VOexkQP-W3i7nr6k1fFwzBgxKfolxSeJFjn-n2jOXJ0wSBUJV7HRaqOGJ10AC5q5PwT-gGrmBNscUPqDrfEtOWDt8AmofXOgvUM53x1Oo_7ODalAjgJmzFOSG-NImQ0SzJWMBsRCQC0QX5920nOVv0FHhDpmKhYEZeCLmzhu-eL3l3Vlyb3aBV5NhyuiHum65cbbftxvBQ8t_gitQp2209f3_yps5jH03k2Hbjn1zV4wG7Xye5dOIOU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=1425403037338850&bg=!YGOlYyfNAAZUuIlwVLg7ACkAdvg8WpKB_BEfOaTK9DWwkU-i6Rur9cBxodHptgXDS_EL9O2J6WjCnAIAAAFqUgAAADNoAQcKAGBXuvRSfhanJzsSoJmU7De-cPqhbhCyFEJCN2c6zG07U5h-28LxXarvOokR_QF-dB-51L289GY_j0cjlwOcc-eLt0j1Mhl7PqUOgwnGHBRDycJhy6JWL_E_tKF538y4sX2ZAh9-D8cEBkL3jhVHGxO1G2k85ONvPHYqtPZGz6ZoEJtBPsPpJ8zeaVtc1khnVUHzCwygYPxWOCFE8pm38y8zeUrjr3ZP7EtOxUJr1LBfvgHJh2IIoQ_h1I0SRk8X1nfQXoz7DbxYJYZn9H_k-v8JcFaiLv53xgvIy56B6n5lrivY-tVkdjuEpSMuVeouPOnBSUtRUFWmhgiwEgpoJpktMYjStsYko35495diW9lcxotfHqsDdEJT_GAcPrR-PuylipJVklnOtKcn3sG2TwAVaB1v4ceR_M29q4J3S713bz9NdrxIxpzCzG3MwXhRkyOZU48tDS3nczmEY9eLj5Favg62EUGhn9OiQ97g8LH_oulNbCBs4YueTRkLqvR4QM4glYevAv3H_pVer6036MyHjwwOYiBs63VTXQg4MY98kIUjTEvS1_wyXKJn9U7S7BDFloDURcJh9WJDyTubk_QH0AW58IlFUZKwxl5PEII5TIHaMAhBbMucNAmpUQZyfEHuNtQcDacwmMzNx0PA8XSh4C96Psds3FTcNeeTxDN6SzocYix8NBGmS10IFTVTmdPLW2ztEzoiMKWi-gNl-EAahsevHZXpao-QIqBkZCLkbHBk7egN_emIzUg8qyq_d8ZULIVTz1yo8IHyL8wj2IOxtFZVAQRLxYfbdZ9RPki-UCNRgko618sb-vQlDXVxHggCpNNdw4afBncRvx2w1N95NHg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 60ms
59ms XHR
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6149085&noaop=3&sortOrderType=0&cb=1619246246640&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1056001&pt=902183794&tz=120&viewable=true&ddast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2517625&dpubid=472335&abtst=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.newswire.lk&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ff39d02dc77cfd653125869923007558f15dd1445ea4c2606a349ebde66bf69

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 24 Apr 2021 06:37:26 GMT
content-encoding: gzip
access-control-allow-origin: https://www.newswire.lk
machineid: 1428
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11577-HHN
pragma: no-cache
server: nginx
x-timer: S1619246247.651775,VS0,VE40
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://search.spotxchange.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 281122 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 105ms
34ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/281122?VPAID=js&content_page_url=https%3A%2F%2Fwww.newswire.lk%2F2021%2F04%2F22%2Fwhatsapp-pink-new-virus-targeting-whatsapp-users-can-take-complete-control-over-phone%2F&player_width=400&player_height=225&vid_duration=NaN&content_id=inline&allow_flash_creative=1&ad_mute=1&custom_skin=1&custom[content][]=IAB12&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1343387,1,-1856279631&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.5/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sat, 24 Apr 2021 06:37:26 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000350
X-SpotX-Timing-SpotMarket: 0.007778
X-SpotX-Timing-Page-Mux: 0.000220
X-SpotX-Timing-Page-Require: 0.000276
X-fe: 103
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 77
X-SpotX-Timing-Page: 0.011182
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000242
Last-Modified: Sat, 24 Apr 2021 06:37:26 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.007778
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.newswire.lk
X-SpotX-Timing-Page-Misc: 0.002283
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
122 B 53ms
19ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.newswire.lk
date: Sat, 24 Apr 2021 06:37:27 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
760 B 49ms
48ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6149085&noaop=3&sortOrderType=0&cb=1619246251645&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1056001&pt=902183794&tz=120&viewable=true&ddast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2517625&dpubid=472335&abtst=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.newswire.lk&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.5/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e341b4992e3833030c273ce0cf347ca654bb622307c13312d27f51111ee5ffc0

Request headers

Referer: https://www.newswire.lk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:31 GMT
content-encoding: gzip
server: nginx
machineid: 1423
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newswire.lk
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 6.gif
p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 0ED7 35 B
410 B 53ms
13ms Image
image/gif 2a00:1450:4001:813::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 0ED7 35 B
410 B 97ms
31ms Image
image/gif 172.217.18.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.114 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f114.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 06:37:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST VideoBidRequestHandlerServlet
am-wf.taboola.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D

Domain: am-wf.taboola.com
URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=6149085&noaop=3&sortOrderType=0&cb=1619246256655&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1056001&pt=902183794&tz=120&viewable=true&ddast=V77hECFgMfhDzKRdDqDQQfhDzKRdDqDQUAAAAGBjsHG7GZbSYkEmOwmC2Xw8luORhuNrvBcLhbDIEjNrPNhERiDBaz5XI42Q2Xi9lktdothqPJFBym7DS5LAe1QNY0ufxuyEPT6fC57vW63-8ud_k-v6flZRd7_ZLBZLEXjPaSyV53dJg-D8PhLXjavW65y_eWPS2vz1v0sPxcpqfd59YdHabPw3B4qz4vy-etcdjdoofX5db43Yazy_Rya_x20-VvduttL8tbcPTbXX45AAAAADwAdE13Q_wAAgBEAAAAAEgAAAAAUARU_FsIXAAAAABgACgcfGsAUHAgsMvksrgsP38AADwUgAAACGCQABzUPJQAmKjlnQAAAAAAAAAAsPz____HDNhb5coM6Jeu9QA8-AA8EBVYFjECAAAAkDKbyD6a1AmVRRUAAEG6FcAVAEBAngDmNHAYAAAAgZiaZl3Mr7vW4dgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTYkKxTwN640pR-wUEAFj7BQQAYFM3AIA3AbiQa0DT6fC57vWiu8bvFx1BKwaD1QXE7AAAAADu_v____HUNOtift21DvVAaGPceHyT3XKzme12i-HIuVzNLIORx7UbORzO1fay1R0YsnLcQ_scpuw0uSwHtUDWNLn89puwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHCKM2EaOlWXlWstGE5dbNFgs3MqRx-WWWWyT3cY3GO4mq7Xo9TH9diPTZDLYomAA4F4EF-lE97S8TE6f0_QwG26ns-nklrt8n9_T8rKIJZqTRTqRXfaljXHj8U12y81mttsthiPncjWzDEYe127kcDhX-4pt5FhZVq61bDRxuUWDxcKtHHlcbpnFNtltfIPhbrJai14f0283Mk0mg31jtlhORrPJaLBvzBbLyWg2GQ32HR7f0fY3Jz06bVNabRpl5oPCZbB4N6rVcfyZHKTRstHpEwuXRZ3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9GBUxBLB6SKdiF7G00UskTwt0onI43JuTCbTcrjajRw252Lhmth2y9lqMFo5BxvnRCxRmi7SiV4ymCz2gtFeMtnrjg7T52E4vAVPu9ctd_nesqfl9XmLHpafy_S0-9y6o8P0eRgOb9XnZfm8NQ67W_Twutwav9twdplebo3fbrr8zW697WV5C45-u8ui_mMDTuaKwWSuWM4li90qAQAAAAAAAAAsYc68CQAAAMBpQLvJZrNaLgDF36YusAgAAAAAAMCu_Vrf86Ag7W5x48ca97S8TE6f0_QwG26ns-nklrt8n9_T8rIyAMUfJvNmzwSxVqtlDQAAIIANAAAQwK2b94D1aSUH!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2517625&dpubid=472335&abtst=206725b_vA!adh5c-1_vA!insc_vA!rft_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.newswire.lk&en=1

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/	1970-01-20 02:33:02	Name: t_gid Value: 46c996c9-cc6c-4ac8-ad1e-36e438898285-tuct77d4222
.doubleclick.net/	1970-01-20 03:09:02	Name: IDE Value: AHWqTUnNvWpr9Y7Ha9ai5NgC8-GmDcjZTyeSDsa3o_B16HJvqqIIG5wNIxGq1u_TYbU
www.newswire.lk/	1970-01-20 02:33:02	Name: trc_cookie_storage Value: wiredigitalpvtltd-newswire%253Asession-data%3Dv2_4c8cc72793367718d995f20dc57daa95_b6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220_1619246240_1619246240_CGoQm_9RGN6S45SQLyABKAEwFjjqxgdA44YQSOXp2QNQ____________AVgAYABosa_ptcr9986tAQ%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522wiredigitalpvtltd-newswire%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhCN82oMCwjDARCN82oMCwiJARCN82oMCwiRARCN82oMCwggEI3zagwLCKEBEI3zagwLCKIBEI3zagwLCCQQjfNqDAsIJxCN82oMCwirARCN82oMCwitARCN82oMCwiuARCN82oMCwiwARCN82oMCwiyARCN82oMCwi1ARCN82oMCwi2ARCN82oMCwg7EI3zagwLCD8QzdxqDAwTFA%7Ctaboola%2520global%253Auser-id%3Db6d1e2e5-64be-401a-9dce-fb627c708725-tuct77d4220
.newswire.lk/	1970-01-20 03:09:02	Name: __gads Value: ID=07699fb154bceecd:T=1619246240:S=ALNI_MbHze8xYeGhfDlRvjUTkMTY5F6dLA
.newswire.lk/	1970-01-19 17:47:26	Name: _gat_gtag_UA_157377916_1 Value: 1
.newswire.lk/	1970-01-19 17:48:52	Name: _gid Value: GA1.2.1400460166.1619246238
.doubleclick.net/	1970-01-19 17:47:29	Name: DSID Value: NO_DATA
.newswire.lk/	1970-01-19 19:57:02	Name: _fbp Value: fb.1.1619246237947.1755710934
.newswire.lk/	1970-01-20 11:18:38	Name: _ga Value: GA1.2.143635041.1619246238

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.newswire.lk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
62f26018bbebcd46e441c13b0dc9b831.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
backend-ssp.adstudio.cloud
bh.contextweb.com
bttrack.com
cdn.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
dis.criteo.com
e1.emxdgt.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
match.adsrvr.org
match.taboola.com
maxcdn.bootstrapcdn.com
p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i1-v6exp3.ds.metric.gstatic.com
p4-apo2xqam64vr2-atsjj5s3fvblmbwe-991754-i2-v6exp3.v4.metric.gstatic.com
p4-apo2xqam64vr2-atsjj5s3fvblmbwe-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
sb.scorecardresearch.com
search.spotxchange.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.srv.stackadapt.com
sync.taboola.com
t.co
taboola-supply-partners.tremorhub.com
tpc.googlesyndication.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
vidstat.taboola.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.newswire.lk
x.bidswitch.net
am-wf.taboola.com
pixel.tapad.com
uipglob.semasio.net
104.244.42.197
13.224.95.18
141.226.228.48
142.250.186.35
172.104.105.5
172.217.16.130
172.217.18.114
172.217.23.98
178.250.0.163
18.195.155.181
18.195.240.234
185.33.221.89
185.64.190.80
185.86.138.143
185.94.180.123
192.132.33.46
198.148.27.139
199.232.137.44
216.58.212.162
2600:1f18:612b:4264:9a95:fbee:2d35:58d
2606:4700::6812:bcf
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:813::2012
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9c
2a03:2880:f03d:1c:face:b00c:0:3
2a03:2880:f13d:83:face:b00c:0:25de
3.225.15.51
35.156.106.231
35.157.13.124
35.210.239.72
35.244.159.8
52.31.220.191
52.76.241.211
69.173.144.139
72.251.249.13
88.214.207.236
009f28211bc86822be976704587ff33bc50b60ba1f2315c8a2e6288b9634d5e6
01331e3ff9a20ff56e16fffd5fa4a5d9646e7a23f68197316e07974627e1d639
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
047c7f757d242662e0047bf076d8eb5849f611c70319da2594dfd0491858d229
04b5fde887138d2fe0a67f416147dd6a6b5a91e8212aff2698891d2508e9785c
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
077261355e1bbbb94cd1492c3b9d560225de374f90b6889e71e9ebb8c6c0f3b1
08ac346c114650cc64312fa30c921bc32999765566c9c35b12e5c8055e2ec4f6
096ea93670db54d4c83b39a992f2524583d55b1cbb3b283d71c3295283fc480c
0a35638a6c54bdfd6b403764bec1198d7d01b2d57e21565c64148f0f3634cd8b
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce2dce5a3835aad4da665f4d1154aedef570e242a0de22638286cec2a2e421a
0ff39d02dc77cfd653125869923007558f15dd1445ea4c2606a349ebde66bf69
1011fc29f967cf32cb58848e21744776946454b7a4f2db819332ad9c92ef796f
103dbfaf82d653ea17db61df7c8652818b076bd68c0df664bca358c24cb5cb10
10aab2eff18c36f52ee23e981375a519ce3705527c30a8d1614aa30aee4f6392
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c09b0859e0d7cbe027635a4d019eacb61065d8e1dbeebe60e761e662f5baf7
11ced8a27db3991278451d676a8c7f0cca7d5ce30fb627794173d28863e2f62c
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4
1887d8dd661a94fd2edaf6b904d1bffc5260be10a53c1087715d81357997b239
18f61b8f71ac41adab4d7661ec4af0182fc295f3ad4f6793be70029d457d1941
19c78cae5ca4b816ada3c4beec1dd7d373b35c12318b3ac939c3b6e5c34b9687
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ffc44de0ce25488160569cc90419f364f682d024ee531d160b26196f72e99a4
2204006753ed8c6782a0e6e1071ef9d93d83a32d6b0964356459cfe6349f95bf
2610e2de5ce5eea108a1db978abb0214cc8d9483043f6525b1800bf4246074e4
264472188a5493dc2902d6ca57f327d1b9563b66e60a3a1312246184ca366cad
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d0a790dee4e60d8dcf0b6f983ea9fffe6ab3f8ed547e6eab982d441bc2ac02d
2d5e98e29b1e449b52f7782a892c0fe3b523ad843f8a549265e9808d3cde2829
30fd2ea444ba04ace1b14e06f136c2eaef1aa9a49e1803e0933092140138b1e8
31c43dc23fd794fe0e9eeed06dbba6fcb973401c1be63778a60415caed560578
32a550e7f39c296eb03b55beb6b6e37c260f8195a943d0c6af04855f4c6347f5
32f14ccdf6cd8492ec37f92e2a90354e903d04e7b5e259f4d73a3b491fdf3e5b
33b4dd54ff5294cd5589ccadb909b23913531aba70c509ef19e71514697fc70a
3415bb51eac7db015e065e43f35de075eb9558c5c0e740362a5313cad7115ac9
345c96be2b2e70d62c05113f029a7eaaaf97c9f48a9cf0ef66390fa8a241587f
3568512d0be98b22bedeb480afd91eeeeb39d2d970a78401b2d918fdeeab7d39
3587ac13b9ebda6681f2de3d73d139a8d0c59fff381332dfd2483505088787b6
37962c64f14af18a04ca0f306739facb179ef2082f8120f3546d6f1bbbe1779d
38500cc629e6c2a2ba6fc457b68df6450c264e67a5bdbc444906dff22b7ded2e
39e61ef89dcea1bc53292269e01d488c3a37574eede24ad38b9428cb4540f378
40cabcece3ef2480ed1d3a866357738ad298173c0e8ecd97ba37a9f0dd8642e2
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
41d64bdb4fdc63cea64dbb08f909b01b6679eca15c75f3f400c9098593376a07
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
471902c8f9c32011fcade6b5598550c717c96bb0a00240d0ae9ed1e8c9bb862c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49c4490765ffee35617c10353d286e78fb2dcb226000a134f7030a20d541f277
49e98d5c1231646831bad8d58cb45803d326d091b716e5d3fd86416e460d2c7b
4abab2aebf55df3ab08a2b6b44dd5a3308a1b03a3b6dab49f53ef0e5de0e8d13
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb0c315168dd3d20d6278aac9309389deea29fee0a4be9d588b19fb91f06493
4cdc68a16e0da783f3107719837101786393fe183b8c12b798641ca8238f84f1
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f8e26c81f0bd1b8d9666af2688b79b28f7bacad087c251263325a756f5f6aaa
5510b864452ae235ab55b8e1c82bd69624d8fd16f92d6c5e4429acb843e63503
559c3c9967dbaed902e58956628f48222bd5b0f63e79b0c80859e8e20234d78e
578ac5f5a3cfa6d9ccb2962e7aa35f388043e98ba6b25cf07a6371011e9d8537
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5b99151e6fad0b8613fa068945b4c43eb226e7b122b77dbbc5db53b31fd8fcfc
5eb6c2ed127fea86b021682645758fb46f73d134c23fc853ba37040ca8a51dbb
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61392f3b36b215bed8c3f51b857945a36ffc3223285db9f72bb40116378b93f7
61735a898e1845dc0b55e152f0e082cf8dec50ce4c4137b3d76a46aca258c5cc
624a1caccaca62d02c96e1ce14ada3c2660826b07f5bae551d76bdf79aad8263
6255b4f073d0dffec81f531a807772204f364523bbeb8187fab4bbdbf5ad6bff
6407f21bb7d5a444525e2c5d6e24c1615e4576485b44df5bc60dace160811193
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68742cac5ba386823f4ed90c03fc860e22d3e788503487e6a064858a476144fa
6a5bdb4807c498f25472575228b9054098f33e2f40e278643084b63531aded07
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aeda827f439d97c90a633d8fa27a1f01d882d133573c2f694c7ae9dabb5f9f7
6b4f43a16c028746bdf6a14174e13ef4ed38ed6b6cf41874563ab5bd506c9cf3
6c403f1d9f5fa7c012e5cb6a5f1b9c9b3bad2f48e8f7a6e0ebc02ed572a35b69
6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5
6d0e222f8a115b55a0011bfa9591e426d46a4d81ee2caba722aa020817063430
6de0d8ca593d057e05fc36dbf3bebdf522daa629584815187a765aed263deb0f
6e64c26b92dcca5ed681d3220b9cdb30888d1471ac153c22c07b2581c5455e79
6e746e46aa57a7be0476e6b870be33fde323c3060d623a442771ceef333e86de
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
71bb00e8cbfe40fcb550779d725c5ca3f061e3827ceaa9062df931974cb63e2f
7226649d797feb9cfa3dd282f4dc06d8717944bf8cad807806f5edce71bd28b0
729f46c07bda97c7264324ceddbd4eddab07eb000f208c2f38d0f97333dd5180
72efced1cc4c7087e0a915845448f8b033fe668551ad76b43b2d49f4d9c52286
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74f4aca3a01a3184fb9e5c2ba1a04cfb21dfa7792f65bdb9057d72d43d901ad1
78d4b1bfad5f7237f004103007e56d9105496e59657de253da86c590b54bf08a
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
798fe1459ee6e8b6cc521b87caefa53d7da3e2430abc23193aeb820184411abf
79b08bf3697fd12db0e2298a6d33cc4d5d6bd933cfc9dd5b52bfb1fefa75fb32
7b7cbd31841f7fb98d0fba99a253d63af1335a28424d123868742e05ef7de5bc
82afe5007dfc69ab826819fb6af674b973bb5622f617e79a0434c15a7a21ba8a
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8321d79dde8d30b967fc215a83dd01c22342cdca611511c14a045d6cd51f7098
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ef50b7f196d831ad7e8f7982685c69f64a1d9272b0e9315ee6760e0c4adc98
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8556056475a94160fe34fb90c73338860ac6763299f2337d69ec4685cfcb32a3
85f5b94f70b9fa78bd549825d48e26ee593884f1c5cdc6b811c5907fece74bfd
88fa78252ceba6149e4df4e061d73e928ff4a2fc27b24eaeddf10681d6fcd098
894cb96480f054ba99dbd36b24bfe32ac79d98a9081143d40969f0e7e992374f
89d7446405567353fd2c30514a5ed28080d5d4c41988ee6efa49ccc984c330ff
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d71f2448eb60d7a49ed178c04a5bee9aae839f47f0a19c2ad81738afb4f2873
8f8078d5fa79042c80aff9ac50f962fca0a2461febc620b567e38fff39ddc182
8f8727974e531d1514dc1758d23844883d579e0e56befe3b1e9926fb74c37261
91082544582a158ddc8f5897b706fced0f3397e0c0cb5d4a43f1b5823693f466
916daf9e2c352253d2f25e7ccb9bffd2906fe93799693d104616e2ce9044763c
91e3d6b640b1efad33cae03b8896541e252e23a8d879e4eccc813eeda55707ce
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
972d63e152160eb1f1b24071360d4f6661b16b84b57292548357d71823168f8c
99b90a86b2f904c81a7280d1f47325d0a02568f5c4e913cee34614b472e57538
9b1b6cbdb5237085fc241f958915008b3854a8881457deaa4272f2a8551b6d03
9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359
9c43d6c4bf674c94d1f6aa132d51c55fc7331392904d049f6b9587e67a48fecd
9ed5a3546f364bae246c1251e7e967b67060e5039c2260ff1984e1a8cc7a8fc6
9f2c3c4f4eaba7561f2483d8b7c83a3f48c14c50f4d4de4955cb0c6bfb28caff
a021e772e068cd9ffad7d78af04ae6edde9552fbddbc1c1e4e54d81692e4595c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a0f21418ef7d1289af0464c6df64a86175567d16f1c378e195267bb77c075e68
a0f90943b359d2b7e66b6b25459b0d1fa6161ef8126ac882bb4e6ea15d0b487f
a1b11818c028d63bac545285bca5da170958e5a0dff92c90f3037255d2ee41c1
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bfe4c63e1331b32bd86248fdbf89c2429f4268d8725ea206c82eaac54e17e3
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6cf3fd9e20a9abf01ea07e547e865d2e61e0a528608c513a8a87f4ad0e2b1f7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e4a43c0d88d0cd0c92bb603193fb28b1ca412ca7cea812d622eee4b1b620f8
a944cee75aa0228d11b9647a3740e6e181fa149f183b81f3d8c875ef40582064
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
aa73092c34958c49d354495a847495a12c063274c6818d12dc45015967b75dff
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
adb5cc1394d55b14a571376c596dc91072a044d3a729f547bc2ec3a4a21b3469
ae141e8ca115945e16eb66d818bf27f004c657952ec573157804cde3bff2136b
b04610cfd9fbf5cb6abba66e4b1f399713be440c70321dc8960f8b33f7e86325
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b70708d9d480ae8c38a613eb2b8c3b7a0e25c2072d553e50985e6991cf6e5e34
b7c22ce53a6ef6b77386f3cc1398693abad3510695a461cd3056ec9f350dc682
b94fe98db35412d776b8586bcc7d806cce1356a575c830c23a1ed4b91b668c67
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
ba2b96e6da2143f0619567bcde3f21ceb21adb7ea7e58d74b18b29f911ea3c69
bae09d2e9c9d9008c303fbc5cf5ef8a514723dbdf5c746880b6c5352aeb18da8
bb2816b89aa39cd8500c562291f8e890d36c07d056d63fe7c03947b210085cfb
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c1b07320f27263a44444a651535b17fc22de523ffa61dae7604b6a84c365a18e
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c4564c67e72064b40674018eeac68b0a700408b9b2ceb1d68916d2cbac4b8e86
c4e5b489203cbd29bbe5dbadb25774e1e2db624ae83734420fb65e30b2c43362
c539278dc5c40ee3d2e96f0f614d9dc79a2ce0130e63bbb27dd13171d600cbf9
c5402749f8d8f313b3cf2ff8a2df479710a6ea3d0ac15254d793bab81d040f47
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8080eab4cf298a23c630d26c885c352d0a47b5008b2bd9746a3919bac7fcb85
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cb8cbfd2cfedbbde55e1d673bdcc01dd71e711f7b9ac2f12e48686747fa0a40a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc4872d1026ce4f14d5083375896241879e21d99d1fac9e31748f3d4c59c6035
cd21baca0356342b5419e05654c3387101dcf9d8914713d7748d63e7fc69005c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d19442082a27c03598cd4fb13d5df882434616d1935423fb65f008ee2e80305f
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941
d3901ca16e1e629b6333268b8876d3330db34ddc43765023b9bc394c59180bb1
d4d3f409fdcf03df4a88523683e86bffd4e40d1bfa414060f52bfdeffbc1dee8
d5e0c5d7d7b921ec041507f2a7c591ec66d300fb0c135e0dd60923c567453b97
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
da5aa0bcaf1c7c115bc90f442474c89ca74408e93401274a1607fd9a7ab2df9b
da6c0c243c6f3af2d0b0e0dd6a9d5e92ecf877a32916066de792e0383de1d41c
db4911962f5e99e70e329cf1cce742407460e4e8d79731e7ebc417cb63bc3158
dbc8ef90f2a95215b266fe1740d7b47a1f2d1a1b1873c82543fdee05a5dd711c
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
dd8f3ae60feebf6e2ab592a5381768cf3dc4337f36cc26859495c9db6924b50b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de78fe019f154c43850a70fe034f0d63af85484873bc6903eef33e42dcbc3902
dfbbedcbb4b1efe043e9c0d42c774cb2b810f8a1c73c90200ed5bb8b0c74700d
e2ccd0fac2161ed22c5fb7e9385df83af0fdde6708d08028728a80a72671a402
e341b4992e3833030c273ce0cf347ca654bb622307c13312d27f51111ee5ffc0
e3936c77f7d21abcde8f78d53518e845e22a945eab8535195bdb3a23ce6ae149
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68f1e32958bc76a84292640570342afa69eafb6b7f39d01cbf113f987d30230
e6a12d9eeda37b5902e6d670167a69b4b5a9e7de783e08e88ce3eea718495af8
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
e99224ef103e834d807902a7d7411e06f1357e67ffee8d6a0b56a5216178a03d
e9a2106774f427255522ebec48d1dc88b36032207bcfbbe6e8f6add78c30ecd2
e9ed9754aa9be076afee71222db2bd6669ff38468292a11ab09768be4c816c14
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
eb33360ccea9928b0ac73b5a792d52fdac3c773168ce5aa6f2a4cf1c100e9f09
ec460af6f41cf01af6bf8f446e79216db285dae036f39b66cac3230e2240dd31
ec8597a6c49c62994600fadc2331bb28c653565036147f8b756dd5c7f19327dc
ed1165504b0714d8e91c8434680e5d3bf02384094c279269adcc4b4a94688a96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308
ef777d69ecbc60e5a0b220e2332ec49346ab4115889c3d3327bc23e3edb7043b
ef9263769f97ca6b3baa316edf9f99358ce8dc2dc9e25153de26365e85477cba
efbcd2cd3133deede6d48c7c60051905a5c59e33ab0982753c5f2431e0fc73f0
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f0cfa2a09fe2e3905a5fe3c052545631118e5f5c5a02e266a57a41504fe12254
f19ac1db3086683e3d7e598710f41c805d1d1da1074804901c697daa938fe332
f21d818a2a49a25af2901a5409d135a0316048b161e7dbbea5290527468c6e8b
f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6ae2cb49455057f343f5146648cb2641bfe528973c383ca7f60b91f27958219
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f76aa5825ee24252ce5bf9a128fecb12c279045679c3bca9c1a8684c9ddc7a15
f7835f0da0d4537cb99aece3479d8a0030c8641bae2643577f9a2804fcd6984a
f828a6d9e9cac6ac79092ce5db177f19d6a69d42c0ebc5bb2a8b6b599c4f4ccf
f94fc133e3ddaef1a9c299f5d7b4f608753ef156544ba9d591284ddff0e40fd5
fbb1f91d1f211fa32271ba3341dab5f5bd4a7a51f02ef87aba24725b8fbce4f4
fc2057743be8f664d7d18b26f2871dee424af09499d68d52f10c2c5ed1cf0b8f
fdfa8a8550dfd3795abfe12aab86c1aa5c975d1e355529ac1a854a99a063f7d5
ff16dfda5afcbbd3ab07dda590dad03cbbac08bc1ba379f311fc42ad00719869

www.newswire.lk Open in urlscan Pro 52.76.241.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

497 Requests

99 %HTTPS

43 %IPv6

39 Domains

62 Subdomains

46 IPs

9 Countries

9499 kBTransfer

17997 kBSize

9 Cookies

15 Outgoing links

Page URL History

Redirected requests

497 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 25 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newswire.lk Open in urlscan Pro
52.76.241.211 Public Scan

Screenshot
Live screenshot

Full Image

497
Requests

99 %
HTTPS

43 %
IPv6

39
Domains

62
Subdomains

46
IPs

9
Countries

9499 kB
Transfer

17997 kB
Size

9
Cookies

497 HTTP transactions
25 data transactions