www.canindia.com Open in urlscan Pro
2606:4700:e4::ac40:a10e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Submission: On July 12 via api (July 12th 2021, 11:03:09 pm UTC) from US

Summary HTTP 221 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 22 domains to perform 221 HTTP transactions. The main IP is 2606:4700:e4::ac40:a10e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.canindia.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 27th 2020. Valid for: a year.

This is the only time www.canindia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:e4:... 2606:4700:e4::ac40:a10e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:219... 2600:9000:2190:800:4:c961:9640:93a1	16509 (AMAZON-02) (AMAZON-02)
10 29	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	34.205.198.58 34.205.198.58	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.74.79 13.225.74.79	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:f000:16:6c74:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
6 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6 8	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
5 7	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	195.201.152.90 195.201.152.90	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.45.250.205 52.45.250.205	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
221	31

20 2606:4700:e4::ac40:a10e (United States)

ASN13335 (CLOUDFLARENET, US)

www.canindia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2190:800:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)

a.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.181.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.198.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-198-58.compute-1.amazonaws.com

forms.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.74.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-79.fra2.r.cloudfront.net

cf.mailmunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:f000:16:6c74:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.tools.unlayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.173.38 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.152.201.195.clients.your-server.de

opt.objectiveportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.250.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-250-205.compute-1.amazonaws.com

analytics.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	348 KB
47	2mdn.net s0.2mdn.net	3 MB
36	doubleclick.net 10 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	259 KB
20	canindia.com www.canindia.com	341 KB
11	google.com www.google.com adservice.google.com	37 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com	9 KB
8	adnxs.com 6 redirects ib.adnxs.com	7 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	777 KB
8	mailmunch.co a.mailmunch.co forms.mailmunch.co analytics.mailmunch.co	69 KB
7	openx.net 5 redirects us-u.openx.net	1 KB
7	googletagservices.com www.googletagservices.com	250 KB
4	teads.tv sync.teads.tv	688 B
3	unlayer.com cdn.tools.unlayer.com	31 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	95 KB
1	cloudflare.com cdnjs.cloudflare.com	35 KB
1	objectiveportal.com opt.objectiveportal.com	528 B
1	mailmunch.com cf.mailmunch.com	4 KB
1	google.de www.google.de	522 B
1	google.be adservice.google.be	853 B
1	googletagmanager.com www.googletagmanager.com	37 KB
0	smushcdn.com Failed 261502.smushcdn.com Failed
221	22

	Domain	Requested by
47	s0.2mdn.net	www.canindia.com s0.2mdn.net e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.canindia.com e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
25	tpc.googlesyndication.com	securepubads.g.doubleclick.net e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
20	www.canindia.com	www.canindia.com
14	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	www.google.com	www.canindia.com www.gstatic.com www.google.com securepubads.g.doubleclick.net e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com tpc.googlesyndication.com
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	googleads4.g.doubleclick.net	www.canindia.com
8	securepubads.g.doubleclick.net	www.canindia.com securepubads.g.doubleclick.net www.googletagservices.com
7	us-u.openx.net	5 redirects googleads.g.doubleclick.net
7	www.googletagservices.com	securepubads.g.doubleclick.net e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
6	a.mailmunch.co	www.canindia.com a.mailmunch.co ajax.googleapis.com
5	googleads.g.doubleclick.net	e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com www.canindia.com
5	e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	ade.googlesyndication.com
4	sync.teads.tv	googleads.g.doubleclick.net
4	fonts.gstatic.com	www.google.com fonts.googleapis.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	cdn.tools.unlayer.com	www.canindia.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.canindia.com
1	analytics.mailmunch.co
1	cdnjs.cloudflare.com	s0.2mdn.net
1	opt.objectiveportal.com	e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
1	cf.mailmunch.com	a.mailmunch.co
1	fonts.googleapis.com	a.mailmunch.co
1	www.google.de	www.canindia.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	forms.mailmunch.co	a.mailmunch.co
1	ajax.googleapis.com	a.mailmunch.co
1	www.googletagmanager.com	www.canindia.com
0	261502.smushcdn.com Failed	www.canindia.com
221	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
twitter.com
api.whatsapp.com
pinterest.com
www.linkedin.com
reddit.com
www.tumblr.com
telegram.me
www.digg.com
circulationaudit.ca

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-27` - `2021-10-26`	a year	crt.sh
*.mailmunch.co Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
forms.mailmunch.co R3	`2021-06-13` - `2021-09-11`	3 months	crt.sh
*.google.be GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
cdn.tools.unlayer.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
www.objectiveplatform.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2021-08-27`	6 months	crt.sh
analytics.mailmunch.co R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Frame ID: 13C558F8FA403E249F2D3EEB0B781A5D
Requests: 53 HTTP requests in this frame

Frame: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC6FDDC0116DDD4B2A79E8AD55A6597F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&co=aHR0cHM6Ly93d3cuY2FuaW5kaWEuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=27aqzw10ei0b
Frame ID: 6BCD27025C04B12D85FFA3F9F0E3F62E
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Frame ID: 08F291FC6BF3EF7010C03A4CD17828EF
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5y1-gEDCxsYmz4IPk2Zl2DO9CadaSKs0P04h6RY89Ah2EfTP-wP5xKF7qu10i7P1Zrc5pc1cRhC2KU4Np-pAK-S-53hDjRlovy9C7DUGA-ULTwLLJpUsOhlVhLFR4lMJUO8w0upGwUKibKoZjOhELc2U4ncJYBxwsdDE_pmXKhCqrnWH8sH7dkuZPRDbIN7EZgFX5pRVIQd0yUgPsg6wy1EldVfGmGhl6dAYMLLWjg9UYssOUAnPck7eF4w1Sn_9h7xQekxII96uvJ2rw9NfhGQ-hzQK2EPF77PhiKH1w7FycKZ7XibrJDQ4&sai=AMfl-YQoVkDDcZh7gZZh1It_7Bq2aXmQptgo47_Un84nwm1P3aeVv4QRO8tfz7b7Uv1XPbF3iJ1UET8BbQ_1LDDXDTELhz3-gXpTmzJ6Yc_V963lgB_9i-yj8b8jOf_2j6Q&sig=Cg0ArKJSzBu2PnJtz4n9EAE&adurl=
Frame ID: C65A9675B018F0B7ABE548A48BE54864
Requests: 9 HTTP requests in this frame

Frame: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 53C183B2E037E7E0E7B072B01FA352B6
Requests: 14 HTTP requests in this frame

Frame: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A35FDC73B058261A3E1DEB286F5144B1
Requests: 13 HTTP requests in this frame

Frame: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC503C48DD2B04DFFBE4C5A4667D9A22
Requests: 16 HTTP requests in this frame

Frame: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CBAC7EABC0FAB23C2B7ABF1448CD3281
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7JPMqTDmA3idf3Tca9L_vO-rQuSmIMvNZ0UDh4R3kcqDfEk6xwiU5sPkEPbHCpQphP17vCMujA1M43_vleZJ08UPGhNnydkXCZX-EPjyzYTVOvsj7OrLOBDVWIkzsR4QMucdB9rKUKapq-YOr0M0MOOfL4FxxwpjcWA9KmhuKhF8suXENd87Al96JlwjqPrmDTxpy5bGx8wdkF_QtuQZfxuNT53P1i-rlCg1ZW13GI9YbY3esjsuqKv37IPeM-o_WhQDxHYiUz4vAkEOiaXqg7DaXnSgYsCixg-tycqVetS1nflP9cVHvWxJ3Tw&sai=AMfl-YQDjKKkMiDDVjpWujxDF4RFZ-rpbfqKIz4pyhhJGahqq-ouFMFn2SHB2HFXGjLfvWoEKPm-OzOSvJNZkzfWo7eD96v6JrQIFxaVgwzME8gX80kzFtNMylfukbdaoZ8&sig=Cg0ArKJSzD3H8HTOhTd0EAE&adurl=
Frame ID: 06B55E2D2007CE82E9BE628B392D0064
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVtOi0r_MAhnMQSZmvye07IsfPh89djPAYepupyH0VOCxoxVbQThevIERWzrjwAYK1v7U25tdTusdedkO5p5I9ax2lldACYjmqew-jKqYRJRBdgyTK7ZXc6UzvbiApUtSJVNp0YdItzfVAA4HTmizKzaZUfV86INkqQU-NDJTq7oUdWcnw
Frame ID: 6F7612EF275C1D250B57DD57E04ECFD0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNWiAdhyegiaB80s9CWbvMiqGqwhuem7NE58HPWVpWEwy8TIQRBavwd1C5XLcmBq96xZH6u6Zqy5DiR9bQmbKnlnzwvX0yn5mZauMPgKb6C6T549O8DOr6qleCrYVnsn7mfkWAXJlX9waaFjBK52_vo6y2DFGpRbpgQhkINZ3ccG3wuV0Xk
Frame ID: BF3A0FD8A4FB9305F664A9AABE0B3A45
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY69z3lQEwAQ&v=APEucNWveyT3WyZp1CMRNZqw4nJaxRTp2myjzka_U72EkfhyEaUxqaMu37bVAT6GXZGnSFXhslOdM2tWoKuUXYD3bas248mshTj6eBtkTmWFxWd1Tois67Ap-puW9lssXGFCglXKp2RJNGTIS_yx1ng_Jv4rR1ejFEYOvtmlZIQtbT9vauTNl1g
Frame ID: D8727B0CF83F2FAB696549A93E0F0A67
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVUt2_NUGU2FbymKPiRM1iY-gcFZHdLg8viTQ3KiUCE88GdHKPfpqSVvk4cEcTZnqQlU2g2KYcYUBV2286bEkFYNpEbzOo8JnBstflFLN86zV6ngm5ya_jjX5qjYOscGQsb_Nkq3Lyudr08pbeBhZ9sZMmGbW0bOpvCh-0NSZ8cj0Du8oQ
Frame ID: D85E2E3F236C2BE813097DE2F949663A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7658B8BA0E1BEF21C7D8B8DC76D3A4C5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 857922DECB9773F7A70BC8C3382B071D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
Frame ID: 67DFD537AFF331C2A91F8EC23690AAEC
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
Frame ID: D64B42BC9B8A74DF995128855E99A0E8
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
Frame ID: AA4EA96BFE9F4F918F92B18CE9634EB8
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CBC5428E9F7BACAC70A7F4ADD76947E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 49402A0883F463B13D4970C346509E94
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
Frame ID: 7A4B73F88C4DC24AB7A586B84D402853
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85A4DFC125229DECC300EE16AB9CDE3E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BAD73E8515EE16EEA6B8DE891ADE8BE8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js
Frame ID: D80E5D4DF472781FAE863FFB176DF65B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

221
Requests

97 %
HTTPS

63 %
IPv6

22
Domains

34
Subdomains

31
IPs

3
Countries

5214 kB
Transfer

10076 kB
Size

4
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/canindianews
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/canindianews
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/canindianews
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.canindia.com%2Fnepal-telecom-call-details-stolen-by-chinese-hackers%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Nepal+Telecom+call+details+stolen+by+Chinese+hackers&url=https%3A%2F%2Fwww.canindia.com%2Fnepal-telecom-call-details-stolen-by-chinese-hackers%2F&via=canindianews
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Nepal+Telecom+call+details+stolen+by+Chinese+hackers%20%0A%0A%20https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/&media=&description=Nepal+Telecom+call+details+stolen+by+Chinese+hackers
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/&title=Nepal+Telecom+call+details+stolen+by+Chinese+hackers
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/&title=Nepal+Telecom+call+details+stolen+by+Chinese+hackers
Title: ReddIt

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/&name=Nepal%20Telecom%20call%20details%20stolen%20by%20Chinese%20hackers
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/&text=Nepal+Telecom+call+details+stolen+by+Chinese+hackers
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.digg.com/submit?url=https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Title: Digg

Search URL Search Domain Scan URL

URL: https://circulationaudit.ca/
Title: <img class="alignnone wp-image-853800 size-full" src="https://261502.smushcdn.com/165487/wp-content/uploads/2020/08/CMCA-august88-2020.png?lossy=1&strip=1&webp=1" alt="Canadian Media Circulation Audit Logo" width="150" height="61" />

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOzKHD2471kneiMrAu6nOwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBB8znWZEvN_nXi_eDLlAF8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1

Request Chain 135

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOzKHD2471kneiMrAu6nOwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBB8znWZEvN_nXi_eDLlAF8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1

Request Chain 145

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1

Request Chain 149

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1

221 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/ 175 KB
25 KB 800ms
766ms Document
text/html 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdacd50d95e80b0f5f88c2a7975cfa6032c93ee4d73b8a94f2a41d040f0f6e7e

Request headers

:method: GET
:authority: www.canindia.com
:scheme: https
:path: /nepal-telecom-call-details-stolen-by-chinese-hackers/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-type: text/html; charset=UTF-8
cf-ray: 66dde6b83cda0c85-AMS
cache-control: max-age=0
expires: Mon, 12 Jul 2021 23:02:47 GMT
last-modified: Mon, 12 Jul 2021 23:02:48 GMT
link: <https://www.canindia.com/wp-json/>; rel="https://api.w.org/", <https://www.canindia.com/wp-json/wp/v2/posts/969068>; rel="alternate"; type="application/json", <https://www.canindia.com/?p=969068>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WpYwdhmOJjfu6U7S2Pr6b9ExRLWUBvje9GyNbl1ud5O8gud8rWdWDnkgeeZG%2BPF7Fj1RwqksWgjzW59mVkHoLUk%2BfjLMOoi1BZ1r85W4%2BSV%2Fz9CLADSvtDym68yeiBSZ9erML1biULNjaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 style.min.css
www.canindia.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 324ms
23ms Stylesheet
text/css 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 03:42:29 GMT
server: cloudflare
age: 482471
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PBhyKJ7G0hBZNhcUccIald5OoOCfdFNZpNOUWwY2oPRUtp9bkLuYu7hs3nN2Dd7KKHTrpNnb2hxSdy84xBfBLHfTNYCRspvirwuRG90mT9wbTbl1%2FPffPWPNYIh67%2Fb12oCNTTBKkS6yjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6beeb640c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 07 Jul 2022 09:01:37 GMT

GET
H2 200 styles.css
www.canindia.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 326ms
26ms Stylesheet
text/css 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 575522
cf-polished: origSize=2640
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 07 May 2021 19:13:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZNqr1VGvWehm08GIVCSomDbInUSnV7VbY0SxyCG8RAhktLy2HB9CjotTDPSoXblrSuqC5kdljyDT3LNczSTmSpR%2FmAPvZuuYjwyixPVv9PLuOy6%2FgXLlHf1257CvU6Kb6P9tsTc7yo3QyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 66dde6beeb690c85-AMS
expires: Wed, 06 Jul 2022 07:10:47 GMT

GET
H2 200 style.css
www.canindia.com/wp-content/themes/Newsmag/ 108 KB
19 KB 326ms
24ms Stylesheet
text/css 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/themes/Newsmag/style.css?ver=5
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12553128ae4c4503a47c817c5daa573bdd55adb190797cf29ad3a74b44290f5e

Request headers

:path: /wp-content/themes/Newsmag/style.css?ver=5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 367777
cf-polished: origSize=152399
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 08 Jul 2021 13:04:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B1uudlz4hfo0Ct7c1KH%2BWxQNu811PdOGNelhO7gVTWX0Kllb7PThebd7ooWc6YQEGHTx4ChI5vMbTHfCegoEq3KLbVDoxnPHoayWo5fkUJhaozu4bQSdi205%2B%2BrU%2B2%2Bp8wVk%2FGl5nCbiRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 66dde6befb730c85-AMS
expires: Fri, 08 Jul 2022 16:53:11 GMT

GET
H2 200 js_composer.min.css
www.canindia.com/wp-content/plugins/js_composer/assets/css/ 474 KB
40 KB 340ms
38ms Stylesheet
text/css 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f

Request headers

:path: /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 13:03:34 GMT
server: cloudflare
age: 367777
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QwWf2SXELZTzq18xhaLJr9BqynlRLD3toHqGBcBWhLxpIC7olrkQFNHsep%2FXgBXM%2FSzqZYlGx%2BjUNhhMfgdbpJXGHut1NKAz%2BbOJteikyee%2FCxkuEVeyCzUPMja66PlajGfR1aRhArIbQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6befb740c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 08 Jul 2022 16:53:11 GMT

GET
H2 200 td_legacy_main.css
www.canindia.com/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/ 455 KB
52 KB 341ms
40ms Stylesheet
text/css 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=d92f310d6584f571e968b1e2036f935a
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d48e0c79fe42501dfb49ce72bb3e55a7efc8fe2a724a234f8ec5095a7fa0ea6

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=d92f310d6584f571e968b1e2036f935a
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 367777
cf-polished: origSize=595289
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 08 Jul 2021 13:04:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GHDtVD8sZr7k6pHgWo%2FMe7YgUm0nRtJhr%2FV5P%2BTadZtkKsGzu2rgSNb3Df%2BZOqBfDoQmh%2F4v4jtpXuPF2XDlduMjB0xV2Fatec13%2Fu%2FK9y1UGAemVu9%2B0I1yI3AQ%2BhyJYJ6U3wYHH%2BScJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 66dde6befb750c85-AMS
expires: Fri, 08 Jul 2022 16:53:11 GMT

GET
H2 200 demo_style.css
www.canindia.com/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/ 3 KB
1 KB 323ms
21ms Stylesheet
text/css 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65456946c7ce9e5aba2c5365c2edf64433b406468430db243b7780e0a380e67c

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newsmag/includes/demos/magazine/demo_style.css?ver=5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 367777
cf-polished: origSize=4170
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 08 Jul 2021 13:04:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fxAkBRi7MdOOyy7ZIA5HSHi8WT9gi3Ktv%2BCvd9x%2BxbKE4EkcBpBGdGMNthM9wdMezoowUid2j1YFIxo0sB9quzAsRNBzxQVNQ95D1VVqNjiZnXod5nawJ63wGR%2F%2FgAiZLMSSZUK%2BFW4uLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 66dde6befb760c85-AMS
expires: Fri, 08 Jul 2022 16:53:12 GMT

GET
H2 200 smush-lazy-load-native.min.js Show response
www.canindia.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 9 KB
4 KB 322ms
21ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.7
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f19b20d1e9cf0a2b22ec1899106f15b4bf8bf12b6c255fbd9ce8087a85615834

Request headers

:path: /wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Jun 2021 14:07:25 GMT
server: cloudflare
age: 630881
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P8t3OM9ddZ1D%2Fhco%2B9baYPQoLJN5gB4DeqqjZ6QaOuaGAaqwrqn%2F5vFB%2BpjYmRifVIhLRwlRbb6wpcvhIPihmjjkt5Dix1E%2FbECw%2BH029GxPxmEJtvDdNS2SMKKAGOGbQEfTL8sO549Wtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6befb770c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 05 Jul 2022 15:48:07 GMT

GET
H2 200 jquery.min.js Show response
www.canindia.com/wp-includes/js/jquery/ 87 KB
30 KB 328ms
26ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
age: 630881
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RnZ%2Fxw2Ux%2BTQMeq8bQswdv1zu6aJPHqnL7tnLgT%2FKhXNU2Y4dZXx9E07NadAInl5%2BXFmxq9TWhUnJopJFxHHfc5Tvrcdv0da9Umldz7qFu%2Bw2DEXN0QC3N%2FqNAKAdMziacjTQB4JaKat7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6befb790c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 05 Jul 2022 15:48:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.canindia.com/wp-includes/js/jquery/ 11 KB
4 KB 323ms
22ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: cloudflare
age: 522230
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QZoAOZDM%2BS1yaQm%2FMX7SwKJASbDH%2B5L%2Bds%2BABfRK07r19ErBOMmnbJ5RF8wcU%2FIjQDYhUlU49d6hfEhOESH5iRbYdzTGv6AONDZqY0jERk7dXCgtb4QE0brILyGVfYZDYpFijxZfW8OzvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6befb7a0c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 06 Jul 2022 21:58:58 GMT

GET
H2 200 site.js Show response
a.mailmunch.co/app/v1/ 24 KB
8 KB 39ms
12ms Script
text/javascript 2600:9000:2190:800:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/site.js
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54103e22890f40de8d835c5df33f2c86e50a861618199694053f56af647c566a

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 00:18:42 GMT
content-encoding: gzip
age: 168248
x-cache: Hit from cloudfront
content-length: 8157
access-control-allow-origin: *
last-modified: Thu, 08 Jul 2021 23:15:15 GMT
server: AmazonS3
etag: "05a90ace55a89f87e766bba9749c48f4"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: Wrt8QFjhJUKt8KTy8Dk2cK1AWe3Y_KMxDK0vb_RJcjSOTe6lDy0_Sg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 84ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

66da079776f05d6df89d8dd948f583d0d327efc2f4f25ca2ab297d32fad82899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "928 / 270 of 1000 / last-modified: 1626127699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24101
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16196053-5

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

959b61e7d53b2ad474e220330b120487190b5c5a86dc7f759b7632b4e19000f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36873
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 21:54:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jul 2021 23:02:49 GMT

GET
H2 200 email-decode.min.js Show response
www.canindia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 319ms
18ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canindia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b3e8e8bec00000c8585859000000001
last-modified: Wed, 07 Jul 2021 15:32:55 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60e5c927-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1DkapS5Fiqlo9leOMp6uPLVTAt7wgEK99X94fukbrQ1zwSyFwouP7HraU2xREhXiGjkU1SdPEFADPTbrY7x7fPrriM0VHKr0k0ki2XVyukGYFJpHbI205tl0vroAJ4dF%2FOMJFo6u7u%2BzwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 66dde6bfdc460c85-AMS
expires: Wed, 14 Jul 2021 23:02:49 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.canindia.com/wp-includes/js/dist/vendor/ 97 KB
32 KB 327ms
25ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 03:42:29 GMT
server: cloudflare
age: 482471
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JcKw%2FFIpey%2BDVA3Vb4f7hPuCJRPS5qZfwvdfQz2QLzIHZO6BES9l6EoqkCQIxkeIInWxPuBnC1ENGHG7o9PBung9Tuq7O7dPFdrpW1sX32LlOhk3VktjJNxI920unjXmkhUjf91tQHbTKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6bfdc4e0c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 07 Jul 2022 09:01:38 GMT

GET
H2 200 index.js Show response
www.canindia.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 321ms
19ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 575522
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 07 May 2021 19:13:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=unqsO51ov6ns3S3vLpeAb2dnNTcMsYW3z7vbq%2BEA%2B8UUPXbDntJbwhwJZXuW9Oki6efDh6hrNSJIfe7VCcnZvBE61RONyzfz2vyMSlwim72IMaWcucyCaGcHSgXv3lDeggDt5lBfsSxbJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 66dde6bfdc4f0c85-AMS
expires: Wed, 06 Jul 2022 07:10:47 GMT

GET
H2 200 tagdiv_theme.min.js Show response
www.canindia.com/wp-content/plugins/td-composer/legacy/Newsmag/js/ 241 KB
52 KB 328ms
27ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc17ed4b80255bfb82799bbd6ddbc0f7b751369c86d2e48564afe3b717a2e14

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 13:04:46 GMT
server: cloudflare
age: 367776
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cZI%2FCN11vhrT9LoZRoRTLGF9kTzlQAc3SQ6tA9loqfGRsxWHkOE9tMvukdPE2WumDGbQmv8SLyBBMgDNCRegsec6S9iK4lFnKixbHTTPxggvnlNhCpGSvYI6QT2eIYoiy20UlssCWasWeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6bfdc510c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 08 Jul 2022 16:53:12 GMT

GET
H2 200 comment-reply.min.js Show response
www.canindia.com/wp-includes/js/ 3 KB
2 KB 321ms
20ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jul 2021 03:42:29 GMT
server: cloudflare
age: 291938
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nBN8%2BquhfyHuNfFMsGkj9OxkKGd%2BESFS5yIGECMK0O9JbCefjla9Z2xNgkJocTc%2FjNcu%2BPbTfTv81ybhfbmBtHSiX9IQaf6fVFwODagTZo4nHBIKvU7gc5ECnYGaVVYK%2F3h%2BWgyRP1kGLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6bfdc520c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Sat, 09 Jul 2022 13:57:11 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
796 B 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&ver=3.0

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7b13d765a10c08018fb61dedbb0b9dd9549712d9a8249352d7503ad5760dde1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Mon, 12 Jul 2021 23:02:49 GMT

GET
H2 200 index.js Show response
www.canindia.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 4 KB
2 KB 323ms
22ms Script
application/javascript 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e5c659dc7089322d8a0bc6d164cea1d703f6cfaa483a4939bc86e5dc172670

Request headers

:path: /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 575522
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 07 May 2021 19:13:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PVUeD2zPDrpkjchCRblzqBZ7aHY33a19fgMogcSy1vxWgBN4bIXHzAonts9blHDJNR2sPwqgFM0YtSiripmtKMyyfwCCxjOzM6nA6oCVxwvIjqcoVvS6xV6c5NTAbu1RaGNFTuNUUCimQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 66dde6bfdc530c85-AMS
expires: Wed, 06 Jul 2022 07:10:47 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
www.canindia.com/fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 329ms
28ms Font
font/woff2 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Request headers

:path: /fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
pragma: no-cache
origin: https://www.canindia.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.canindia.com
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 400528
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15112
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WVsgEHatmF2OLgWSOMdRVg1ZSDc%2FMYPFy5q8%2FT%2FKCMbuUElZMd8wmIi%2BD6I%2FpEYdDTaxltygKYnsBK6dF0XGEQaYrT9P25JKdrsxc3ThphwCz6yRQW%2BGxo2l6ynzkh%2Fx3SxulQPHAb8kjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 66dde6c16ddc0c85-AMS
expires: Wed, 06 Jul 2022 00:36:10 GMT

GET
H2 200 newsmag.woff
www.canindia.com/wp-content/themes/Newsmag/images/icons/ 19 KB
20 KB 320ms
19ms Font
font/woff 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/wp-content/themes/Newsmag/images/icons/newsmag.woff?15
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/wp-content/themes/Newsmag/style.css?ver=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24763119a9aa6bc836fada5889c6f2ebde0a4a99621d417073bb7ff0d95bca7

Request headers

:path: /wp-content/themes/Newsmag/images/icons/newsmag.woff?15
pragma: no-cache
origin: https://www.canindia.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.canindia.com
referer: https://www.canindia.com/wp-content/themes/Newsmag/style.css?ver=5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.canindia.com
Referer: https://www.canindia.com/wp-content/themes/Newsmag/style.css?ver=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 13:04:27 GMT
server: cloudflare
age: 367775
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pEYNYJbBbRc77i7FbBdrQ%2F5Zb%2F0fyF36PMo%2BquPlZXNGZ%2BEDreI73NSnjR0Wqj9xJ4KO51u0LxONLuOaIK%2Fyvm5uiRb6c7kZ6TT%2BnMj5hlkxamDqiGFR%2B03nSwUxuLKOPs3qVNVW2PwUXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66dde6c17dea0c85-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 05 Nov 2021 16:53:13 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
www.canindia.com/fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 327ms
27ms Font
font/woff2 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Request headers

:path: /fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
pragma: no-cache
origin: https://www.canindia.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.canindia.com
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 400528
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14440
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=98h%2BeF%2FZvv7wjciAN9bLocIv8Q087YiXoMHdfYPeTi6MX9zKarxz4VCdut2hrJhIClRQsQ%2BN%2FX1iXPnTzw5rUUeMHMUQ2ZYIP%2FhO3i91ocRk5bpykwL7yFaR8QhqBXsPjvoZkC%2BQqqSffg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 66dde6c23eb10c85-AMS
expires: Tue, 05 Jul 2022 20:47:15 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
www.canindia.com/fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 329ms
28ms Font
font/woff2 2606:4700:e4::ac40:a10e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canindia.com/fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a10e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Request headers

:path: /fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
pragma: no-cache
origin: https://www.canindia.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.canindia.com
referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.canindia.com
Referer: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 400528
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14956
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=In14UJvE6Ghm84cWx2%2FcaIvowOBWJOnBFwo%2FG49naDLDM7ff0GdP3fhwKtteTVv6CT29gtM%2FwJfcB8D8tR0WVq0ADzhEgppP7wGjxpp4Utd4xin1yrdN4%2Bz60ffRuD1c0ibcxGZ8uplWVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 66dde6c23eb30c85-AMS
expires: Tue, 05 Jul 2022 14:39:03 GMT

GET WebLogo2021F.png
261502.smushcdn.com/165487/wp-content/uploads/2020/12/ 0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
94 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:06:50 GMT
x-content-type-options: nosniff
age: 3359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95992
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 22:06:50 GMT

GET
H3-29 200 pubads_impl_2021070701.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
114 KB 61ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 08:38:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117051
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:49 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
75 B 61ms
31ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.canindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8236c3eae7bc2e2c2081de37c820d3c68fc66eecfe44bf4fb8126cf3ba41c62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:49 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
341 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.canindia.com
Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 11:44:13 GMT
x-content-type-options: nosniff
age: 40716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348721
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 11:44:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16196053-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4323
date: Mon, 12 Jul 2021 21:50:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 12 Jul 2021 23:50:46 GMT

GET CIFRONT-HOLDER.png
261502.smushcdn.com/165487/wp-content/uploads/2021/06/ 0
0

GET WebLogo2021F.png
261502.smushcdn.com/165487/wp-content/uploads/2020/12/ 0
0

GET WMC-august88-2020.png
261502.smushcdn.com/165487/wp-content/uploads/2020/08/ 0
0

GET CMCA-august88-2020.png
261502.smushcdn.com/165487/wp-content/uploads/2020/08/ 0
0

GET
H2 200 styles.css
a.mailmunch.co/app/v1/ 21 KB
3 KB 15ms
13ms Stylesheet
text/css 2600:9000:2190:800:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/styles.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 20:19:40 GMT
content-encoding: gzip
age: 9790
x-cache: Hit from cloudfront
content-length: 2274
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 13:12:09 GMT
server: AmazonS3
etag: "822e311b98adbb2754dbfaec5d57d576"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: BXKVeJBTzVxBCCg4V7xFWNZKAa3VopoSpl77DKlXnY4katlhnk3xTg==

GET
H/1.1 200
OK 879582 Show response
forms.mailmunch.co/sites/ 89 B
574 B 359ms
121ms XHR
application/json 34.205.198.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.mailmunch.co/sites/879582
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.198.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-198-58.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: b7371ba9cad2399b245a117ea4c07f76281887917fb8dbc446ee5571f52c816e

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 23:02:50 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"59-4ervkYhmvbN9YuAYC4hYgz8wOiY"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length: 89

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.canindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.canindia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 323 KB
90 KB 1275ms
1275ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=78647722443472&correlator=3095810214362755&output=ldjh&impl=fifs&eid=21068111%2C31060412&vrg=2021070701&ptt=17&sc=1&sfv=1-0-38&ecs=20210712&iu_parts=35095986%2C2020-BIGBOX-1%2C2020-BIGBOX-2%2C2020-BIGBOX-3%2C2020-BIGBOX-4%2C2020-BIGBOX-5%2C2020-BIGBOX-6%2C2020-BIGBOX-7%2C2020-BIGBOX-8%2C2020-LEADERBOARD-1%2C2020-LEADERBOARD-2%2C2020-LEADERBOARD-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1626130968&dt=1626130970052&dlt=1626130969118&idt=892&frm=20&biw=1600&bih=1200&oid=3&adxs=990%2C990%2C990%2C990%2C990%2C-9%2C-9%2C-9%2C577%2C-9%2C-9&adys=741%2C761%2C781%2C801%2C821%2C-9%2C-9%2C-9%2C48%2C-9%2C-9&adks=2298584938%2C2958788457%2C1983123743%2C1231283894%2C193567092%2C1193936183%2C2307415595%2C2402019336%2C3490628154%2C2715688047%2C370124083&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.canindia.com%2Fnepal-telecom-call-details-stolen-by-chinese-hackers%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C728x0%7C0x-1%7C0x-1&msz=300x0%7C300x0%7C300x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C728x0%7C0x-1%7C0x-1&ga_vid=1969718353.1626130970&ga_sid=1626130970&ga_hid=1107531081&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7cc76b16ae87c8c47677eb0da6d4ad8bc6a478d4856ac6e0bbfbd97d4e6b0839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92174
x-xss-protection: 0
google-lineitem-id: 41980346,-1,-1,-1,-1,-1,-1,-1,5445859153,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319125408,-1,-1,-1,-1,-1,-1,-1,138319424792,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.canindia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC6F 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 23:02:50 GMT
expires: Tue, 12 Jul 2022 23:02:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1107531081&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canindia.com%2Fnepal-telecom-call-details-stolen-by-chinese-hackers%2F&ul=en-us&de=UTF-8&dt=CanIndia%20News%20%7C%20Nepal%20Telecom%20call%20details%20stolen%20by%20Chinese%20hackers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=892886066&gjid=1823538976&cid=1969718353.1626130970&tid=UA-16196053-5&_gid=1294368885.1626130970&_r=1&gtm=2ou770&z=1153807014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.canindia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1107531081&t=pageview&_s=2&dl=https%3A%2F%2Fwww.canindia.com%2Fnepal-telecom-call-details-stolen-by-chinese-hackers%2F&ul=en-us&de=UTF-8&dt=CanIndia%20News%20%7C%20Nepal%20Telecom%20call%20details%20stolen%20by%20Chinese%20hackers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=1969718353.1626130970&tid=UA-16196053-5&_gid=1294368885.1626130970&gtm=2ou770&z=1492614415

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 07:45:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55026
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6BCD 38 KB
19 KB 52ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&co=aHR0cHM6Ly93d3cuY2FuaW5kaWEuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=27aqzw10ei0b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a2a6883a4bfbd3118ec8682f628b35ba404dfe699004e34b320e743c9b47ac8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ypP43kyIJfgCqvnX8bFGRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&co=aHR0cHM6Ly93d3cuY2FuaW5kaWEuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=27aqzw10ei0b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 12 Jul 2021 23:02:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-ypP43kyIJfgCqvnX8bFGRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19641
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
435 B 44ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-16196053-5&cid=1969718353.1626130970&jid=892886066&gjid=1823538976&_gid=1294368885.1626130970&_u=YAhAAUAAAAAAAC~&z=158101666

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Jul 2021 23:02:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.canindia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 6BCD 52 KB
25 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&co=aHR0cHM6Ly93d3cuY2FuaW5kaWEuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=27aqzw10ei0b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 19:12:13 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 6BCD 341 KB
341 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 11:44:13 GMT
x-content-type-options: nosniff
age: 40717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348721
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 11:44:13 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-16196053-5&cid=1969718353.1626130970&jid=892886066&_u=YAhAAUAAAAAAAC~&z=453277949

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 37ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-16196053-5&cid=1969718353.1626130970&jid=892886066&_u=YAhAAUAAAAAAAC~&z=453277949

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6BCD 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:34:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 602925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:34:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6BCD 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 598794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:42:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6BCD 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 599518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:30:52 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6BCD 102 B
132 B 17ms
17ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&co=aHR0cHM6Ly93d3cuY2FuaW5kaWEuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=27aqzw10ei0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 12 Jul 2021 23:02:50 GMT

GET
H2 200 settings-1626080515.json Show response
a.mailmunch.co/forms-cache/879582/ 1 KB
1 KB 46ms
21ms XHR
application/json 2600:9000:2190:800:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/879582/settings-1626080515.json
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c59132f43637ace97082fba7383a9e4142b96dabfa1287ade8d15ec0ba88718

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 09:05:45 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 50226
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 09:02:03 GMT
server: AmazonS3
etag: W/"01616d7164a57285af58016fb71d6fd4"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: TPfq3szLTo8L4BfiN2CimNYc2Zid-qyFZBMTzOe8gaipdWmeVffsHg==

GET
H2 200 popover.js Show response
a.mailmunch.co/app/v1/ 9 KB
3 KB 12ms
12ms Script
text/javascript 2600:9000:2190:800:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/popover.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 111cea4209818a9350fc28c5ecf46ef9c0b3f3044cc7e0f8c3d197a725d3cca7

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 11:59:45 GMT
content-encoding: gzip
age: 126186
x-cache: Hit from cloudfront
content-length: 2245
access-control-allow-origin: *
last-modified: Thu, 08 Jul 2021 23:15:16 GMT
server: AmazonS3
etag: "073a8de59b0d7d7d8162b6666bea2641"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: Ew3CoEwabzJIxn-zhheui7NvkN3rOEqU5z1wIHMCqDO_Yg52rqrdMQ==

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame 6BCD 28 KB
16 KB 56ms
55ms XHR
application/json 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3016177d29a59355d32a948394941363082b0bdaa1cf7c348542a366d42d819d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDyysaAAAAAEVKCaHGwVhziSxtB6lX-29s8abn&co=aHR0cHM6Ly93d3cuY2FuaW5kaWEuY29tOjQ0Mw..&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=invisible&cb=27aqzw10ei0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 12 Jul 2021 23:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16078
x-xss-protection: 1; mode=block
expires: Mon, 12 Jul 2021 23:02:50 GMT

GET
H2 200 index-1624998947.html Show response
a.mailmunch.co/forms-cache/879582/987737/ 137 KB
44 KB 25ms
24ms XHR
text/html 2600:9000:2190:800:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/879582/987737/index-1624998947.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4117d2f1c199f4c9a460c02af74c18af4bac6de8a842a879bcb51af33bc0cf5

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 22:00:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1126957
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 20:36:00 GMT
server: AmazonS3
etag: W/"d46e1d3fad6314c919ee6f9e6b4261cc"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vVkBE-_WolMK2XVu1Ek_QDXqiBDy_utaC4FJKlRnLT0-p2_v2RwWYg==

GET
H2 200 css
fonts.googleapis.com/ Frame 08F2 3 KB
685 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9b07f182a7010f77ebe9f05d09268aa07ffb435f4f6b15e37c442c49e01a60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 23:02:47 GMT
server: ESF
date: Mon, 12 Jul 2021 23:02:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 23:02:50 GMT

GET
H/1.1 200
OK logo_branding.png
cf.mailmunch.com/partner/mailmunch/ Frame 08F2 3 KB
4 KB 84ms
22ms Image
image/png 13.225.74.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf.mailmunch.com/partner/mailmunch/logo_branding.png
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-79.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60615cf3ddf0b34046ce24ba4a0f5a5c352c10a9ae6e03043b93f8e0f5c6b509

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 07:58:13 GMT
Via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
Age: 54298
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3019
Last-Modified: Mon, 31 Aug 2020 12:20:46 GMT
Server: AmazonS3
ETag: "9b53f488aacdce3693ba93861ca034cf"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: DSQgo75N1pGQdMcqt2PLynPPBx06T77CldbLfOC0L6TufZAl9dX8TA==

GET
H2 200 1609650111818-127319
a.mailmunch.co/user_data/landing_pages/ Frame 08F2 8 KB
9 KB 437ms
436ms Image
image/png 2600:9000:2190:800:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mailmunch.co/user_data/landing_pages/1609650111818-127319
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66b8dd52e53954572ea8cdd2894be7de8db6b40a789781cb8cbcd0cb6fa23cea

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:52 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Sun, 03 Jan 2021 05:01:52 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "ff40d5b7a71f55c528e423ccca595fa9"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: ETag
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 8613
x-amz-cf-id: bK_bbSTXhYm8X-KTM72EYV6623j1zrpCV4q23bd8A3i76yrr-PD5QQ==

GET
H2 200 facebook.png
cdn.tools.unlayer.com/social/icons/rounded/ Frame 08F2 2 KB
3 KB 39ms
7ms Image
image/png 2600:9000:21f3:f000:16:6c74:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tools.unlayer.com/social/icons/rounded/facebook.png
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f000:16:6c74:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49e623d235463c8ad403ecd92bd56bcec0b17ddbae9697bb82bb2c66feb03d17

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:25:14 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Sep 2018 06:14:36 GMT
server: AmazonS3
age: 16657
etag: "c1b07fbd1b2626df454dbb8d2994ea01"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2414
x-amz-cf-id: OBY6vt8LKz4S3jDW8yeDr1B1LMYz9O_FP6fKjPUtbZJTIIZUXp0rOw==

GET
H2 200 twitter.png
cdn.tools.unlayer.com/social/icons/rounded/ Frame 08F2 4 KB
4 KB 39ms
8ms Image
image/png 2600:9000:21f3:f000:16:6c74:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tools.unlayer.com/social/icons/rounded/twitter.png
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f000:16:6c74:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f4c5434ff13af874ce19611307e65be3d98cb53c413140a2bce51ec01649dae

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 23:51:43 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Sep 2018 06:14:33 GMT
server: AmazonS3
age: 83468
etag: "d051f2f4c0c7f05a2b7352e4c1cc9f7f"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4095
x-amz-cf-id: 4JPUuMQhMM-BK-CNM-tcXSSnILdDPyb0kEXY_kL6f5-j-KO-Th5VNA==

GET
H2 200 instagram.png
cdn.tools.unlayer.com/social/icons/rounded/ Frame 08F2 23 KB
24 KB 39ms
8ms Image
image/png 2600:9000:21f3:f000:16:6c74:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.tools.unlayer.com/social/icons/rounded/instagram.png
Requested by: Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f000:16:6c74:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682cb4abb54f896af437d223aca4779e61a66a521bd544dbeae207a7e137f805

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 12:38:40 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Sep 2018 06:14:30 GMT
server: AmazonS3
age: 37451
etag: "88d89809e5d5dbe37bb198d09f603b51"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 24021
x-amz-cf-id: FOHTf8SCF21VD00CpTUxQM2htnyq-r3nyWOOv7zbMIn9StWstgNX7g==

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 08F2 19 KB
19 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.canindia.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 23:43:21 GMT
x-content-type-options: nosniff
age: 83969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Jul 2022 23:43:21 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 08F2 19 KB
19 KB 18ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.canindia.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:25:02 GMT
x-content-type-options: nosniff
age: 596268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:25:02 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C65A 0
0 58ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5y1-gEDCxsYmz4IPk2Zl2DO9CadaSKs0P04h6RY89Ah2EfTP-wP5xKF7qu10i7P1Zrc5pc1cRhC2KU4Np-pAK-S-53hDjRlovy9C7DUGA-ULTwLLJpUsOhlVhLFR4lMJUO8w0upGwUKibKoZjOhELc2U4ncJYBxwsdDE_pmXKhCqrnWH8sH7dkuZPRDbIN7EZgFX5pRVIQd0yUgPsg6wy1EldVfGmGhl6dAYMLLWjg9UYssOUAnPck7eF4w1Sn_9h7xQekxII96uvJ2rw9NfhGQ-hzQK2EPF77PhiKH1w7FycKZ7XibrJDQ4&sai=AMfl-YQoVkDDcZh7gZZh1It_7Bq2aXmQptgo47_Un84nwm1P3aeVv4QRO8tfz7b7Uv1XPbF3iJ1UET8BbQ_1LDDXDTELhz3-gXpTmzJ6Yc_V963lgB_9i-yj8b8jOf_2j6Q&sig=Cg0ArKJSzBu2PnJtz4n9EAE&adurl=

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame C65A 17 KB
7 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 15784850791818150134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 22:47:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame C65A 3 KB
1 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:02:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C65A 123 KB
37 KB 38ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C65A 0
0 14ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrYCvzXdmY9qIF8PvR7ton-pp4IyXic-EJC3-9SHBNWpbf3jSnnTkfDJcEtINYdNe63T9EADLRhuVl9YKnXWMrq5NuXg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 3299707719988649706
tpc.googlesyndication.com/simgad/ Frame C65A 22 KB
22 KB 37ms
11ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3299707719988649706

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de35c3d36239ae3ec11c7941c78f1ee69039d125dc9f2d3431a93498f00e378b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 11:40:14 GMT
x-content-type-options: nosniff
age: 559357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22247
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 03:54:54 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 11:40:14 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 42ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830134516437"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27897
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 200 container.html Show response
e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 53C1 6 KB
3 KB 24ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 23:02:50 GMT
expires: Tue, 12 Jul 2022 23:02:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A35F 6 KB
3 KB 15ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 23:02:50 GMT
expires: Tue, 12 Jul 2022 23:02:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC50 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 23:02:50 GMT
expires: Tue, 12 Jul 2022 23:02:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CBAC 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 23:02:50 GMT
expires: Tue, 12 Jul 2022 23:02:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06B5 0
0 73ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7JPMqTDmA3idf3Tca9L_vO-rQuSmIMvNZ0UDh4R3kcqDfEk6xwiU5sPkEPbHCpQphP17vCMujA1M43_vleZJ08UPGhNnydkXCZX-EPjyzYTVOvsj7OrLOBDVWIkzsR4QMucdB9rKUKapq-YOr0M0MOOfL4FxxwpjcWA9KmhuKhF8suXENd87Al96JlwjqPrmDTxpy5bGx8wdkF_QtuQZfxuNT53P1i-rlCg1ZW13GI9YbY3esjsuqKv37IPeM-o_WhQDxHYiUz4vAkEOiaXqg7DaXnSgYsCixg-tycqVetS1nflP9cVHvWxJ3Tw&sai=AMfl-YQDjKKkMiDDVjpWujxDF4RFZ-rpbfqKIz4pyhhJGahqq-ouFMFn2SHB2HFXGjLfvWoEKPm-OzOSvJNZkzfWo7eD96v6JrQIFxaVgwzME8gX80kzFtNMylfukbdaoZ8&sig=Cg0ArKJSzD3H8HTOhTd0EAE&adurl=

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame 06B5 17 KB
7 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 15784850791818150134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 22:47:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 06B5 3 KB
1 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:02:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06B5 123 KB
37 KB 39ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 06B5 0
0 22ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfDkDQwx5i5EXStW7-Wg_YYA7mnFwkqHJUMMJww1kdV_6gJtX3QCsONqxcafa1KY7vfD5DiBZZQZc_2uC1A5cwEZNRmQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 9104809922729365542
tpc.googlesyndication.com/simgad/ Frame 06B5 21 KB
21 KB 24ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9104809922729365542

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27ba9234f974219de6e767cae9a55749c10ade6663eb7706ceb06578c3c25fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:46:51 GMT
x-content-type-options: nosniff
age: 306960
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21362
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 14:18:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jul 2022 09:46:51 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 40ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021070701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb9f997b146d41b39c203b000244ba524beff2d887e356bb854db8c38703d4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8469
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C65A 0
0 58ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmOyO_EZvshmmJXnn2r-upYC4qIyc5Tc_0IEYBlr6e6xrU4MNiUm7urnFnc6Uj6YVz7TUJC6eTxqPXwODiO02HUAJGZU5ShOZ-kfYSoDLjqKNcNkSl4_NQySoSZLmg4O7j9Q4YOe80fJ0sxMnpOgcNqSf8NXNr2_nBc3oyG3ePpkQFJAFhBzgg1GbrP-VPJJ7oVuhbjFK7QsEksjDSEKsY2M89hpS3y8vl9h6Dt-zZ-bUezvTJ_om8f63Vt5k_OvTf33km3oRPiavhv8yaLXaGROAOW2rP1r5OsESo229AuDaTB5ntS-fPqTphNQ&sai=AMfl-YTLUz4o6g-3R_MDe5wYaC-nGy9vKcjaS8wV-o2So4ex9L3539PZVIgKbni9HuTQUXUikb7wPeyKDesrqEm84e52lkZV3cSmTEdMg4G3D9FoN0c6fVFV08tgjKyx7mo&sig=Cg0ArKJSzOVGs7LoVjSaEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
DATA 200
OK truncated
/ Frame C65A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a498b0ac9531641cc6db93fd9227d7fdb550f4ec4b343948468d11f2eac81e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 06B5 0
0 61ms
60ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1P23Lcggf2X2n2O25-5h9jr6-P4qTfFJz5Jh2-3cEAChF6Zv6qaYBcl-zDIDt0n97qf7dwVtY4k3R95Tth09zQKsJKCGHkj2SS4DScUmhkSQuUeXc7Cx8eiHo2r3T3-ypsl2ilsgPwDBZ4vBf3n_IWoYwUVJ09vbYPq8fCVd8fsMPyw2PTGCwFgBLBGqOAxdUzsO-YdUdrbHHPAj-EmhvWMSxZVYZ0n8U-m2UizMkw0MzmgCiCqyuVZvrvxSUvYOy8v45th3w4f0iUrHkudeARDsWokmM2mA7TpKVYZel25rwW2v4udOgKh5p27t6&sai=AMfl-YQ_Lo7Kd1oO1BndoxBY5EbkUEvA1dW5LSLYe9ZxTXe49f2VhCgm6Bx88X_NKkv78NLd2Q2Ck7QN1mX60pmYVkrSWhaakI66vT-Tn0WQBRzwTRfR1SFvXaWMp4EeFgM&sig=Cg0ArKJSzKZuHkB8h1-hEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
DATA 200
OK truncated
/ Frame 06B5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c1607570ca6eff42b05a1998dce45020f131017b7716c7c7d877c222415e41a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6F76 624 B
754 B 36ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVtOi0r_MAhnMQSZmvye07IsfPh89djPAYepupyH0VOCxoxVbQThevIERWzrjwAYK1v7U25tdTusdedkO5p5I9ax2lldACYjmqew-jKqYRJRBdgyTK7ZXc6UzvbiApUtSJVNp0YdItzfVAA4HTmizKzaZUfV86INkqQU-NDJTq7oUdWcnw

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVtOi0r_MAhnMQSZmvye07IsfPh89djPAYepupyH0VOCxoxVbQThevIERWzrjwAYK1v7U25tdTusdedkO5p5I9ax2lldACYjmqew-jKqYRJRBdgyTK7ZXc6UzvbiApUtSJVNp0YdItzfVAA4HTmizKzaZUfV86INkqQU-NDJTq7oUdWcnw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVyNqVA9F3zcIDx4LM5VlmYa7nL9sOddVZAWCmGERWl7n-Att1ZEGWwJn1M5Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 12 Jul 2021 23:02:51 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 53C1 111 KB
39 KB 38ms
2ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 08:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jul 2021 08:12:31 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/ Frame 53C1 6 KB
3 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 22:42:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame 53C1 17 KB
7 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite_fy2019.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 20:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 15784850791818150134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 20:59:19 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53C1 42 B
63 B 50ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvD3u_qJ5DL-dNRfFZHu2Vn1NKCbBMeIXRo_Pl11r0FOE0H6qS_4gLbGMsxY73AUXAmVpUt8Qd2RW3z95Pnll2nFGWeYtCS84Apq1BLcbyRPKdKoM

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 53C1 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:02:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 53C1 123 KB
37 KB 34ms
33ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 53C1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6198
x-xss-protection: 0
server: cafe
etag: 11976405653130873325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:01:27 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 53C1 0
0 16ms
15ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2far8etY2de7bQqiOodpCv5_T4UQKsAWn1nAQx_HOVVXHes3FfiCI9d4804BmCCLt2xLkYy1Q-aOAllK_M_RDq-QgXg
Requested by: Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BF3A 624 B
340 B 27ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNWiAdhyegiaB80s9CWbvMiqGqwhuem7NE58HPWVpWEwy8TIQRBavwd1C5XLcmBq96xZH6u6Zqy5DiR9bQmbKnlnzwvX0yn5mZauMPgKb6C6T549O8DOr6qleCrYVnsn7mfkWAXJlX9waaFjBK52_vo6y2DFGpRbpgQhkINZ3ccG3wuV0Xk

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNWiAdhyegiaB80s9CWbvMiqGqwhuem7NE58HPWVpWEwy8TIQRBavwd1C5XLcmBq96xZH6u6Zqy5DiR9bQmbKnlnzwvX0yn5mZauMPgKb6C6T549O8DOr6qleCrYVnsn7mfkWAXJlX9waaFjBK52_vo6y2DFGpRbpgQhkINZ3ccG3wuV0Xk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVyNqVA9F3zcIDx4LM5VlmYa7nL9sOddVZAWCmGERWl7n-Att1ZEGWwJn1M5Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 12 Jul 2021 23:02:51 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame A35F 111 KB
38 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 08:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jul 2021 08:12:31 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/ Frame A35F 6 KB
3 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 22:42:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame A35F 17 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite_fy2019.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 20:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 15784850791818150134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 20:59:19 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A35F 42 B
63 B 48ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxGyQlftodE8RNiOeXXyb0BiOPNlayThtQnZSNwfk8AltHC_SQp_NsIpEzuoVNtPiTgL719j0XdDH_00WJ4GjJDCGtaXZTdHbD1CFFIBFeR77ayOA

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame A35F 3 KB
1 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:02:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A35F 123 KB
37 KB 39ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame A35F 14 KB
6 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6198
x-xss-protection: 0
server: cafe
etag: 11976405653130873325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:01:27 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D872 640 B
316 B 42ms
18ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY69z3lQEwAQ&v=APEucNWveyT3WyZp1CMRNZqw4nJaxRTp2myjzka_U72EkfhyEaUxqaMu37bVAT6GXZGnSFXhslOdM2tWoKuUXYD3bas248mshTj6eBtkTmWFxWd1Tois67Ap-puW9lssXGFCglXKp2RJNGTIS_yx1ng_Jv4rR1ejFEYOvtmlZIQtbT9vauTNl1g

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNDdGRDcgxoY69z3lQEwAQ&v=APEucNWveyT3WyZp1CMRNZqw4nJaxRTp2myjzka_U72EkfhyEaUxqaMu37bVAT6GXZGnSFXhslOdM2tWoKuUXYD3bas248mshTj6eBtkTmWFxWd1Tois67Ap-puW9lssXGFCglXKp2RJNGTIS_yx1ng_Jv4rR1ejFEYOvtmlZIQtbT9vauTNl1g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVyNqVA9F3zcIDx4LM5VlmYa7nL9sOddVZAWCmGERWl7n-Att1ZEGWwJn1M5Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 12 Jul 2021 23:02:51 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AC50 80 KB
26 KB 76ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bl_ofE1zeZ8G6rr93I5Epe9TIHUYxfiwpXrKbCWfhZo9kOGi2b5Js0tbqEnysRFcicp-46NfHXzkrqArVEmU08XVg9z5XU1vJME89ZqnxS_wtC5HkRMbrJlqbtCkYQsCy47iHiesxKD9kWSm8WEL2JfjPz9Q&dbm_d=AKAmf-ClFDoW_Udc91JAbKzd831Is-K0ICIO0zFseXuy8SULdmo86l9RWCW7xk6KdOlktik5rU6IKtFaFMW6jdJhTcymG3SRA7O8NUVRVzswfI_EgtxciA_9M5MMuX0sFDVNd0QItLq79D1C7xiS3OBX1QeHU_cNLo8n2lrZNy-xVxmu0RGD9dGuX8jswbiwVTPT9yw2Uws13-MTc1_mtTCkqpGUab-q3Htska3WHvlnXREeenJwXt1sSEX_89_bi4eNs-G2asgsjNou3afTGdgrIw9eGTM6fqjAmRj9umdEuPX57n1qDds1Kozjju2xeWFjpNFu97CgwQgNY-bp_VMatrpfHFNGDnxRwq4e03lWNdLb-ahqCRnK1Y_kdXy9mbTggwZd-gqFPgoqJfrAG6kjCa0MGdH640xN5hSDqjcnpItAAWmnzalmdey5pS2YD4pJALLZl0RumsGeX2hN9JoR3EIbQhZi0ukslutSMRIOEVh_foY5dyVGT5cMPpejko9U8D94razwJkuvOhw7YOChM74XB5PTlKPD9dxPixvHywLtAbAuWyl2LZcf5okj_FfCrSzusRfEECRBuHQTjeIDV1aFrpNi7R1fuQLDq8EErHTwl7PyJz7kKDOYVnaXA3uXFBIP6hzSWx3OolO68Dpc2e-WxVsekjZ8X6RXyCry-BCXtkDpVO1Sl-dCPDF8P5kg_zAMdw35xoz861gLccApvSsSrCkleB0YJ32yPD8o6At3rqdHQBRtFdtkWmVWO_I4HTzBg_R1MrCMoXVsLjURKNVHIjqkD_34hDiNdwIG3yeZvpkxeNirPhBGhgmNHLA726MCZsfk9j4y6b-H270CVKh1kW4J9SHq9AMIfYdujDDYJCnjIa1Jv3j5Z1ulJolQlwtIwjhfV6bAiY6atMJkOWRJZQlRwTDMXfYeu7mJeaHTozP1hlDKpLQOj8PGdS4uUv945NuHp3IawqPC1Loz8krv6vII8g69RrhwM6oluQ4xKVatzlhb9rm3n2OjyZVOtrjTJse5_Bs39yF0hUnivzboLYUEyeAvLTkY3dgPodx8JOwbCLEmQBoGEyw7lRhdmJQ-t2Lmx_l9IHh1mV7E_0VF0IMvkox9-Gn9y2pejXunnyQUbyRndzadD3O92UIyZRZIIlVHQHIA3-pfGcYGuPHw4llG3n4zAX3CsswWZLxusQ_fUsSwY8Xed4KHeIYYdB9LPLtNhf1UM-pv-frbSuXRa8a3OuK9Y-YMQtQQ-gQlQ0QomNlPaAvricxQHuWknB-dHQv6AuKKF9rSJYnbqUrpvQbggE6B1P2LVcd1qn-iFyybRKAClZYSwsl86zQc5ex21fhR564eg2pS_w6Qpuh7vGe471_UKbD5QNxutjjpdgTu2WFrTivZQsVCi2SrCTxw1Kt9be3XbZ7cRPbjGNH13LeIq8hsqH4OVQxQ94c3Znw1-dIReDzdi3D-py38YKBr2DFI7J1Gx6u8ayiNQKei50jEcP1abbQc1wAxfQeLA3oILM__uh2Od57U3t2eCT1azS01PMX0eiBE0qIOqCMtEfzo5CVqU7E2L9QGJQUvDBqszNA1NkzBe_FNE22r4gVWofXt8p36obEpWzktpBidiTXNmtffDXqWysbsC6Nh3IgDDuxeoSjDGKC0vww8p5R_4dq-58Ub_DhaxNrzjm0ooRszfBT2WqxzxB67lCsMkhgO05c1o2fm_t-y-iS7g5zUw--bbN4m7aqppdCQQtCEE6FEIOjpleU6UaftF_uN-jcO9nRDp30KKF3IqM7Us2mHWA8zBm4ic44jlJc7ajmbJC_J_3Ij2kyvuZ5kCvDE49xDWqAIARo0CY_Vr5eJsDQF-SRi1JW_KlAUOBeBw0tQH7tOyxlDEBgBNhmR1PNR4QT2fFtTfui7fGmI1CfelwgYJ-yCW3xPrWzFfwFG6uKGwEXAul3jXG_mAriao3qGeRygR_RZmTfa9L1ae6nZue28Sw-iobRKrQ5TVnwIz70McP_E6WmJFhRYgm1Z4JDMtIx_rcPmo561Xcldh2YbiXGTM3yaS826PeBuVECdYH74r1OkKF9zdQm-SFm4N7-9L6sHP-0g84XrOaDmfTazhOs1k7OXl9oIfsMxrXKyaZ7Oq0zcshK9wRxbjWm3XCE3yFPXKK3InW_kquJ4segUAStJE34KmBH6qs-5u6PumxzMM3UFXJF-aN77hVGESquBnKIx6hUqKOD1N--4qV0ri5Z3MSo_hGMwiThb3Gwk2nbK_EWKqynBljRGBlO8pa8DWzyT9Xz07jNPt1ZR0vpWnDW7KWVYQGbiOSj-1Eo9PWaiTQFZtc_jF4O8FEyegdJ2MioPFYjrk8TDYRTEo9T_LOlSdvGWA__sfYjipBi_UDA4ON66YWHZoN3Hv-iK69MKGXr_Q03hdVJuu66ks08fgJizZfByBx9DhvjWGPJnkqC-sa6-G1h1KyTXFrQ7XJGFvplrj6abcyuXr3iM8ZsqaJXmCRiVCJx2rrSvis4dPo5hRXZ28CspFtmQd1JZb3GOYTvvKAGwo7MTAoop-o0m82D5Sr2Dx7e1TSpVf9Ca28OP3Fpks7edxO90CoLlecGmwTCEu7mFxHaQuNQ4PHzFdAfj7XCYJJNB40ZkoMb_LavrVR0ZFB9pkwsN6ANkwQ_KTF_hDVZ894pdk8DKcbV6zRhUNbSQBe6sO9Rrx7BTu-i0wrB-eonXDa7_P5Oe1TRhX-BEx_ztfXf7pd83lJrKqs8yPv2EasDvHkLFa8FzvH75pXnlLOZldUsgukohOlsKGar21kkgrOQ5raFjuj9v8NNngQOwSFQrublwhP63zkd_gRnvKDpHnlwiUXjpl_1S5kcJsh4v0a2PRo6bPdmVqwN--tK8fSxeBmFdVS8iEaBlvUeM-0MH7ssNGuZjUz8c4FK2UoZr-l5JqBEm-mKeQW0EflESUl0hnoEv4HnaNMIVR6B99n2Kq9heHECU-WZW8osYiKFb6Aoyt6JN69eizGNNS7K_9HqJAEwmEbvc3U6b3sG5kseD4jFmUfjSAXVrjv7tmt8_oze4M-j-1Y4PBYB39SxANcVRqi8YS3irkGFOPNAWvoIqqR3aMOS9d4okH64nuDKE0sNaXUa0_Csktte2SROnxGBcBrjCL31K3ovzG17oraQdV6mrC--5M8qjwktvKbHnAup3PlkFIxIvgjwbliN2Xk0O9B52pSiN9rqqdRF7Sddly28lYENNvK5WsA3H_ig&cid=CAASFeRozlvKMKriZeJJA9P5ydC9Q0Q5og&rfl=1%2Chttps%253A%252F%252Fwww.canindia.com%252F%240

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21be3d8cc254f4859ae8a3da30c334f04e89373f81ceda1769cd60b1cfd2eac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC50 42 B
63 B 67ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQ0z_i1aYtiT5x6V8HEUkf27fHNK7mEr6EbRfgxBJuSxnpfp1ic0Y1wWFHlB33o2ABlCf_NUI8og9I26OlDZKY3BMHl1pDqnEq25-PAdpx_EW3bqQ

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame AC50 3 KB
1 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:02:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC50 123 KB
37 KB 39ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame AC50 14 KB
6 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6198
x-xss-protection: 0
server: cafe
etag: 11976405653130873325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:01:27 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame AC50 0
0 45ms
16ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTi7wMln8gWCXzsU9yq6HOJri-nzj3p7l09DEVR0b5tlmBQHlq-wBVVjDcBf02QXtQ-dNUdK6vWHpznUDq2i2UUw_ZMOQ
Requested by: Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D85E 640 B
316 B 39ms
18ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVUt2_NUGU2FbymKPiRM1iY-gcFZHdLg8viTQ3KiUCE88GdHKPfpqSVvk4cEcTZnqQlU2g2KYcYUBV2286bEkFYNpEbzOo8JnBstflFLN86zV6ngm5ya_jjX5qjYOscGQsb_Nkq3Lyudr08pbeBhZ9sZMmGbW0bOpvCh-0NSZ8cj0Du8oQ

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVUt2_NUGU2FbymKPiRM1iY-gcFZHdLg8viTQ3KiUCE88GdHKPfpqSVvk4cEcTZnqQlU2g2KYcYUBV2286bEkFYNpEbzOo8JnBstflFLN86zV6ngm5ya_jjX5qjYOscGQsb_Nkq3Lyudr08pbeBhZ9sZMmGbW0bOpvCh-0NSZ8cj0Du8oQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVyNqVA9F3zcIDx4LM5VlmYa7nL9sOddVZAWCmGERWl7n-Att1ZEGWwJn1M5Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 12 Jul 2021 23:02:51 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame CBAC 111 KB
38 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 08:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jul 2021 08:12:31 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/ Frame CBAC 6 KB
3 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 22:42:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame CBAC 17 KB
7 KB 22ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite_fy2019.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 20:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 15784850791818150134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 20:59:19 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBAC 42 B
63 B 63ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CshF5zxvWiSMyA_pTOuIHtufB_U9865ZLcy5yXNwui7Gdjlm_-HMNOQn9at2qujDkLCyMpVonX5qvyf1P6Y684oVVVHW8pcGL4J8pOcurUowi1x5c

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame CBAC 3 KB
1 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:02:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBAC 123 KB
37 KB 41ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame CBAC 14 KB
6 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6198
x-xss-protection: 0
server: cafe
etag: 11976405653130873325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:01:27 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7658 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 12 Jul 2021 21:54:46 GMT
expires: Tue, 12 Jul 2022 21:54:46 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8579 783 B
530 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7870253039930d1879650c6f505e84449030f8124f9d4528dad26816cf6f1877

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3bdrpyIGuGDaqvSo67eTHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.canindia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _GRECAPTCHA=09APnzWJr8KSuv5AOeWupaM6yVkqLTzFqdL_w4dYLdgGa1zkq-ItTXYcfTZRcU1Xll8eqoAdMQecysXmhmE40C1Rs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.canindia.com/

Response headers

expires: Mon, 12 Jul 2021 23:02:51 GMT
date: Mon, 12 Jul 2021 23:02:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3bdrpyIGuGDaqvSo67eTHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 CHG-tesma-300x250.html Show response
s0.2mdn.net/sadbundle/2840640897156067158/ Frame 67DF 6 KB
2 KB 20ms
6ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

690111ac8ed97850572ac0fbd28b2508af41618cdafdd4dbee2eec7e78065c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/2840640897156067158/CHG-tesma-300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2388
date: Tue, 06 Jul 2021 00:51:26 GMT
expires: Wed, 06 Jul 2022 00:51:26 GMT
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 598285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 53C1 0
592 B 120ms
65ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusf4GEUNcbk_cPwSBOau_xAhu3LcVp8ktyT-17daXCTyTgyf61WjzJilvPIcAYWrm-ey4clBx6psfRvGOVHHt34JmitG-37Awobf8JLIIGm7IOKqYT4Yef7LEiM2KIoa5qSjvctZBaX_ub0o9ARxfICHa0g53C9C4BG-NHAZW-shqOOzXdxbvF3w3Cgbp4KIHywEPQcshQU2_FaS9UxD7hgOrObgkcQ-VR74ZpddlOtj9XKIDrY0l0tr7TANxRPcELjWzzU3WPJ5rWtvxQnJ9uoihQVOpqPZyZrKE9jerCS1OGxyeXIc9bAShp2f6mYWPptJzoAQauI_BxgSd7tTmYOgmotX7Kk7LpQhRJTYToSWXNvcKx4t99PSrvrLokalCM97ac2O85Rk-zaO1bNoPAaLhVfI0n5C-IBD2LoZiJ3PA7YHvw39mALpL6q6zaPEXDEUhEjgmr-CDndKJ3S87eiJwVgkVizHP50L6pv6po_iLiKgISOAys0MIUy6KXcdqaC-0H4fcaPfflQG-3OhObA6bxMTdxbDuI7bf_4reybuNahBSa-CqM9lh879RBWtj3jRADHoP9eU6rRl0YGfdz58u3xgdkD-uhRKvSwQC1FTmFai5VySesm_WtU1l0rc6gBjBxK1tn4D_GmOyMEu1axdeU7bqgftMH6ruUN3IKsYS8UJRVAOQ0YrouiW4jhJsSDEu8gmQpmacWeD3U-SyM6bURUQVRjiE2fLWnLQtgAWTJ4K9I5I96wNdfaz9kYAEPVHNEuLgUphwoERAWfGMF72tdatgWnfuxlog7Zg4LZ6Y-JAIWgABlemoobFlf0tQP8ogldBCC0o9smYUthhhHWc0H2uHs1iwda3CV2zhfqwrhjoNFIhwnmQ3JilDl-HYqHnq88Abwqus9K_VhmJsoAUJTWD5NvAQCEgtdF7R6zmW7BRh0JJtI-_nDx_WACDlMno9A4YgPbfrMhrjxrOJ-0ox4e3cFHaw_Qf9wC36xoVlayC-P8lAp1sXW-6Vsmcq_clY86WeNsynXJH5_-MG3A9dHL0ifrcm9i1GhM5lKPVFKEaMZS_GoInIz6vNWB6Fa2zTevxusYPkIrEAxr9tbPyqS7DgxwAKFCyozQjnN2JXDsAHME5jZllC_hDCjki-s2OO37J_r7r2D&sai=AMfl-YSeFcaW_iVCFlFpuhGoYzgGA4QSXIw76W20meDhABZAR8GdEpIA_6FJ8t-l6fSHMIorNEOpQvfdMEEhedQ81ldiNmLlQGlTi-cxViK8hZN8-RR7wCoBGQ2MdGmthHFLpaJzKfbYygcqcUlpRgoTqMeH687P8fuRAy1lt3cguxEAhNDICjXOoIFQh4F_s0BQm1BrhDolB33cQ9sZ-7t9E6AuxgBWH5bo9i6dTsExw6Bux2u_AYrfYM76PqGpk441X5MC2XKG_tbUg1Jzr2STNvojibWty5KePjax7kZfOtf02zaoLpZ7dMXPIOrXBHJETvRJez0ZJ-dLvoT52tGNFN2EXJRXM2b1Rh_qen7MOLtILW-eSmfO716eF_7h6Xj97Q&sig=Cg0ArKJSzKCnyGxhsRo5EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=121&cisv=r20210708.65597&adurl=

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 12 Jul 2021 23:02:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 53C1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 16:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 16:42:41 GMT

GET
DATA 200
OK truncated
/ Frame 53C1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bde34269dbb00e247efd3d1b671ab8fdea266e2b75d6d267b491cc8db72d0600

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A35F 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 16:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 16:42:41 GMT

GET
DATA 200
OK truncated
/ Frame A35F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1905c244aad05b0ce40cd83df1ceebf2a88a65666bc2520d89764ad3e5ab0e9f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 CHG-tesma-300x250.html Show response
s0.2mdn.net/sadbundle/2840640897156067158/ Frame D64B 6 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

690111ac8ed97850572ac0fbd28b2508af41618cdafdd4dbee2eec7e78065c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/2840640897156067158/CHG-tesma-300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2388
date: Tue, 06 Jul 2021 00:51:26 GMT
expires: Wed, 06 Jul 2022 00:51:26 GMT
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 598285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CBAC 0
61 B 66ms
66ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMDLCfGPb34PfJIgNNMiqLkjBpOO6OxIaPXpYvAbId3wtrMxjfpHCA-2wtOytdLiDWc7hQjWn8npe6cmk6ogC4k5e9yIE2XA6ExW2U0tDIpGKE5l94v0qCNPnJ1BNQf7IVxP21U8ZlAFVw6Wc-as0_62urK4ZAwXUeDpPSLP2WTvosbmJ0pTWcLGno_n_AJedhezqtbLoWc4dy2avkckikPwJ2l-kfPAIpPZJOknXJUM_4k2wmq_SNsPcrl1jxdT5_z9xNZh4mfb5BZ7wsNJpfOLwU5g_NMaMhqENk3jpkk7qW3kl8J--OKoSrJkmTNzax1Zz2lQYElGvLXkS3LwNxYtPc5TNcI5kaLLBZOJT4s4QKGo72J7nGMNme4Gr_ysS7Zj_SBGvq51clzgAoBFWTc1S-Y3ofkly8HIsHt75ezJo8NeOKnDfvXYn61_CCSUphhy4TCcWKAtpY_UaKvLPaTV-amsqBLJjhL6S2-WxStFVUVFtW6jxaAfwrt2QeqPN60nFvTMUWzy9tU7W2IuBoH20DK3y7IZ2eHH28VkBooguhozulVi4tyTLD9ZAlon-YUozqhdsaYZDp5SxoWRqW5i7jqVtyE58MznE_83R3u4ozMjsWnampIu4qnedy-IEMNFPcI-feM_pFCspUKKidJm-BOlwm4FM4RmGZ4omU0jrPtNWqGvPsFP-rCocKwHL2SHVEmioumPyhlS7JZUNtlz4kmfv7PWvSsaA1rUEZ6pPuQwqRZi9zv5TBIAEYKfDcj6DAgXkVju3ZiPvnvy95TwQ8XQL3-hy1fkj1Q8dpdg7YPxYeSWBy7L0WNTiR-QLPOjjgTej-jQQgOy6OOcLeMLWXQyDzvKoAyYd5F8q4rEJ9MA90OmzUqqvIO5JuGUr6u7bKwmra81J14v6SCOzXcS5BzA-MQk8qTPwvCESVi16JbPIX51iH7Zr_dKI3sF1g3Y5M6AeDTlKmOVbKbEd-do3mZmZQUcdcekfX-c55Jp2YtO77_N90jmNJ-iPRXPIIBn2TbU2Xx0ISHlgjEi0w2NcWJh1RfM4fQ-QbVAYRnAJKxb8Vwa_IEgT2q1qlsLlLSQ6El6wmLtn0piotYYdlUAEqKNo8PNmFb6R1_39xMwOlnRequLq9f-uR0-1Omefthk8z49jG3LKG&sai=AMfl-YQF-C5qoqNkYt26AM9fmg0Qk9P-2bCKwzv25MNzEsliL5WdaP5nPHQgU05_CqSU2gAahPxSZ37zDD6A4TYfccGqTsFpDb1po6aFNmD-uoiR8Mq-FsBBKsjaYX_akp_8tnTPmS_hAM0HCzkac8p7hPixITutxwAR4S3avFGYp00GML1AagJujR1TEWIhHn10yYFAsyMfGeN2f0Axc0goNVK2-EQUN2CFBSfTAHg-6YrhKBXNpDe2WBZ2ZukePEUEz22Vq7cpPExtK9hdeu4mBEr8ptrCbtyEB1JCml7EjGvYSgJxH--s8tpNQpBhhgaJ0iHdtjif0fKJ1k4hhjG--WhwK528ONB2K-rxO_adguvaATS-BiVfKsvNyclBN7cJqw&sig=Cg0ArKJSzImQE-6Ao4zLEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=170&cisv=r20210708.57768&adurl=

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 12 Jul 2021 23:02:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame AC50 176 KB
61 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jul 2021 13:46:37 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/ Frame AC50 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bl_ofE1zeZ8G6rr93I5Epe9TIHUYxfiwpXrKbCWfhZo9kOGi2b5Js0tbqEnysRFcicp-46NfHXzkrqArVEmU08XVg9z5XU1vJME89ZqnxS_wtC5HkRMbrJlqbtCkYQsCy47iHiesxKD9kWSm8WEL2JfjPz9Q&dbm_d=AKAmf-ClFDoW_Udc91JAbKzd831Is-K0ICIO0zFseXuy8SULdmo86l9RWCW7xk6KdOlktik5rU6IKtFaFMW6jdJhTcymG3SRA7O8NUVRVzswfI_EgtxciA_9M5MMuX0sFDVNd0QItLq79D1C7xiS3OBX1QeHU_cNLo8n2lrZNy-xVxmu0RGD9dGuX8jswbiwVTPT9yw2Uws13-MTc1_mtTCkqpGUab-q3Htska3WHvlnXREeenJwXt1sSEX_89_bi4eNs-G2asgsjNou3afTGdgrIw9eGTM6fqjAmRj9umdEuPX57n1qDds1Kozjju2xeWFjpNFu97CgwQgNY-bp_VMatrpfHFNGDnxRwq4e03lWNdLb-ahqCRnK1Y_kdXy9mbTggwZd-gqFPgoqJfrAG6kjCa0MGdH640xN5hSDqjcnpItAAWmnzalmdey5pS2YD4pJALLZl0RumsGeX2hN9JoR3EIbQhZi0ukslutSMRIOEVh_foY5dyVGT5cMPpejko9U8D94razwJkuvOhw7YOChM74XB5PTlKPD9dxPixvHywLtAbAuWyl2LZcf5okj_FfCrSzusRfEECRBuHQTjeIDV1aFrpNi7R1fuQLDq8EErHTwl7PyJz7kKDOYVnaXA3uXFBIP6hzSWx3OolO68Dpc2e-WxVsekjZ8X6RXyCry-BCXtkDpVO1Sl-dCPDF8P5kg_zAMdw35xoz861gLccApvSsSrCkleB0YJ32yPD8o6At3rqdHQBRtFdtkWmVWO_I4HTzBg_R1MrCMoXVsLjURKNVHIjqkD_34hDiNdwIG3yeZvpkxeNirPhBGhgmNHLA726MCZsfk9j4y6b-H270CVKh1kW4J9SHq9AMIfYdujDDYJCnjIa1Jv3j5Z1ulJolQlwtIwjhfV6bAiY6atMJkOWRJZQlRwTDMXfYeu7mJeaHTozP1hlDKpLQOj8PGdS4uUv945NuHp3IawqPC1Loz8krv6vII8g69RrhwM6oluQ4xKVatzlhb9rm3n2OjyZVOtrjTJse5_Bs39yF0hUnivzboLYUEyeAvLTkY3dgPodx8JOwbCLEmQBoGEyw7lRhdmJQ-t2Lmx_l9IHh1mV7E_0VF0IMvkox9-Gn9y2pejXunnyQUbyRndzadD3O92UIyZRZIIlVHQHIA3-pfGcYGuPHw4llG3n4zAX3CsswWZLxusQ_fUsSwY8Xed4KHeIYYdB9LPLtNhf1UM-pv-frbSuXRa8a3OuK9Y-YMQtQQ-gQlQ0QomNlPaAvricxQHuWknB-dHQv6AuKKF9rSJYnbqUrpvQbggE6B1P2LVcd1qn-iFyybRKAClZYSwsl86zQc5ex21fhR564eg2pS_w6Qpuh7vGe471_UKbD5QNxutjjpdgTu2WFrTivZQsVCi2SrCTxw1Kt9be3XbZ7cRPbjGNH13LeIq8hsqH4OVQxQ94c3Znw1-dIReDzdi3D-py38YKBr2DFI7J1Gx6u8ayiNQKei50jEcP1abbQc1wAxfQeLA3oILM__uh2Od57U3t2eCT1azS01PMX0eiBE0qIOqCMtEfzo5CVqU7E2L9QGJQUvDBqszNA1NkzBe_FNE22r4gVWofXt8p36obEpWzktpBidiTXNmtffDXqWysbsC6Nh3IgDDuxeoSjDGKC0vww8p5R_4dq-58Ub_DhaxNrzjm0ooRszfBT2WqxzxB67lCsMkhgO05c1o2fm_t-y-iS7g5zUw--bbN4m7aqppdCQQtCEE6FEIOjpleU6UaftF_uN-jcO9nRDp30KKF3IqM7Us2mHWA8zBm4ic44jlJc7ajmbJC_J_3Ij2kyvuZ5kCvDE49xDWqAIARo0CY_Vr5eJsDQF-SRi1JW_KlAUOBeBw0tQH7tOyxlDEBgBNhmR1PNR4QT2fFtTfui7fGmI1CfelwgYJ-yCW3xPrWzFfwFG6uKGwEXAul3jXG_mAriao3qGeRygR_RZmTfa9L1ae6nZue28Sw-iobRKrQ5TVnwIz70McP_E6WmJFhRYgm1Z4JDMtIx_rcPmo561Xcldh2YbiXGTM3yaS826PeBuVECdYH74r1OkKF9zdQm-SFm4N7-9L6sHP-0g84XrOaDmfTazhOs1k7OXl9oIfsMxrXKyaZ7Oq0zcshK9wRxbjWm3XCE3yFPXKK3InW_kquJ4segUAStJE34KmBH6qs-5u6PumxzMM3UFXJF-aN77hVGESquBnKIx6hUqKOD1N--4qV0ri5Z3MSo_hGMwiThb3Gwk2nbK_EWKqynBljRGBlO8pa8DWzyT9Xz07jNPt1ZR0vpWnDW7KWVYQGbiOSj-1Eo9PWaiTQFZtc_jF4O8FEyegdJ2MioPFYjrk8TDYRTEo9T_LOlSdvGWA__sfYjipBi_UDA4ON66YWHZoN3Hv-iK69MKGXr_Q03hdVJuu66ks08fgJizZfByBx9DhvjWGPJnkqC-sa6-G1h1KyTXFrQ7XJGFvplrj6abcyuXr3iM8ZsqaJXmCRiVCJx2rrSvis4dPo5hRXZ28CspFtmQd1JZb3GOYTvvKAGwo7MTAoop-o0m82D5Sr2Dx7e1TSpVf9Ca28OP3Fpks7edxO90CoLlecGmwTCEu7mFxHaQuNQ4PHzFdAfj7XCYJJNB40ZkoMb_LavrVR0ZFB9pkwsN6ANkwQ_KTF_hDVZ894pdk8DKcbV6zRhUNbSQBe6sO9Rrx7BTu-i0wrB-eonXDa7_P5Oe1TRhX-BEx_ztfXf7pd83lJrKqs8yPv2EasDvHkLFa8FzvH75pXnlLOZldUsgukohOlsKGar21kkgrOQ5raFjuj9v8NNngQOwSFQrublwhP63zkd_gRnvKDpHnlwiUXjpl_1S5kcJsh4v0a2PRo6bPdmVqwN--tK8fSxeBmFdVS8iEaBlvUeM-0MH7ssNGuZjUz8c4FK2UoZr-l5JqBEm-mKeQW0EflESUl0hnoEv4HnaNMIVR6B99n2Kq9heHECU-WZW8osYiKFb6Aoyt6JN69eizGNNS7K_9HqJAEwmEbvc3U6b3sG5kseD4jFmUfjSAXVrjv7tmt8_oze4M-j-1Y4PBYB39SxANcVRqi8YS3irkGFOPNAWvoIqqR3aMOS9d4okH64nuDKE0sNaXUa0_Csktte2SROnxGBcBrjCL31K3ovzG17oraQdV6mrC--5M8qjwktvKbHnAup3PlkFIxIvgjwbliN2Xk0O9B52pSiN9rqqdRF7Sddly28lYENNvK5WsA3H_ig&cid=CAASFeRozlvKMKriZeJJA9P5ydC9Q0Q5og&rfl=1%2Chttps%253A%252F%252Fwww.canindia.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 22:46:26 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame AC50 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caf8a209d0754660770bea1e2339b58f8e478d46bdc0d39f4b0036e013e752c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8678
x-xss-protection: 0
server: cafe
etag: 10113807418347468566
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 23:01:52 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6F76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1

43 B
894 B

34ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVtOi0r_MAhnMQSZmvye07IsfPh89djPAYepupyH0VOCxoxVbQThevIERWzrjwAYK1v7U25tdTusdedkO5p5I9ax2lldACYjmqew-jKqYRJRBdgyTK7ZXc6UzvbiApUtSJVNp0YdItzfVAA4HTmizKzaZUfV86INkqQU-NDJTq7oUdWcnw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 23:02:52 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 12 Jul 2021 23:02:52 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6F76
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOzKHD2471kneiMrAu6nOwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1

43 B
894 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVtOi0r_MAhnMQSZmvye07IsfPh89djPAYepupyH0VOCxoxVbQThevIERWzrjwAYK1v7U25tdTusdedkO5p5I9ax2lldACYjmqew-jKqYRJRBdgyTK7ZXc6UzvbiApUtSJVNp0YdItzfVAA4HTmizKzaZUfV86INkqQU-NDJTq7oUdWcnw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 23:02:52 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6F76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBB8znWZEvN_nXi_eDLlAF8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1

43 B
1 KB

28ms
26ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVtOi0r_MAhnMQSZmvye07IsfPh89djPAYepupyH0VOCxoxVbQThevIERWzrjwAYK1v7U25tdTusdedkO5p5I9ax2lldACYjmqew-jKqYRJRBdgyTK7ZXc6UzvbiApUtSJVNp0YdItzfVAA4HTmizKzaZUfV86INkqQU-NDJTq7oUdWcnw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
X-Proxy-Origin: 185.210.217.140; 185.210.217.140; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: da72e0b3-3229-4f1f-bec2-0f2de919483a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
X-Proxy-Origin: 185.210.217.140; 185.210.217.140; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3de7a29e-33d6-4fba-84ed-876112583da3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6F76
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
X-Proxy-Origin: 185.210.217.140; 185.210.217.140; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 12142845-5069-4bea-b862-2b2bb46f8009
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1

43 B
894 B

34ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNWiAdhyegiaB80s9CWbvMiqGqwhuem7NE58HPWVpWEwy8TIQRBavwd1C5XLcmBq96xZH6u6Zqy5DiR9bQmbKnlnzwvX0yn5mZauMPgKb6C6T549O8DOr6qleCrYVnsn7mfkWAXJlX9waaFjBK52_vo6y2DFGpRbpgQhkINZ3ccG3wuV0Xk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 23:02:52 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 12 Jul 2021 23:02:52 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF3A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YOzKHD2471kneiMrAu6nOwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1

43 B
894 B

39ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNWiAdhyegiaB80s9CWbvMiqGqwhuem7NE58HPWVpWEwy8TIQRBavwd1C5XLcmBq96xZH6u6Zqy5DiR9bQmbKnlnzwvX0yn5mZauMPgKb6C6T549O8DOr6qleCrYVnsn7mfkWAXJlX9waaFjBK52_vo6y2DFGpRbpgQhkINZ3ccG3wuV0Xk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 23:02:52 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHeEZc8Ftfb5ifda9aOMoS8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame BF3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBB8znWZEvN_nXi_eDLlAF8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1

43 B
1 KB

26ms
25ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNWiAdhyegiaB80s9CWbvMiqGqwhuem7NE58HPWVpWEwy8TIQRBavwd1C5XLcmBq96xZH6u6Zqy5DiR9bQmbKnlnzwvX0yn5mZauMPgKb6C6T549O8DOr6qleCrYVnsn7mfkWAXJlX9waaFjBK52_vo6y2DFGpRbpgQhkINZ3ccG3wuV0Xk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
X-Proxy-Origin: 185.210.217.140; 185.210.217.140; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4d835107-5323-4db1-a952-7b3257f52e10
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
X-Proxy-Origin: 185.210.217.140; 185.210.217.140; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a2d63d1d-b431-4f9f-949a-21434b95f85f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBB8znWZEvN_nXi_eDLlAF8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BF3A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 23:02:52 GMT
X-Proxy-Origin: 185.210.217.140; 185.210.217.140; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c19f95eb-59a8-4875-9bb4-5791dcaebb5b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMyMDQ3ODc1MjA0NjI3NDgw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 CHG-tesma-300x250.html Show response
s0.2mdn.net/sadbundle/2840640897156067158/ Frame AA4E 6 KB
2 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

690111ac8ed97850572ac0fbd28b2508af41618cdafdd4dbee2eec7e78065c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/2840640897156067158/CHG-tesma-300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2388
date: Tue, 06 Jul 2021 00:51:26 GMT
expires: Wed, 06 Jul 2022 00:51:26 GMT
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 598285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A35F 0
61 B 67ms
66ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxlCJzMEbyxtzaT1TiG1KcIx3nZVWIsLB7nG45oJufXI0azpfTWqub2nkGINcl5ioW47maE9XCIvTAlB5-EhrWb2WTy5_Xsp6KBV6CBFgSJ87_CwLvnF4axL4VZTa-PCIQqsVEgWSdcSY9JNdlX46rH6oJitJFugJEyv6r6XgarQysxnsBIrewp-Ya7uK-xEa9dqu0ZGsCfTkm1RHtR95ZZcnhEEnRx1rFBXPpdPEs9XhP0EYXBaqOZ4aD3PvmPTXCH2uwfdyfDzD-AfFdG8NXxT8WrM_RDcAgNezEyCWZ5FFXxmpHnZAmQNL4_nkrg1mcrcbJj1peNe-jnC380CnPn5KO14PVcHyEoacekVbRxBFsPkjRm4c19JSBYj0c4gsp7W39B53S7ZmJrs-f9B-5wkft4T3OZ0hroWYD-nvlXIisNm_THvyWcE7tKB1-WbtZR0jGdB4z1RbTVHXwTqRvWv_uJFHwIIS6Qv4ytDJeJUTkpTi4fQmvfeOsbJuXMESPC9h8nmBhovsuaH_UVYhy_Uv9rZzHEzLals0RJ5YkBpBGSsytUDiMxw3XUm7SWzKSeOFnPukK-8ouykDtLpKQBwnbxmx8qHj5jOFtx4Sj3W3pZ95NA_ELZOseJh0Z_FFJDhvxi570NwwBrvybsZmEMexQayvtOIPEB7jubpNDFPypixn3ffFxg-uONMEXXeBE7FLDLfnS_0V9UVSs4yYToOeX_sBXf0qfrB1g1zxuzQBDpSFJnwyOTVopYRyatvEJTZnYxfAM5Oqw4MWkn9XnyWb4tT7JiGoa3XiBwpY61b4Dflw6jTp-D6K_KLVleKBjyYyaCjsBTDsop8FLqaEYewSvXsyak7IrOeqgLVldnHtKrVw2ImAthicZWku-qt02GUv2nIPEvItTdWn0LDpsM6h1szfkPlcyJL_tdrEh71Z_PPNTg_abMJDnM9YxpwjeCLA8orvBtwidUWe_EWFbcp6ksLdpFq4UNfE80DVmjgUIdMOdtJk-2EgCGwnWYv4y1oO492ayhsuNBVGqydOVM7FlvOKcE4j9DA-H6ProKjsFbi8QGDRQodNncGY56n1C4AIz6LiVB4C5BEO9YoAqBQUR3GP24lZhdwwtfe4Oy7E-oC7AAjMfIcCpVgMHLuw_0HOaVFzJdmxE&sai=AMfl-YRmlkVm-JkWpcc3SITQdk7ICtlyf1HWsKRVadRDAZtQNxItgjl8XCp1BB2cbDh8vadyEaNhgbRK7RwoqU3oJftxAGD_x5OgwAXpOjGAVCH7BATgdS3S8ftcFSe7MoGRu1Ge-kpOsAumpqcnF_EHQMFgRP8OSv3neCO8740fy87GQYSxelGbgW6DTTFh_B7qmAnGzMMCY37XLqcbbiHpUuo9-tWRcHk6d5EITOhvcRfDaGJRCfrKP4Qj_xRKMtqlwN_yN1zPnJLuvSwIJs7n4UtdIh4iAxEyBzyBrulJDQgDOHXfYuclh_-J-WHsjXVz6M1mGShHPJxp1TzJRQlcbswfqxYWZZwrQWVEokVC_JflR_m44Ppx3FoAXHT_drabwg&sig=Cg0ArKJSzOaHxcK4YEXjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=229&cbvp=1&cstd=226&cisv=r20210708.71339&adurl=

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 12 Jul 2021 23:02:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CBAC 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 16:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 16:42:41 GMT

GET
DATA 200
OK truncated
/ Frame CBAC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 237f7ff8bbbd70b3bbc555cefe831e325713750b78a19d66303d1a108dab9817

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D85E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1

43 B
106 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVUt2_NUGU2FbymKPiRM1iY-gcFZHdLg8viTQ3KiUCE88GdHKPfpqSVvk4cEcTZnqQlU2g2KYcYUBV2286bEkFYNpEbzOo8JnBstflFLN86zV6ngm5ya_jjX5qjYOscGQsb_Nkq3Lyudr08pbeBhZ9sZMmGbW0bOpvCh-0NSZ8cj0Du8oQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1
date: Mon, 12 Jul 2021 23:02:52 GMT
via: 1.1 google
server: OXGW/16.210.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D85E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVUt2_NUGU2FbymKPiRM1iY-gcFZHdLg8viTQ3KiUCE88GdHKPfpqSVvk4cEcTZnqQlU2g2KYcYUBV2286bEkFYNpEbzOo8JnBstflFLN86zV6ngm5ya_jjX5qjYOscGQsb_Nkq3Lyudr08pbeBhZ9sZMmGbW0bOpvCh-0NSZ8cj0Du8oQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: gzip
server: OXGW/16.210.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame D85E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1

23 B
172 B

72ms
58ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVUt2_NUGU2FbymKPiRM1iY-gcFZHdLg8viTQ3KiUCE88GdHKPfpqSVvk4cEcTZnqQlU2g2KYcYUBV2286bEkFYNpEbzOo8JnBstflFLN86zV6ngm5ya_jjX5qjYOscGQsb_Nkq3Lyudr08pbeBhZ9sZMmGbW0bOpvCh-0NSZ8cj0Du8oQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 12 Jul 2021 23:02:52 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D85E 23 B
172 B 131ms
57ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyegZYCEITw774CGJ7rsZ8BMAE&v=APEucNVUt2_NUGU2FbymKPiRM1iY-gcFZHdLg8viTQ3KiUCE88GdHKPfpqSVvk4cEcTZnqQlU2g2KYcYUBV2286bEkFYNpEbzOo8JnBstflFLN86zV6ngm5ya_jjX5qjYOscGQsb_Nkq3Lyudr08pbeBhZ9sZMmGbW0bOpvCh-0NSZ8cj0Du8oQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 12 Jul 2021 23:02:52 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D872
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1

43 B
180 B

26ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY69z3lQEwAQ&v=APEucNWveyT3WyZp1CMRNZqw4nJaxRTp2myjzka_U72EkfhyEaUxqaMu37bVAT6GXZGnSFXhslOdM2tWoKuUXYD3bas248mshTj6eBtkTmWFxWd1Tois67Ap-puW9lssXGFCglXKp2RJNGTIS_yx1ng_Jv4rR1ejFEYOvtmlZIQtbT9vauTNl1g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJsJ0SV1PqtIRiVUM-UdEg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D872
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY69z3lQEwAQ&v=APEucNWveyT3WyZp1CMRNZqw4nJaxRTp2myjzka_U72EkfhyEaUxqaMu37bVAT6GXZGnSFXhslOdM2tWoKuUXYD3bas248mshTj6eBtkTmWFxWd1Tois67Ap-puW9lssXGFCglXKp2RJNGTIS_yx1ng_Jv4rR1ejFEYOvtmlZIQtbT9vauTNl1g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: gzip
server: OXGW/16.210.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTJiMTE0MjMtODZjMy0yM2JmLWZjMzAtY2U1ZGZhZjdiODhj
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame D872
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1

23 B
172 B

64ms
64ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY69z3lQEwAQ&v=APEucNWveyT3WyZp1CMRNZqw4nJaxRTp2myjzka_U72EkfhyEaUxqaMu37bVAT6GXZGnSFXhslOdM2tWoKuUXYD3bas248mshTj6eBtkTmWFxWd1Tois67Ap-puW9lssXGFCglXKp2RJNGTIS_yx1ng_Jv4rR1ejFEYOvtmlZIQtbT9vauTNl1g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 12 Jul 2021 23:02:52 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEAg0TxBAh4Jt7PkEY2axLWU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D872 23 B
172 B 113ms
54ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRDcgxoY69z3lQEwAQ&v=APEucNWveyT3WyZp1CMRNZqw4nJaxRTp2myjzka_U72EkfhyEaUxqaMu37bVAT6GXZGnSFXhslOdM2tWoKuUXYD3bas248mshTj6eBtkTmWFxWd1Tois67Ap-puW9lssXGFCglXKp2RJNGTIS_yx1ng_Jv4rR1ejFEYOvtmlZIQtbT9vauTNl1g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 12 Jul 2021 23:02:52 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0CBC 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 12 Jul 2021 16:43:07 GMT
expires: Tue, 12 Jul 2022 16:43:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4940 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 12 Jul 2021 16:43:07 GMT
expires: Tue, 12 Jul 2022 16:43:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 67DF 236 KB
63 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:02:52 GMT

GET
H3-29 200 CHG-tesma-300x250.js Show response
s0.2mdn.net/sadbundle/2840640897156067158/ Frame 67DF 11 KB
3 KB 7ms
6ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d21108ca3a187894be959acd400168145159575dbd333f96520496bac0bbe5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2760
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 19:14:15 GMT

GET
H3-29 200 be-NL_Top_CT_300x250.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/ Frame 7A4B 2 KB
920 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

944ad3d3f38d97777983d50b7ef0e7eb3e5e497ede469b148d09173bea4af902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 895
date: Mon, 12 Jul 2021 23:02:52 GMT
expires: Tue, 13 Jul 2021 23:02:52 GMT
cache-control: public, max-age=86400
last-modified: Mon, 11 Jan 2021 16:00:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC50 0
24 B 96ms
66ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz4kF6HuJZnK23TOijPUDuYkWrIaNc0IzMqidIKik3H1N_rLJFxh0bXouNfsRnmZVt3OIWm6hB6mdTAp044ULEuRWNO1rgESMPySh_Pr9ZbvhwL2Nn9gQQbJabWs0Zn3COMT6FTTFQgVuVeVIlTCit0IsCF-C1TTJLdvjyrpt-MzlTCvUhG9CaQ19Zmu2DW4xnIwg9jburUfXv0-HrYpRc78W_mWJ2jVJLjZuRgQTLH6biUnveYojjerjiYvVeJkHUZ9i2d-HqCdEXDoG6P4uXqWYzUSdF74m4LgxvVXg2_QyzATpClItWal1SktYOf-gpQ3DzG4K1ckvAC43FaG6J4knZ2KrCTK00tlU-ZUlLVr0Nepzo8kl1gsP_uy2E-Ynoxll1JOuxVib8PeBRY91fABZqhM5Q8SvpyQ_PPhIOqr45wmWftAY1UCsG6qsxrWBnv-UDdgHa9_ikTlwpgzyYjx664UmYgxAP3AeND0MelNJWh7BbgCC6tp_eQpZUUqQqSF6fX57zRY48P2LWlPelKzWaxkjko-7rQE_g6x9WP9f899sC2g3qf6OBQIP3JboGThmLiSW6IiPlUjVNxLjqScHbbiN7sAAw9Bc_2pDf75mxTUW_0sJJ6RP4F45xvvzg5krXX1rl1FOEFJ6oBXOs_Wv_uYIZ-VgLFW9Sr5tRdtO3wFgK0e19iaoYn1RrFQp_-41HI2G9SM7MgbvYx6Y0FB6zajGH5bAIJHThXbxMqgq-ENZgQWBRfKXprOFqs8-XPyUcie6SwR6iZpNs7rOM6osTJYtakVSoyWtRR8B5cvPEG72cPHigqczSNS7i5vF7mb6TXGkMXK9B2v_ggY_C-5p5O8jBQawNF2KIWv5a0L1R8i7IqwDSlIVv06zuSegTot5niWe69YGt6AJ_1_cH1q8-9C6zu9D_VxCOpZZegUw4cKzEM9JHmFDrg_-wbWnLZvNSwaMWJ_uFM00gEeu2fZPR3TRftPnEEND4CfDsYflcJK7O-deawqWimzB3RI4aLDY8_gDqq_-YvOWyOJd4hepeO4VyB7fBdcPwdLIBtHnkcNHQnwZNwLAKuaiV4VDIR_zjVlY9AGJ3QDO8Uvx69WZ4hexBAbya7TYLorrzyYkkA7vbijbIV9ztkhHgfRWxJ1rzBY6kB3hTqewv5K0QOA5WFX6kjylvgGUQ6UC3BIi8FCmUkdoYXUiLlQgCkQHFLH1Xu1NtZehnFgL-&sai=AMfl-YQVFC-NzJj34a3RhX_xbdAMmVEi43MnEf4a9ztDGxpteGiGLW-fmVJrD0Wq6wxzjnMmZA42eOgDbzllaOpAyYOx1JTahXHPbc1sbAU_i4KyDEq1u2jP6wBB_xdMjOkOAbp72MpCD_yn9JJtKxI1WqbCzIsOEIWSDze9IwI&sig=Cg0ArKJSzOLNm0eNASl-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&cbvp=1&cstd=115&cisv=r20210708.49074&adurl=

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 12 Jul 2021 23:02:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
opt.objectiveportal.com/ Frame AC50 35 B
528 B 106ms
27ms Image
image/gif 195.201.152.90
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opt.objectiveportal.com/pixel.gif?customer=COO&brand=COO&domain=VL&process=banner&campaignid=24987771&placementid=287383586&che=1116500119&cmsiteid=1706137&adid=500788713&crid=142167629&gvalue=ct=DE&st=&city=0&dma=0&zp=&bw=4&keyvalue=0&line_item_id=51571645&creativeid=314437227&exchangeid=1&insertionorderid=20578564&sourceurl=https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/&universalsiteid=40418772615&auctionid=ABAjH0jo05e3IOJWncKgPv1kogXp&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.90.152.201.195.clients.your-server.de

Software

nginx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: cc8e8a06-60ed-49a1-ad8d-449c0bda3375
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 35
x-content-type-options: nosniff

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 85A4 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 12 Jul 2021 16:43:07 GMT
expires: Tue, 12 Jul 2022 16:43:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D64B 236 KB
63 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:02:52 GMT

GET
H3-29 200 CHG-tesma-300x250.js Show response
s0.2mdn.net/sadbundle/2840640897156067158/ Frame D64B 11 KB
3 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d21108ca3a187894be959acd400168145159575dbd333f96520496bac0bbe5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2760
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 19:14:15 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AC50 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 16:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 16:42:41 GMT

GET
DATA 200
OK truncated
/ Frame AC50 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 571ed826c86b48ffe0ab660887c14eb23e60182a49b75bd1d4ab4140705576db

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AA4E 236 KB
63 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:02:52 GMT

GET
H3-29 200 CHG-tesma-300x250.js Show response
s0.2mdn.net/sadbundle/2840640897156067158/ Frame AA4E 11 KB
3 KB 8ms
6ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d21108ca3a187894be959acd400168145159575dbd333f96520496bac0bbe5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2760
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 19:14:15 GMT

GET
H3-29 200 CHG_tesma_300x250_atlas_1.png
s0.2mdn.net/sadbundle/2840640897156067158/images/ Frame 67DF 128 KB
128 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/images/CHG_tesma_300x250_atlas_1.png?1614779076369

Requested by

Host: e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
URL: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c68e0cfd9fbdf87fe812efdc174d5d46dbb7dc20861df3dfd6dd1fcff8f1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:54:41 GMT
x-content-type-options: nosniff
age: 547691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131422
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:54:41 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 53C1 0
23 B 63ms
59ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 CHG_tesma_300x250_atlas_1.png
s0.2mdn.net/sadbundle/2840640897156067158/images/ Frame D64B 128 KB
128 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/images/CHG_tesma_300x250_atlas_1.png?1614779076369

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c68e0cfd9fbdf87fe812efdc174d5d46dbb7dc20861df3dfd6dd1fcff8f1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:54:41 GMT
x-content-type-options: nosniff
age: 547691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131422
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:54:41 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame CBAC 0
23 B 59ms
59ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BAD7 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 12 Jul 2021 16:43:07 GMT
expires: Tue, 12 Jul 2022 16:43:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7658 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13336
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 16:02:05 GMT

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 7A4B 110 KB
38 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jul 2021 07:31:38 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 7A4B 114 KB
35 KB 31ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 528200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34868
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c604"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ucmntXOCnRmYYmHD4T1rtn8Va5KTc%2FG7T2%2FcKmnOQHgJlN5MRttMkxZ1Mgv1VKmSPY63YdmuCn%2FSd8A2hDEUVwVzrnlPvvEyA0w0hSjxmc1uIx5RQ42LL6JKLdlt5i3xnHhYeVzSqQIBV4Yrag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66dde6d00c14c2c7-FRA
expires: Sat, 02 Jul 2022 23:02:52 GMT

GET
H3-29 200 CHG_tesma_300x250_atlas_1.png
s0.2mdn.net/sadbundle/2840640897156067158/images/ Frame AA4E 128 KB
128 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2840640897156067158/images/CHG_tesma_300x250_atlas_1.png?1614779076369

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c68e0cfd9fbdf87fe812efdc174d5d46dbb7dc20861df3dfd6dd1fcff8f1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2840640897156067158/CHG-tesma-300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:54:41 GMT
x-content-type-options: nosniff
age: 547691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131422
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 16:14:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:54:41 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame A35F 0
23 B 61ms
61ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CBC 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 16:00:31 GMT

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4940 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 16:00:31 GMT

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame 85A4 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 16:00:31 GMT

GET
H3-29 200 Topcontroller_CT.js Show response
s0.2mdn.net/creatives/assets/3997469/ Frame 7A4B 31 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3997469/Topcontroller_CT.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309de750bb2c32b58c49494bb2d09b6f858750ad306edc6ad0fd634a5cf57916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4086
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 07:17:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:05:19 GMT

GET
H3-29 200 b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js Show response
pagead2.googlesyndication.com/bg/ Frame BAD7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13336
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 16:02:05 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC50 0
23 B 61ms
61ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.canindia.com
URL: https://www.canindia.com/nepal-telecom-call-details-stolen-by-chinese-hackers/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 cbBdsV2.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 7A4B 22 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3997469/Topcontroller_CT.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce12c6a858d78dbc3b062ff1905ec4e84e23e72887f6c054f7687d19ee8aa0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4666
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 10:44:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:05:08 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A4B 5 KB
4 KB 28ms
15ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31882157ed33128f8ed6a534689412e6cd2890708bb493ffd626bda077581ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4258
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A4B 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:02:52 GMT

GET
H3-29 200 cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 7A4B 20 KB
4 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c51f616467ff036ffc3cda167dd0767f1196464c04e6753c10fdecf489fdace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4002
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 12:37:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:12:20 GMT

GET
H3-29 200 cbLib.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 7A4B 40 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/cbLib.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1a0719678f9792e144181b228af747aefbfbd1f7b41eb6c29fc6be3c9aac869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9709
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 13:41:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:03:11 GMT

GET
H3-29 200 cbResourceList.js Show response
s0.2mdn.net/creatives/assets/3781309// Frame 7A4B 47 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d28e7a8f242abc2b5336463dee144e66be43926616caeed6732390458914b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6265
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 15:14:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:07:06 GMT

GET
H3-29 200 moduleList.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 7A4B 5 KB
830 B 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/moduleList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ab967337aa8edae5bb0cf87c905b770b76b85be76de75eae74fa4c6041b060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 802
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 14:23:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:07:19 GMT

GET
H3-29 200 AssetsList.js Show response
s0.2mdn.net/creatives/assets/3757766/ Frame 7A4B 1 KB
328 B 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 302
x-xss-protection: 0
last-modified: Mon, 04 Jan 2021 11:52:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:12:20 GMT

GET
H3-29 200 dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 7A4B 11 KB
11 KB 7ms
7ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:59:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Oct 2019 14:21:22 GMT
server: sffe
age: 214
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11356
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:14:18 GMT

GET
H3-29 200 dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 7A4B 28 KB
28 KB 8ms
8ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:00:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Oct 2019 14:21:00 GMT
server: sffe
age: 159
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28524
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:15:13 GMT

GET
H3-29 200 aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 7A4B 20 KB
20 KB 8ms
7ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:52:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Oct 2019 14:21:37 GMT
server: sffe
age: 637
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20060
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:07:15 GMT

GET
H3-29 200 OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 7A4B 95 KB
58 KB 9ms
8ms Font
font/ttf 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59331
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 14:29:46 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:15:13 GMT

GET
H3-29 200 b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js Show response
pagead2.googlesyndication.com/bg/ Frame D80E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 16:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13336
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 16:02:05 GMT

GET
H3-29 200 carousel.js Show response
s0.2mdn.net/creatives/assets/3782701/ Frame 7A4B 61 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782701/carousel.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed99e90ee1e28944cb257b8a06d730a89f3cbf40dcb2f102b8414e80897dabda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9789
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 11:20:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:13:51 GMT

GET
H3-29 200 productCard.js Show response
s0.2mdn.net/creatives/assets/3782707/ Frame 7A4B 84 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782707/productCard.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9f3e170f656b7844744c238ddbe5e4735819b7e35d008ced198d91a9e6c552c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10008
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 08:52:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:13:51 GMT

GET
H3-29 200 uspCtaV2.js Show response
s0.2mdn.net/creatives/assets/3782491/ Frame 7A4B 8 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1550
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 09:59:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:07:09 GMT

GET
H3-29 200 Top10Design.css
s0.2mdn.net/creatives/assets/3997469/ Frame 7A4B 10 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3997469/Top10Design.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

381375e2be635408860be657e0e14613c8511cc9787f87d433598ad2b0e476e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1602
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 10:23:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:05:19 GMT

GET
H3-29 200 BE_NL_DISPLAY_PROS_SA_TOP_CT.js Show response
s0.2mdn.net/creatives/assets/3782500/ Frame 7A4B 30 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782500/BE_NL_DISPLAY_PROS_SA_TOP_CT.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d5d31924ea6003926bef18ff37c5f6ab8834a563def2f21315f621b0f3c613c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2529
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 16:22:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:05:19 GMT

GET
H3-29 200 factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 7A4B 1 KB
395 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6179c4db6016209d3297febf8a9243c7356e99b52cb8b3c7e7b72c0bbc7dbaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 11:09:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:12:29 GMT

GET
H3-29 200 factSloganSplashV3.js Show response
s0.2mdn.net/creatives/assets/3782803/ Frame 7A4B 29 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7796e59e90d924602c994dcaa079b02f08531f3c0be7e98a595b8f399b659155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3958
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 12:04:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:12:29 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C65A 42 B
64 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst78AnnQ6ni4V_8oAe87SgQehh431NkpkmuaI6caAQIMrMwocnM09ptEMQi1456qQ5Iup4mmKOt7ajR2tIzqxkotIB8IRv2hKfywZW2nBNwla9y8dzR&sig=Cg0ArKJSzAshiKtahmreEAE&id=lidar2&mcvt=1039&p=876,990,1126,1290&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20210709&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2298584938&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626130971373&rpt=279&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 06B5 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIOa5jYxO2biYCLrFHfOJNj2654e2MXQYcFiDapwdG0Th5IWbWnZTJnUj0GndRj-WmKGpgqqkTpxMm20ON5LW5NdWFibrvxZ7PQE1L24Y07IejcwVA&sig=Cg0ArKJSzGguYgVflA0hEAE&id=lidar2&mcvt=1045&p=48,577,138,1305&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20210709&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3490628154&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626130971517&rpt=229&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 uspCtaV2.css
s0.2mdn.net/creatives/assets/3782491/ Frame 7A4B 5 KB
790 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782491/uspCtaV2.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 758
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 14:10:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:12:29 GMT

GET
H3-29 200 carousel.css
s0.2mdn.net/creatives/assets/3782701/ Frame 7A4B 14 KB
2 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782701/carousel.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

237c7b47a1aa95b662e01c9628165f3731cda8f807109d86e2fed9a9b6ff7f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1679
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 15:40:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:12:55 GMT

GET
H3-29 200 productCard.css
s0.2mdn.net/creatives/assets/3782707/ Frame 7A4B 110 KB
8 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782707/productCard.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

937e538076ed7b876c7f25211946fafda156fc508e98a3b68a6acb59181ae0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 15:31:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:12:55 GMT

GET
H3-29 200 CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 7A4B 5 KB
1 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1492
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 07:30:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:05:10 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021070701&jk=78647722443472&bg=!zc6lzorNAAZjFomlYxY7ACkAdvg8Wi080bef5MUhNwRn-4pUR4nVpJ5vrY3e7ITh6-O4oQiY6QQhWQIAAAHvUgAAAF1oAQcKAOBO3wgEXBf4CZCDMjjayMOjD-q0wofO5PwvVdBJyjKeF8Q8fSlJp7IOGdXARoeBDLoUvLJ19OlrR5kH6Pr1nvaPyGMc_B66ertEv5xzfDZimSdZo6fomBj4PuqhK_U6NxxrUsUCLC92umecs1c6ASiZAebJiOsVT8S8r62lEewy3Rs8UKDHcSqo4lpeqwFtA94arsbLNWJQh5Qn5kldHyaBu7Nix6EPdeXXUXFfXpdmZqitmzYLZISlTHYEVr7mx2x0ox_cGDXuD6hl2Ar5flVuWOOmIaLje2YvPhBZdXkMnZkCeg35ocxPdrz6l8monIY8ZFM9SA8U9KkDJNKqVz3qtyFXqexSaXfOpnkMQGbvK57v05qertS55SsF4EdGJ0PCM62BDYb_jE8Bw6DfOKVE4uX9QyUY2MQ-XwIfRrn3VhObRTMAIP8Bj7HcG7QrsJ9HExIhbYh_A0LFCrFQF3hl0KFJdAERkP0HeZltbz_ExcyOigOV-8Z4cQDq8ORY5A1_G_O7wh1AeXhNGDZ1PMIAdXMT5WHpQ5J1OukS2XpKyLtHL1U55ST01JeWkZeaMI4VPlgrQc809aVGCC74sS9Q3xmQwBvLlUkIOViT9aYZMDH0CA1EHXfeQgzhNH62rElnItkNKzXi2TrLx-AlwKr6gZKRfRlcWLas1qHjRMwA5pJnk33zMKIiGS-Y0SwIipJmq6tg30O0Y1vP77jdhKo8xXK5kakMt3Hyr5OxbldWUGTkVk28C7-nSLSRkeNUXCTrNfeOrQjaCxds8aiuLP-_ltpOl3etpVxYdEZbgIviPBl_0Qxejj_tzIkU1-v-chaS3qzQek61U5h-03BsqWoCE3meEZv7JCS01aHCFGSfQksuQyVutC7SVJCL-DP-s9KKdhcQwo88_nQytJx2arQ-6cp7wZtbehCwZI3g9ziaR1VU5tVjNc3MKDfAQP5ihS2u2L3SP2bjIB5tUWHsRU-oHPz-wNW4EIjfpNpbfiupj1GeGE-TiRmzjR63wBoiVXV8zE9iyhDE9ZZa6ZLXqdP3xKPVSyCdJyCOIxHGhhi411gpsm2no2m5fSBd-w46GQ7UqoDkIHTUBlPaaETM8OVf1rjkld-5n7JtgFBdcafhl7Kf-qap-WYAOYrxmdU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CBC 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BayyIGsrsYMSlCIC4x_APkP6PsAoAAAAAOAHgBAI&bg=!n5ylnNjNAAZjFomlYxY7ACkAdvg8Wt96WynWFpU9-H0XxBjeSYWAYkJdTAUrzMAJ2LYHK-ApxxT94wIAAAHLUgAAAFZoAQcKAEGxW9jLKgbBNCtCvAVS-Jfh8-WVK0HPwTtL0Z8unqWHjDfiFz8h3bXQUTNGBc3yB7mUNe2lM4Afp9gwY9re0nggIJkCxF23jdEIk4mILVuwCtUcrpBhVjkicw4AdyfxCCuEEP0mTGv5jE75A5zHIlBqmp7iMHClz7bo-h5dmwE13FiYDKQYm_X0643fwlIlLmJZ0VIPvKoR4597C5XmdrM0QGNCyvQjm58DC68fUlctZQuoK9DNW8J4J9Ar-XmVuIXc-mCzzOsh1M75fQMcZgh3s7AGrnY3MarBHdoJLhB8KpmTxFxhPMCx1tDhe9qfmzYMrB1yTUVCCrRUd3gDpNqHsXo1o2i_kMyW4PKvf7IBmRZFJW1ka3ougZFZCqjGnxF3izdyvrlmfN0Yx0wjm7Iyk4Fvo5tXUnJPUMDSV8RL5YpGfeQMXPCZlhR0tFCtKakkRr8toKmTzH2aOiNKE0VxnUjoTqEuw045PCwZ213Cghks4THi3HrSkLYYivdPw92EaXG9pOLSEm5Yze7GhXDlb-d5-5DxGCahLs8vl6ae9MM11CzsPdgZ7WXYBskDPrpjoTZljtmecrsXN4s3wT3Qhporvrq8UCGFoXqA-AXqcsxfAcQZ0nr0SLO09DkfDuWa9tcG0goFrSYkAwIPCZ0WUzX-7gjoQcmOH8BTUvIMjOLwMmE5pQMwkNn5HcqAlxpQFyI757fBwGaRmpGiYBLwOYI8746XPRjNg3bwBqHUEl7wKtMvC7KUl-PC-nD0tZg0jG7KsAbz5GvX4BxalnvnkqjX9dwY6xIO4gBP9S3p11sTrdNQ-ty6CYWMt2LOKyAw-3ZMXcrNYbufxGLKCgmTP9f_WdXaywzNFjj-GYzSZsdGVP7SOo8YGovst5CGrI0OyhP_oH3n_eHSBSsS_giPGJ0Nq2jujleumGBZxHc0iSZ85vclPLQJ1Xzkep2eKhQ_tr37FRaV9Hs0kRxsD2e0I2-eUsRp4-d8S-PC--WwzDuzW5QpmOtEw60nD8xPmukFrhw7yG6GGw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85A4 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW95jGsrsYMelCIC4x_APkP6PsAoAAAAAOAHgBAI&bg=!jY6ljsrNAAZjFomlYxY7ACkAdvg8WttgpYs1zN-jUMztF_Vu4fiiXkHqRW4X0xSez-gpAxDG8NP1jQIAAAGoUgAAAEhoAQcKANO5jsvutC50ILAPY2BkR6b7L2tJSECfIpLWTcrliXTTh-CqnkktT1S7iJ9FM-c6LCh7aK7yIIP0v8xkDazrJV06W0hsWzDhlXkMpI9i9THvqCK1WX3zeNb2X9huHd3HZTRSs3xo0UiyNM7EtUpFmTmBuY6DyulJEEu5biAelExmPYXcZ3onJn3vx880vLG2hFfxEPAMGjlFq2QQzvxsSHGpM6RPpfumdbPT5tmbpQV-kH1qVZtikCgltPEnZD_t7tVTB9Frd1iZ-wjPyDi_4giZxUMLmQLChFNpqeEaJ0PKvS3q1oQpiQKg6VFYM7K94mw3z63pjEdup3_xS905GyxEk1lGOhumSQKU0a_S44PMmn4XP5_BrEK7LRIYZbs3HnK3bbg3SkFRepqB7JmzMAUNZ-_gM3raB2OzmkSuHX3sxgNtUe4H2Jrouanz6pPGp7i6afJNyz7SimvZAt3Dw3ABXPCG50KfYTQYIxLrUcR1pC8Fb2GUtXGVjD46TwuxT_HV6-cps4m8ieDKGb7hOQ2QvqUmNtaWtdxl_nL_J4BomoDQzkC4oun0Fzx4Ro1WGn6gY1SNiLSKEK3SK43GquIJyxw76p1HVM_vtJkreJXrw-iPgvKu48QmC1XXSHqAfiKJWgrMnfTOnnsUQdmZZ_x9JZCgCr_wh_l1XGC-6lekI0HEjmeqvcpG8VSKRx34grb7ThdsB6HEad1C5z862poOMAcBk9rYhd_LN-fwsAHhBsxPc3xzq6MBpPY3KT3zyF3qN1lpX33nzImmmKWSub9B6LvLCZNzQwXT7W8v8wN3Q8m_RE2OPL-9P8U4WsYgbAsn6XUNlIM92wTcfYET6-KplxBq0DHnaA0BIdONzt2Z8gsjuAHQ8IBlP84BELczmfFERoCGJQaCzrfAnTLa9Ys2KZDd4gn-MlnO9g7r4qFOYjffmvIVMb1f3r_SC_cGa9pi7NMcntsm3AVYeQPEwM_CaXgWg6-MTjPM-R5A1cxLPYbv1rSnbgGfedtyBf8jdxyZP0hOt5tM_51CQZNxWOwHjbWStHPIaD5Z8SDYluiUwJW_58dYW4CVCtk94Fqm2Y_pY82c4RBbCeCh8wDmuTaQ9Ph_8ovo3umdYQSUCW8LxF3bE8ACnMqZwCndzqUHD4ePGV-2OXRG3AvfF1EndPV-OJIKWnxdQYnEBy2azJCz_b8nBwGm_4kYWhnmQ2XaZb_062NnboV8XA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4940 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1aq0GsrsYMWlCIC4x_APkP6PsAoAAAAAOAHgBAI&bg=!7-yl7KjNAAZjFomlYxY7ACkAdvg8WnvC2TndvHoSLDZxVmftmSTXfuO0B-j3sJomCoDlaSbGidC6AQIAAAH3UgAAAD1oAQeZAsUeQl1Dv1uk-Jjt9_JLVRVx2IOvwcPJ8qN8KO3lJc6rPJksuu_w-lkyJRgpuM9f1urkpzL9t8YZAN8ahElCfGV-ZDhjJ3OxK9WHWm6AqvGGbhjkioo5Z60JK-59DjmO2OGEoiJDxt7_rSV5yUf_wkvkJqNQA3pew7sf5cOl2hh_pqPcs56vlEtqRSILKz6AAoulpQOJz7LrbucIB6AtN67SQjN6NLjJPZEc_GF6hoxmQmHPtXZC3K_Ucyrfj0gAVv0HUkxBLNnaeufaJnq0Mn9Zj4ETh7oWHMB6nzACmmvid4oypGLYDjb0w_dC-BT0hMQPT3maER4dSeP5G7iGP9Lv4XeLDegMQB5flvtFgggzqnmrMBZfgAWVIGzDCV9IaiTLLiwN5wmYfXfoVIoAR1Gmht-knDqUyIFEgT8vJGgv5PrZo6yhGJgB_Hu1pG7K6A7UGQlgAFiUUiz-HoZgDNcqKOMOuCCFCY-LUqIEjMf0kI2uOJn1yUN8nb30GVfO41_gq9_w1mvELwfaACsI_NxBSPyb5f7HVeZzVz8f2Um9tpcbXEXEeznLR2JVYvaT6k90lRXI27dSWtkivHQllMRwe4Yd8rW40jGtiqGaxHdQgtmJGF0WTqMctxzgf7w1-EVf6eRAXK_i8_KG7hRU4Z9w8_1ftLJM8IvKMXSK7yG3w1R5oQJHw4Hmi8gvdcIWycmlko5eeyuodZ8-d0jtxop-1CEzfxDUv9p6MP8dUha6LAkBnXNr5YzIWaMn5EA-zR_5KfvXCyw0oa49VgV8oj7LOv0x7rCoSePP3rGR8A_kptd_m56xZa0bbQluwhpQWCw_WWs3B64-pkLWsaZJEef-xHBvP_XVjBWr2q3tMnfWw2SeGdOXjR2x2eDFJTtV7PTIF6IIyQz6d5tCur2L-nUQbN1ViC7_eIDmskx0VFUJslFicxe3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BAD7 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHoNeG8rsYNqSL9Kq3gPj7oqgDAAAAAA4AeAEAg&bg=!fn2lfTnNAAZjFomlYxY7ACkAdvg8Wre2tO_Fad1akuJF7to1pOZtEG3bYtMjp4IJdAvfYfy5f56FsAIAAAGSUgAAABVoAQcKAKyJR4_6KveNi_5dqCRMn3Q_7h5fOrQKUMYeO8bheuf7tDIkJSlTWMeoFwZCLt_7aDxQj9TjPHu9EdGNlJfrX_m4u2OoAO8fKLYuFMw1gIPiuUKaOpClNmRI9g0MeCfGu94aNGGolVZEfjG7iK43IAqp0MmdeptHaKyK89cdry24p3Ehc7cSc_63GM_H5yfg0dGtYodQV-YRfEaepBNMIVFvQLJVs1y6p5SbEQAfmQLDUOU_PMgoA2FRFMDABWO9qc55F4EW2q6tbyfQPMa2UtHsvnImymsqsWNFM3JSixXCTVkWEaBshXLFm4nY0PvKxfMXhpcQZq10UBTFDUojQc6n6LprRLLokhVVwWLFj374DR112QN94VvVdeFKJHt6LqEEIe4JjUxTEKAkMxdHLoX65Lzn0htdUlcwjB6HCxN5sMtwCuXFkE_WME25jystFCrAy-0sQvFOQ65u4JrdlF31iH3PV6A0yhfSX4hxW5jIZmASKN_a0G80oYzmaVjoHiG9bMX8M28eLcrC2mpbjcwLq6CqNtSDx_8AJeI6yDItcZ2xBZGQx3Cnz2_YzbdGHgC76MMmqlps7flyaDmH2gu8JCokKY6lfGsscfPpF1d11o5qwlFuH5A7uk4_kqIdkOU8D_aS6Y0zdBBI6JgTL7WhHhH3UANKdo5NJM0kTnPL8NapnuiVY3d-IUjGylmGwstgqoOMCdC9fKwx82M_eBLz1bmWWtyQBrTIBQknOKJMFIL3lxfRg80alC00wKKlWkHoRRgrmeh7rHou5PgZnkJUxkpAgQSruRG9G3ng3sOUvbuLVEuNkdCcBAgPbn0nFYqToS3YDVeQeOHM5vDnN5WsjaYoEpoOE0fzTBV_mYQv1NTgpgn1G73nMAcqd8rsw9JLxEAdHsSk4OzRQC3vGMPvcJhsTLyIWq9AkJB0ca6kk7_H-vZAF6JdXWGlWl-B868xbnaDeQGt5ZbEF0DmsEp1oiGQnhnIWV7-bEiDEHxUH7khs20H6j_b1qzXRtQ7mI2Ov76QbK9ChSNpJ7jOtpEP0kW-5LE1WI5u_nH-t43y9dA0jgCkEjNyjjFtnH2nL0AO-lG2mRCRb2zW3fE8euJgX7B7WR3O_ZdfWfgmbyCMIb4lITPzpvNUlCsRc3pgC3SNL4Ju60YcXqQ460xiMPf4ZxE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:02:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bannerImage-874891.png_1611903884402_bannerImage-874891.png
s0.2mdn.net/dynamic/2/10738858/coolblue.bynder.com/m/b1a8e8f96600b09b/ Frame 7A4B 631 KB
632 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10738858/coolblue.bynder.com/m/b1a8e8f96600b09b/bannerImage-874891.png_1611903884402_bannerImage-874891.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681e097f8433e9cbd6c59f56f1a71b2deff644d1fb3d9f15f4557ed5cc6af680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 08:40:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 07:05:12 GMT
server: sffe
age: 138164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646591
x-xss-protection: 0
expires: Mon, 11 Jul 2022 08:40:10 GMT

GET
H3-29 200 bannerImage-861045.png_1615532749202_bannerImage-861045.png
s0.2mdn.net/dynamic/2/10738858/coolblue.bynder.com/m/51575192f57a4ea1/ Frame 7A4B 396 KB
396 KB 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10738858/coolblue.bynder.com/m/51575192f57a4ea1/bannerImage-861045.png_1615532749202_bannerImage-861045.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef36339b381ae023bff4ab7d9ae0cbf31c6ee3c11e77fa9680f3f66b577f82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:41:39 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 07:06:06 GMT
server: sffe
age: 12075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 405286
x-xss-protection: 0
expires: Tue, 12 Jul 2022 19:41:39 GMT

GET
H3-29 200 bannerImage-864665.png_1608793549231_bannerImage-864665.png
s0.2mdn.net/dynamic/2/10738858/coolblue.bynder.com/m/b9b0c3814b494b85/ Frame 7A4B 825 KB
825 KB 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10738858/coolblue.bynder.com/m/b9b0c3814b494b85/bannerImage-864665.png_1608793549231_bannerImage-864665.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

033e2392c7384fd130745e0ada28a131fbe6a5de4c8a9733141576f6fc8c45b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:51:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Dec 2020 07:06:47 GMT
server: sffe
age: 569470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 844549
x-xss-protection: 0
expires: Wed, 06 Jul 2022 08:51:44 GMT

GET
H3-29 200 OpenSans-Bold.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 7A4B 102 KB
61 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62275
x-xss-protection: 0
last-modified: Tue, 17 Dec 2019 08:35:20 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:04:07 GMT

GET
H3-29 404 be-NL_CBK_R_White.svg
s0.2mdn.net/creatives/assets/3782692/ Frame 7A4B 43 B
67 B 7ms
6ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782692/be-NL_CBK_R_White.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:59:19 GMT
x-content-type-options: nosniff
server: sffe
age: 215
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Mon, 12 Jul 2021 23:14:19 GMT

GET
H3-29 200 arrow-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 7A4B 659 B
487 B 6ms
6ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/arrow-white.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 455
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 07:26:14 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:11:45 GMT

GET
H3-29 200 circleCheckmark-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 7A4B 342 B
293 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/circleCheckmark-white.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb0574bfe55a33a197a4cb5b5ca86cd7d59974750615725975a908544409e019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61649346/20210111080009820/be-NL_Top_CT_300x250.html?e=69&leftOffset=0&topOffset=0&c=eQlNakkQ0l&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 08:59:26 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:05:22 GMT

GET
H/1.1 200
OK /
analytics.mailmunch.co/event/ 35 B
344 B 349ms
117ms Image
image/gif 52.45.250.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.mailmunch.co/event/?site_id=879582&widget_id=987737&event_name=views&cache=1626130978625&referrer=https%3A%2F%2Fwww.canindia.com%2Fnepal-telecom-call-details-stolen-by-chinese-hackers%2F&visitor_id=88716f4e-e0bb-4980-8b01-ea2def109bc4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.250.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-250-205.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.canindia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 23:02:58 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 dc_oe=ChMIx5rV9tHe8QIVANwRCB0Q_wOmEAEYACCgkZtG;met=1;&timestamp=1626130982218;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame CBAC 42 B
515 B 113ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIx5rV9tHe8QIVANwRCB0Q_wOmEAEYACCgkZtG;met=1;&timestamp=1626130982218;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:03:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIxJrV9tHe8QIVANwRCB0Q_wOmEAEYACCgkZtG;met=1;&timestamp=1626130982331;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 53C1 42 B
63 B 88ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxJrV9tHe8QIVANwRCB0Q_wOmEAEYACCgkZtG;met=1;&timestamp=1626130982331;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:03:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIxZrV9tHe8QIVANwRCB0Q_wOmEAEYACCgkZtG;met=1;&timestamp=1626130982353;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A35F 42 B
63 B 67ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxZrV9tHe8QIVANwRCB0Q_wOmEAEYACCgkZtG;met=1;&timestamp=1626130982353;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:03:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMImoy599He8QIVUpV3Ch1jtwLEEAAYACDNnOVDQhMIxprV9tHe8QIVANwRCB0Q_wOm;met=1;&timestamp=1626130982467;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame AC50 42 B
63 B 58ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImoy599He8QIVUpV3Ch1jtwLEEAAYACDNnOVDQhMIxprV9tHe8QIVANwRCB0Q_wOm;met=1;&timestamp=1626130982467;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 23:03:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 261502.smushcdn.com
URL: https://261502.smushcdn.com/165487/wp-content/uploads/2020/12/WebLogo2021F.png?lossy=1&strip=1&webp=1

Domain: 261502.smushcdn.com
URL: https://261502.smushcdn.com/165487/wp-content/uploads/2021/06/CIFRONT-HOLDER.png?lossy=1&strip=1&webp=1

Domain: 261502.smushcdn.com
URL: https://261502.smushcdn.com/165487/wp-content/uploads/2020/12/WebLogo2021F.png?lossy=1&strip=1&webp=1

Domain: 261502.smushcdn.com
URL: https://261502.smushcdn.com/165487/wp-content/uploads/2020/08/WMC-august88-2020.png?lossy=1&strip=1&webp=1

Domain: 261502.smushcdn.com
URL: https://261502.smushcdn.com/165487/wp-content/uploads/2020/08/CMCA-august88-2020.png?lossy=1&strip=1&webp=1

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.canindia.com/	1970-01-19 19:43:37	Name: _gid Value: GA1.2.1294368885.1626130970
.canindia.com/	1970-01-19 19:42:11	Name: _gat_gtag_UA_16196053_5 Value: 1
.canindia.com/	1970-01-20 13:13:22	Name: _ga Value: GA1.2.1969718353.1626130970
www.canindia.com/	1970-01-20 04:27:46	Name: mailmunch_second_pageview Value: true

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.canindia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js(Line 574) Message: READY STATUS: true
console-api	log	URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1389) Message: CBKLABEL CHECK false
console-api	log	URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1389) Message: CBKLABEL CHECK false
console-api	log	URL: https://s0.2mdn.net/creatives/assets/3782707/productCard.js(Line 1389) Message: CBKLABEL CHECK false

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

261502.smushcdn.com
a.mailmunch.co
ade.googlesyndication.com
adservice.google.be
adservice.google.com
ajax.googleapis.com
analytics.mailmunch.co
cdn.tools.unlayer.com
cdnjs.cloudflare.com
cf.mailmunch.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
e23c7f4e1a51afdc0433bfb1875ae9a0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
opt.objectiveportal.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.canindia.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
261502.smushcdn.com
104.111.242.245
13.225.74.79
142.250.181.226
142.250.186.98
172.217.18.98
195.201.152.90
2.18.234.21
2600:9000:2190:800:4:c961:9640:93a1
2600:9000:21f3:f000:16:6c74:88c0:93a1
2606:4700::6810:135e
2606:4700:e4::ac40:a10e
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9a
34.205.198.58
34.98.64.218
37.252.173.38
52.45.250.205
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
02159cd3570c28fb35026c7708464a7fa408568bd8c56c75c50152fc7e624214
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033e2392c7384fd130745e0ada28a131fbe6a5de4c8a9733141576f6fc8c45b8
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
0a498b0ac9531641cc6db93fd9227d7fdb550f4ec4b343948468d11f2eac81e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2
111cea4209818a9350fc28c5ecf46ef9c0b3f3044cc7e0f8c3d197a725d3cca7
12553128ae4c4503a47c817c5daa573bdd55adb190797cf29ad3a74b44290f5e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f
1905c244aad05b0ce40cd83df1ceebf2a88a65666bc2520d89764ad3e5ab0e9f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1607570ca6eff42b05a1998dce45020f131017b7716c7c7d877c222415e41a
1c51f616467ff036ffc3cda167dd0767f1196464c04e6753c10fdecf489fdace
1d21108ca3a187894be959acd400168145159575dbd333f96520496bac0bbe5d
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
21be3d8cc254f4859ae8a3da30c334f04e89373f81ceda1769cd60b1cfd2eac3
237c7b47a1aa95b662e01c9628165f3731cda8f807109d86e2fed9a9b6ff7f7d
237f7ff8bbbd70b3bbc555cefe831e325713750b78a19d66303d1a108dab9817
24e5c659dc7089322d8a0bc6d164cea1d703f6cfaa483a4939bc86e5dc172670
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27ba9234f974219de6e767cae9a55749c10ade6663eb7706ceb06578c3c25fec
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
3016177d29a59355d32a948394941363082b0bdaa1cf7c348542a366d42d819d
309de750bb2c32b58c49494bb2d09b6f858750ad306edc6ad0fd634a5cf57916
31882157ed33128f8ed6a534689412e6cd2890708bb493ffd626bda077581ac2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
381375e2be635408860be657e0e14613c8511cc9787f87d433598ad2b0e476e6
3c59132f43637ace97082fba7383a9e4142b96dabfa1287ade8d15ec0ba88718
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f4c5434ff13af874ce19611307e65be3d98cb53c413140a2bce51ec01649dae
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
49e623d235463c8ad403ecd92bd56bcec0b17ddbae9697bb82bb2c66feb03d17
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54103e22890f40de8d835c5df33f2c86e50a861618199694053f56af647c566a
571ed826c86b48ffe0ab660887c14eb23e60182a49b75bd1d4ab4140705576db
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
5ce12c6a858d78dbc3b062ff1905ec4e84e23e72887f6c054f7687d19ee8aa0a
5d48e0c79fe42501dfb49ce72bb3e55a7efc8fe2a724a234f8ec5095a7fa0ea6
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5ef36339b381ae023bff4ab7d9ae0cbf31c6ee3c11e77fa9680f3f66b577f82f
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60615cf3ddf0b34046ce24ba4a0f5a5c352c10a9ae6e03043b93f8e0f5c6b509
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
60c68e0cfd9fbdf87fe812efdc174d5d46dbb7dc20861df3dfd6dd1fcff8f1cf
6179c4db6016209d3297febf8a9243c7356e99b52cb8b3c7e7b72c0bbc7dbaf8
65456946c7ce9e5aba2c5365c2edf64433b406468430db243b7780e0a380e67c
66b8dd52e53954572ea8cdd2894be7de8db6b40a789781cb8cbcd0cb6fa23cea
66da079776f05d6df89d8dd948f583d0d327efc2f4f25ca2ab297d32fad82899
681e097f8433e9cbd6c59f56f1a71b2deff644d1fb3d9f15f4557ed5cc6af680
682cb4abb54f896af437d223aca4779e61a66a521bd544dbeae207a7e137f805
690111ac8ed97850572ac0fbd28b2508af41618cdafdd4dbee2eec7e78065c5f
6a2a6883a4bfbd3118ec8682f628b35ba404dfe699004e34b320e743c9b47ac8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d5d31924ea6003926bef18ff37c5f6ab8834a563def2f21315f621b0f3c613c
6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
75ab967337aa8edae5bb0cf87c905b770b76b85be76de75eae74fa4c6041b060
7796e59e90d924602c994dcaa079b02f08531f3c0be7e98a595b8f399b659155
7870253039930d1879650c6f505e84449030f8124f9d4528dad26816cf6f1877
7cc76b16ae87c8c47677eb0da6d4ad8bc6a478d4856ac6e0bbfbd97d4e6b0839
7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166
8236c3eae7bc2e2c2081de37c820d3c68fc66eecfe44bf4fb8126cf3ba41c62a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8f9c57c81d47ce90d89f07b6fa259e7b6ab9e7d843ab8608950e3d2d9bad3da3
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
937e538076ed7b876c7f25211946fafda156fc508e98a3b68a6acb59181ae0d2
944ad3d3f38d97777983d50b7ef0e7eb3e5e497ede469b148d09173bea4af902
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
959b61e7d53b2ad474e220330b120487190b5c5a86dc7f759b7632b4e19000f2
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9d28e7a8f242abc2b5336463dee144e66be43926616caeed6732390458914b21
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a34f0ac0e0bae229e0913698c55cf65d12b30bb97c62e0bd6c8691dbbf2f9857
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
adc17ed4b80255bfb82799bbd6ddbc0f7b751369c86d2e48564afe3b717a2e14
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24763119a9aa6bc836fada5889c6f2ebde0a4a99621d417073bb7ff0d95bca7
b4117d2f1c199f4c9a460c02af74c18af4bac6de8a842a879bcb51af33bc0cf5
b63d3a021bc40338676b7587fc61214da3ab273779ffa0a97b1a94921f655734
b7371ba9cad2399b245a117ea4c07f76281887917fb8dbc446ee5571f52c816e
b7b13d765a10c08018fb61dedbb0b9dd9549712d9a8249352d7503ad5760dde1
b9f3e170f656b7844744c238ddbe5e4735819b7e35d008ced198d91a9e6c552c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bde34269dbb00e247efd3d1b671ab8fdea266e2b75d6d267b491cc8db72d0600
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
caf8a209d0754660770bea1e2339b58f8e478d46bdc0d39f4b0036e013e752c6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a0719678f9792e144181b228af747aefbfbd1f7b41eb6c29fc6be3c9aac869
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d9b07f182a7010f77ebe9f05d09268aa07ffb435f4f6b15e37c442c49e01a60b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de35c3d36239ae3ec11c7941c78f1ee69039d125dc9f2d3431a93498f00e378b
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
eb0574bfe55a33a197a4cb5b5ca86cd7d59974750615725975a908544409e019
eb9f997b146d41b39c203b000244ba524beff2d887e356bb854db8c38703d4bc
ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede
ed99e90ee1e28944cb257b8a06d730a89f3cbf40dcb2f102b8414e80897dabda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19b20d1e9cf0a2b22ec1899106f15b4bf8bf12b6c255fbd9ce8087a85615834
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
fdacd50d95e80b0f5f88c2a7975cfa6032c93ee4d73b8a94f2a41d040f0f6e7e
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

www.canindia.com Open in urlscan Pro 2606:4700:e4::ac40:a10e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

221 Requests

97 %HTTPS

63 %IPv6

22 Domains

34 Subdomains

31 IPs

3 Countries

5214 kBTransfer

10076 kBSize

4 Cookies

13 Outgoing links

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.canindia.com Open in urlscan Pro
2606:4700:e4::ac40:a10e Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

97 %
HTTPS

63 %
IPv6

22
Domains

34
Subdomains

31
IPs

3
Countries

5214 kB
Transfer

10076 kB
Size

4
Cookies

221 HTTP transactions
5 data transactions