www.rediff.com Open in urlscan Pro
2a02:26f0:480:d::210:f153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Submission: On October 09 via api (October 9th 2023, 6:06:34 am UTC) from IN — Scanned from DE

Summary HTTP 293 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 31 domains to perform 293 HTTP transactions. The main IP is 2a02:26f0:480:d::210:f153, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.rediff.com. The Cisco Umbrella rank of the primary domain is 175263.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 27th 2022. Valid for: a year.

This is the only time www.rediff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:26f0:480... 2a02:26f0:480:d::210:f153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
29	2a02:26f0:480... 2a02:26f0:480:d::210:f14b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
35	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
20	119.252.154.25 119.252.154.25	38224 (REDIFF-AS...) (REDIFF-AS Rediff.com India Limited)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 15	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 3	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
4	202.137.238.20 202.137.238.20	38224 (REDIFF-AS...) (REDIFF-AS Rediff.com India Limited)
1	119.252.154.22 119.252.154.22	38224 (REDIFF-AS...) (REDIFF-AS Rediff.com India Limited)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	114.31.225.44 114.31.225.44	38224 (REDIFF-AS...) (REDIFF-AS Rediff.com India Limited)
6	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.117.1.141 34.117.1.141	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:fc48:bc4... 2607:fc48:bc4b::bc:238	40009 (BITGRAVITY) (BITGRAVITY)
1 14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:201... 2600:9000:2016:ee00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
10	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
3	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	198.47.127.206 198.47.127.206	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
4	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	54.77.82.203 54.77.82.203	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.197.99.246 54.197.99.246	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3602:92bc:acd1:fb60:2d82	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.89 185.64.190.89	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	198.47.127.20 198.47.127.20	() ()
293	51

1 2a02:26f0:480:d::210:f153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:26f0:480:d::210:f14b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

imworld.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
im.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 119.252.154.25 (India)

ASN38224 (REDIFF-AS Rediff.com India Limited, IN)
PTR: host-119-252-154-25.rediffdns.com

newads.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.137.238.20 (India)

ASN38224 (REDIFF-AS Rediff.com India Limited, IN)
PTR: host-202-137-238-20.rediffdns.com

usmetric.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
indmetric.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.252.154.22 (India)

ASN38224 (REDIFF-AS Rediff.com India Limited, IN)
PTR: host-119-252-154-22.rediffdns.com

recoprofile.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 114.31.225.44 (India)

ASN38224 (REDIFF-AS Rediff.com India Limited, IN)
PTR: host-114-31-225-44.rediffdns.com

contentads.rediff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.1.141 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 141.1.117.34.bc.googleusercontent.com

hbs.ph.affinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:fc48:bc4b::bc:238 (United States)

ASN40009 (BITGRAVITY, US)

cdn4-hbs.affinitymatrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:ee00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.206 (United States)

ASN62713 (AS-PUBMATIC, US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.126.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.82.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.197.99.246 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-99-246.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.26 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:92bc:acd1:fb60:2d82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com	897 KB
56	rediff.com www.rediff.com — Cisco Umbrella Rank: 175263 imworld.rediff.com — Cisco Umbrella Rank: 160614 newads.rediff.com — Cisco Umbrella Rank: 121786 im.rediff.com — Cisco Umbrella Rank: 115062 usmetric.rediff.com — Cisco Umbrella Rank: 135114 recoprofile.rediff.com — Cisco Umbrella Rank: 184753 contentads.rediff.com — Cisco Umbrella Rank: 337026 indmetric.rediff.com — Cisco Umbrella Rank: 259145	709 KB
38	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	436 KB
23	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2	65 KB
14	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 588 image6.pubmatic.com — Cisco Umbrella Rank: 967 sshowads.pubmatic.com — Cisco Umbrella Rank: 21816 image2.pubmatic.com — Cisco Umbrella Rank: 1116 simage2.pubmatic.com — Cisco Umbrella Rank: 959 st.pubmatic.com — Cisco Umbrella Rank: 1266 simage4.pubmatic.com	65 KB
12	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 10850 log.outbrainimg.com — Cisco Umbrella Rank: 3073	5 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	219 KB
9	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2100 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4294 mv.outbrain.com — Cisco Umbrella Rank: 2748	186 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	2 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	99 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	382 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	6 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	601 B
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2979	3 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250 www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3616 c1.adform.net — Cisco Umbrella Rank: 643	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465	897 B
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 10282 flint.defybrick.com — Cisco Umbrella Rank: 9609	20 KB
3	affinitymatrix.com cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 38586	163 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 179	3 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 363 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	551 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086	2 KB
2	affinity.com hbs.ph.affinity.com — Cisco Umbrella Rank: 40438	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	154 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	149 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 952	610 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 1011	265 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 929	589 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 648	363 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
293	31

	Domain	Requested by
38	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.rediff.com 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org
35	pagead2.googlesyndication.com	www.rediff.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
20	im.rediff.com	www.rediff.com contentads.rediff.com
20	newads.rediff.com	www.rediff.com newads.rediff.com sshowads.pubmatic.com
15	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com www.rediff.com
15	fundingchoicesmessages.google.com	www.rediff.com
14	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com cdn4-hbs.affinitymatrix.com securepubads.g.doubleclick.net www.rediff.com 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	log.outbrainimg.com	widgets.outbrain.com
9	imworld.rediff.com	www.rediff.com imworld.rediff.com newads.rediff.com
8	s0.2mdn.net	www.rediff.com 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com cdn.ampproject.org
8	www.google.com	2 redirects www.rediff.com tpc.googlesyndication.com 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
7	www.googletagservices.com	googleads.g.doubleclick.net newads.rediff.com 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
7	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	a.audrte.com	3 redirects ads.pubmatic.com
4	cm.g.doubleclick.net	4 redirects
4	ads.pubmatic.com	7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com ads.pubmatic.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
4	widgets.outbrain.com	www.rediff.com newads.rediff.com
4	www.googleadservices.com	www.rediff.com
3	image2.pubmatic.com	ads.pubmatic.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	mv.outbrain.com	widgets.outbrain.com
3	cdn4-hbs.affinitymatrix.com	www.rediff.com cdn4-hbs.affinitymatrix.com
3	indmetric.rediff.com	contentads.rediff.com
3	sb.scorecardresearch.com	1 redirects www.rediff.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	flint.defybrick.com	rock.defybrick.com
2	widget-pixels.outbrain.com
2	tcheck.outbrainimg.com	widgets.outbrain.com
2	hbs.ph.affinity.com	www.rediff.com cdn4-hbs.affinitymatrix.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.rediff.com www.googletagmanager.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	st.pubmatic.com	sshowads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	ads.pubmatic.com
1	match.adsrvr.org	ads.pubmatic.com
1	simage2.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sshowads.pubmatic.com	ads.pubmatic.com
1	rock.defybrick.com	widgets.outbrain.com
1	cdn.jsdelivr.net	cdn4-hbs.affinitymatrix.com
1	contentads.rediff.com	newads.rediff.com
1	www.google.de	www.rediff.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	recoprofile.rediff.com	www.rediff.com
1	usmetric.rediff.com	www.rediff.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.rediff.com
293	61

This site contains links to these domains. Also see Links.

Domain
shopping.rediff.com
play.google.com
mail.rediff.com
register.rediff.com
api.whatsapp.com
twitter.com
www.facebook.com
www.reddit.com
www.outbrain.com
track.rediff.com
money.rediff.com
books.rediff.com
ishare.rediff.com
investor.rediff.com
clients.rediff.com
mypage.rediff.com

Subject Issuer	Validity	Valid
*.rediff.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-27` - `2023-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.ph.affinity.com Go Daddy Secure Certificate Authority - G2	`2023-04-10` - `2024-04-16`	a year	crt.sh
*.affinitymatrix.com Go Daddy Secure Certificate Authority - G2	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2023-09-23` - `2023-12-22`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Frame ID: 9473DE1EACFB55E38F5FEA841EF9A150
Requests: 112 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 7FBF0B24CC202F3970103551374165C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2932970604686705&output=html&adk=1812271804&adf=3025194257&lmt=1696824384&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696831584721&bpp=3&bdt=184&idt=196&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6965609858664&frm=20&pv=2&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076839%2C44798934%2C44804783%2C44805131%2C31078301%2C31078602&oid=2&pvsid=82716926715922&tmod=1341217369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: A082113EB7F57CB5FD49EBEBDDB9496B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 061A4D0B8A74E13339F3BCE3D7ADFF3B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: D88789BB8D92ECE1EE7BE3A8089379B4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F760F668E91B009EB6E3901D69FE3055
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C26937B449BA7FF2A2AA6C293080E83A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D0381211F248EB9FA449743372472166
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Frame ID: E9C51EBCD5CD58B733451505DB3304E7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Frame ID: 73C09C95124C1DEDDFD67F9B4D10E252
Requests: 1 HTTP requests in this frame

Frame: https://newads.rediff.com/rediffadserver/www/delivery/afr.php?zoneid=453&source=_blank&target=_top&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: AC1569F60651DC930E0AF19415E63412
Requests: 2 HTTP requests in this frame

Frame: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Frame ID: D1F9B3BBBAE2C04675AA1BF8C7E712BF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE977B2E867C29B6CBEC91D55A97010C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDA6F04F7AAF41016C341DECE9647C4C
Requests: 2 HTTP requests in this frame

Frame: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BDE33E34376AA20C87DCE869D70E6BE3
Requests: 1 HTTP requests in this frame

Frame: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D34057E8F9417FCBD388A20CBAB3C610
Requests: 9 HTTP requests in this frame

Frame: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C6E3CA6FE79F8C38E6359D1692083CCD
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html
Frame ID: 3290C0D19327E50E23C55E07E1830182
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiA4Z3cATAB&v=APEucNXtGcVsw2_E7ywg1EEt--xJp7pY5kQnMaTFE548zqFCvNPqQl5iirBa54CnP9bpEOLTuZTF2jsNJzDMZ5lAlLSG1bq9tg
Frame ID: EBCFF352188CB91FBD0935C625D8902F
Requests: 1 HTTP requests in this frame

Frame: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55A4C8B4079094CF17C31571E99485D0
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnsBxCgu8sBGPyF-9wBMAE&v=APEucNVy9TDGGR_7VTapiWBa0PlnM53YiUmvPTLcKIWkIhkWXorDQ5y8PGAM0gg4bzYNx81lQNPCOTMKAZzOmvZ_Umofn0cBSg
Frame ID: 345DDE5E39E02962727B941569709CA7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: D7FB0979A05678F3ABB162D830EFB573
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 12C0BEE88364A6F7DC8BC04EA91644E4
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: 0D9C43395E00B38387198315223DC5CF
Requests: 21 HTTP requests in this frame

Frame: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1825005F1B79F2093ECA1125806764E1
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A2297CC19041E8FE6406BDA5BE1D29A5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F58BF5756C47F27C74ABC0420381E0F0
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2A2E57B0CB58963FB64D8CF045424722
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0452774E5CA5DAAAB3F9FE7CBC546699
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 7304EF8AD9383A027F1F36BD4E715466
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea
Frame ID: A954228328A28F35F63F73D585BF971E
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158429&siteId=597963&adId=2510291&imprId=900E653A-E0C6-4638-B7E5-744096A713A5&cksum=104DF6B2B3774D3D&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1696831591&indirectAdId=2263932&adServerOptimizerId=1&ranreq=0.9251377633047626&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=25&svr=ADSAMS001&adsver=_2043887087&adsabzcid=0&cls=ADS&i0=0x3100000000000000&ekefact=Z5gjZYAYDgBE4PThlXRdm6DUb6sHNnDMqQOCJZ8nKhEoDY1Q&ekaxefact=Z5gjZY0YDgAvbjZ0KNWRB9sDapz_D5bsSKXA4xsPkNEKNFaP&ekpbmtpfact=Z5gjZZkYDgA37j0uo5oEVcohoxth73NO3BpsGGR_UNdj5-oX&enpp=Z5gjZaUYDgB2Q8Kgm2TE105ELT5h3OnThh2nFErHxWdNRAAw&pfi=1&dc=AMS&crID=0&wAdType=3&campaignId=0&isRTB=0&ver=11&dateHr=2023100906&usrgen=0&usryob=0&oid=900E653A-E0C6-4638-B7E5-744096A713A5&cntryId=58&sec=1&pAuSt=3&wops=0&sURL=rediff.com&BrID=5
Frame ID: 671DBAB48CE9F79B15B5357822CA626A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crooks hack payment gateway company, siphon off Rs 16,180 cr - Rediff.com India News

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

293
Requests

97 %
HTTPS

46 %
IPv6

31
Domains

61
Subdomains

51
IPs

9
Countries

5156 kB
Transfer

9976 kB
Size

39
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://shopping.rediff.com/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.rediff.android.news

Search URL Search Domain Scan URL

URL: https://mail.rediff.com/cgi-bin/login.cgi
Title: Sign in

Search URL Search Domain Scan URL

URL: https://register.rediff.com/register/register.php?FormName=user_details
Title: Create a Rediffmail account

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm&text=Crooks%20hack%20payment%20gateway%20company%2C%20siphon%20off%20Rs%2016%2C180%20cr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm&picture=&title=Crooks%20hack%20payment%20gateway%20company%2C%20siphon%20off%20Rs%2016%2C180%20cr&description=

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm&title=Crooks%20hack%20payment%20gateway%20company%2C%20siphon%20off%20Rs%2016%2C180%20cr

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: http://track.rediff.com/click?url=___http://businessemail.rediff.com/email-ids-for-companies-with-less-than-50-employees?sc_cid=footer-biz-email___&cmp=host&lnk=footer-biz-email&nsrv1=host
Title: Business email

Search URL Search Domain Scan URL

URL: http://track.rediff.com/click?url=___http://businessemail.rediff.com/email-ids-for-companies-with-less-than-50-employees?sc_cid=footer-mobileapp___&cmp=host&lnk=footer-mobileapp&nsrv1=host
Title: Office email App

Search URL Search Domain Scan URL

URL: http://track.rediff.com/click?url=___http://businessemail.rediff.com/domain-registration-india?sc_cid=footer-domain___&cmp=host&lnk=footer-domain&nsrv1=host
Title: Domain registration

Search URL Search Domain Scan URL

URL: http://track.rediff.com/click?url=___http://businessemail.rediff.com/create-free-websites?sc_cid=footer-website___&cmp=host&lnk=footer-website&nsrv1=host
Title: Website

Search URL Search Domain Scan URL

URL: http://money.rediff.com/
Title: Money

Search URL Search Domain Scan URL

URL: http://track.rediff.com/click?url=___http://businessemail.rediff.com/email-ids-for-companies-with-less-than-50-employees?sc_cid=footer-email___&cmp=host&lnk=footer-email&nsrv1=host
Title: Company email

Search URL Search Domain Scan URL

URL: http://shopping.rediff.com/shopping/index.html
Title: Online Shopping

Search URL Search Domain Scan URL

URL: http://books.rediff.com/
Title: Books

Search URL Search Domain Scan URL

URL: http://shopping.rediff.com/stores/2649
Title: Gifts

Search URL Search Domain Scan URL

URL: http://ishare.rediff.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://investor.rediff.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://clients.rediff.com/rediff_advertisewithus/contact.htm
Title: Advertise

Search URL Search Domain Scan URL

URL: http://mypage.rediff.com/feedback
Title: Feedback

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 44

https://googleads.g.doubleclick.net/pagead/adview?ai=CROnSYJgjZa2LPJWY7gSGjoeIA7_yyKNyk97j740SZBABILKnwF9glYqegrAHoAHf8aT1KMgBAqkCzhuwEN3CsT6oAwHIA8kEqgTiAk_QgQj2SEeR108Itang8FVcVgIMGU3Lnxd8Pc5TplqVvc-g40iIeSsVo06TSOZm8hK2RSvqGAI6R3PqMqmrT53gV-nDbrQJln6KvSJj6SRosgmRYRJQVFwpcLleeTMeVuvTwpjXiHFmbHet7is1C5hPuVeFI9ZJ39Gp608JNHuwcn4R4cm3hjrs928ZKFzg16Jto2c2_JgnlFlbvciNjcw8m_XubRQ54i0xPm5ExNbnLRQ7IpjTxueWKRFgNDnkpFGxdOrayaAdbavvW1Yi6XjP5KmFlLIt5_bu7EOBooRBqiF7o4wmjkG0G6DeZBsWG4OKQarvGX7SdiktkjpysuGvLMESr3W-DjSDRoz_uAzHUgFvtN3QcXaYTX_JlyJ2lbQt_SSvdQRCBbH7uGfoeyQjW0TvGqhx875Jl9EpB8iIISLPqQrPH3Dr-A-9ccnEeVoW_Iwrnbtiw3t9Ki185E6mB8AEwbuptK0EiAW-humBTJIFBAgEGAGSBQQIBRgEoAYCgAffqfXUA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPK0KtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCS5odHRwczovL2hlYXR0cmFuc2Zvcm1lcnMuY29tL292ZXItd2FybXRlcG9tcGVugAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI5MzI5NzA2MDQ2ODY3MDUYAA&sigh=uJoD19XxYwA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNzccpzSD2c-Kceq7fkT_MavquzIVliX3N3nLpmfiATGfrYO-jaLp5QzDxgPFiK-fBUrnOYH1ocmSTBgzYqOFAsy8R0wCUHRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213513742416312745327%22,%22debug_reporting%22:true,%22destination%22:%22https://heattransformers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210983389407%22],%224%22:[%2210-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225962462201785792097%22}&andc=true

Request Chain 50

https://sb.scorecardresearch.com/cs/6035613/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 147

https://securepubads.g.doubleclick.net/pagead/adview?ai=CN_WOZpgjZeGTG42ljuwPtbyLyAzBqqXtctbOuIHDEWQQASDp4YBlYJWKnoKwB6AByo_U9ALIAQmpAs4bsBDdwrE-4AIAqAMByAMCqgSVA0_QIaejbE4Gb0Sjqg7e2thAW921PKul2qVE8n9MsLNs0GWzjnV7J-gwRvA99esY1t4UEWc_aUzsL2kYtaR5hcUXA3ivdoLm2HU2UwdaMRJqeWG4ampJxpr1ycCjYo5LLS01A3_4jFIngn3u6WoHTFy5DTvN1ho6gmDMCUCiBibHR5E0XdX86fl8ruo7w3LWe7aD7Hba1BF0z952iJS5b0OewjCtdUvYvOCD01JjBFtxfCj_CVyNbMrt_-lHxJXpNw_hdGJwzfAbZ28UH57XH8ANP6hhVDi9SwRqXkDOWjw1qZApifNMYK4SaOqpP4486S9f1YXnNIMtc_l_2El-GTAGzhngNddSV9LOJX4bLTXBMPi8ytNXN8vPBkuR0k4PXwUWpFpidIhSQo5pIcib1ChRwnnxmlkJez2DPFlm2Ol94FVnEKYmGiEcLUWOHvy0tNp9TAAxhrHlK32CPjfWUaWKnWU2JzD72E9kboZLXR1C0LAcSQhAk1H9fmcjBT5IDfLqEIcTIaO44MQj0Kess8xP8rCIvsAEsYWpk50D4AQBiAWzk-mLKZIFBAgEGAGSBQQIBRgEoAZdgAee8KuLAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMjxKNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCR1odHRwczovL3d3dy55b3Vyc3RvcmVib3guY29tL4AKA8gLAeINEwiy6sOhpuiBAxWNkoMHHTXeAsnYEw7QFQGAFwGyFx4KHAgAEhRwdWItMjkzMjk3MDYwNDY4NjcwNRjZpWs&sigh=1zR4IBvb84U&uach_m=[UACH]&ase=2&cid=CAQSOwDICaaNO838nySXifDupsNZqNI5Yu57Lj9yw35PFjfuSkbbOEYgKutmUHX9B4BtFxUzOyj5qGcq6fLRGAE&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224368169665277042156%22,%22debug_reporting%22:true,%22destination%22:%22https://yourstorebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22781518794%22],%224%22:[%2210-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211079872487082177089%22}&andc=true

Request Chain 269

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 270

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IQGron4hSxqC2EtvOuETtQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 273

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=493507800 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5

Request Chain 274

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NG1meVFTTm51LUpTWmlpZk54d1Y0WFJTQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=8824644717817067780&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjEwMUFCQTItN0UyMS00QjFBLTgyRDgtNEI2RjNBRTExM0I1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECEjmbY7ItTVbHXMQSpNgWY&google_cver=1

Request Chain 278

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824644717817067780

293 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 20231008.htm Show response
www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/ 78 KB
22 KB 748ms
665ms Document
text/html 2a02:26f0:480:d::210:f153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: ba3fc1917bbb25bbab961d68d70c594f29e190711b0b370b7182c6c1c8838aca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 21890
Content-Type: text/html
Date: Mon, 09 Oct 2023 06:06:24 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK article_4.css
imworld.rediff.com/worldrediff/style_3_16/ 42 KB
9 KB 72ms
23ms Stylesheet
text/css 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://imworld.rediff.com/worldrediff/style_3_16/article_4.css
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 3ea59f09878ba3854e6b0e9b319e81dfaa0cb411a41e8988132753bd2a3307bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9205
Expires: Sat, 06 Apr 2024 06:06:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 136ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bdf41b8f3c102252431223070b9285e5e2ac195272a24520d9b8bd2b520aad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51022
x-xss-protection: 0
server: cafe
etag: 4764743029716417793
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:24 GMT

GET
H/1.1 200
OK asyncjs.php Show response
newads.rediff.com/rediffadserver/www/delivery/ 10 KB
4 KB 3837ms
159ms Script
text/javascript 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncjs.php
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 0a258d1f075fdf1f3195f30d5b09b6fefe79a0cd8387a85614c93f5bb83d242f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Content-Encoding: gzip
Server: Apache
ETag: 4b71f4079fb345c8ac958d0e9f0b56dd
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, max-age=3600
Connection: Keep-Alive
Expire: Mon, 09 Oct 2023 07:06:28 GMT
Keep-Alive: timeout=5, max=99
Content-Length: 3542

GET
H/1.1 200
OK blank.gif
imworld.rediff.com/worldrediff/pix/ 43 B
279 B 23ms
22ms Image
image/gif 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imworld.rediff.com/worldrediff/pix/blank.gif
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:24 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sat, 06 Apr 2024 06:06:24 GMT

GET
H/1.1 200
OK 08cash.jpg
im.rediff.com/news/2023/oct/ 123 KB
124 KB 74ms
27ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/news/2023/oct/08cash.jpg?w=670&h=900
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 6dde3a324cd5fe7039fb8bab6020cf15caa56ab11ab0a784122389c30faf37ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:24 GMT
Cache-Control: must-revalidate, max-age=2518436
Last-Modified: Sun, 08 Oct 2023 08:45:05 GMT
Server: Apache
Connection: keep-alive
Content-Length: 126239
Content-Type: image/jpeg

GET
H/1.1 200
OK 18india-china.jpg
im.rediff.com/240-170/news/2021/feb/ 11 KB
12 KB 73ms
23ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/240-170/news/2021/feb/18india-china.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 629ad9108529758576b73bc1915dbfe37b875f60cfcf17678e7c3aa30b94e401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:24 GMT
Last-Modified: Thu, 18 Feb 2021 03:19:54 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: must-revalidate, max-age=20154884
Connection: keep-alive
Content-Length: 11631
Expires: Wed, 29 May 2024 12:41:08 GMT

GET
H/1.1 200
OK signinout_3.js Show response
imworld.rediff.com/worldrediff/js_2_5/ 35 KB
7 KB 59ms
22ms Script
application/javascript 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://imworld.rediff.com/worldrediff/js_2_5/signinout_3.js
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 707f82883cd0e1410f8b1cd71c6855db0be292db627847cd9b5c706f997c152f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7149
Expires: Sat, 06 Apr 2024 06:06:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
88 KB 85ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3FM4PW27JR

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c01ed0c514492d496705420775f196209d076e6dd91940d1a4cee09c3973e311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89471
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 06:06:24 GMT

GET
H2 200 pub-2932970604686705 Show response
fundingchoicesmessages.google.com/i/ 157 KB
51 KB 105ms
55ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-2932970604686705?ers=1

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8445891faa16c66d7ea18fbdbdd7755ac68eb0bbb3520fa341e138d3c7891b6c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0cVsEhz1b1QFDXkcYtPCMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0cVsEhz1b1QFDXkcYtPCMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub-2932970604686705 Show response
fundingchoicesmessages.google.com/b/ 8 KB
5 KB 86ms
37ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-2932970604686705

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a02bbb6b0afe598fba70d2a61863ca3772ef9f6f27cb145f4bc7aa6f69a75d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bB-mLvDYMr_yv5ew8eLzHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-bB-mLvDYMr_yv5ew8eLzHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK al.php Show response
newads.rediff.com/rediffadserver/www/delivery/ 587 B
851 B 3655ms
162ms Script
application/x-javascript 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/al.php?zoneid=280&source=_blank&target=_blank&layerstyle=simple&align=left&valign=top&padding=0&closetime=15&padding=0&shifth=0&shiftv=45&closebutton=t&nobg=t&noborder=t
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 22ffa09560779b92b0489edad160e2faaca4efa1764142faa05c286c7b3a4acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 359
Expires: 0

GET
H/1.1 200
OK redifflogo_n1.png
imworld.rediff.com/worldrediff/pix/ 987 B
1 KB 61ms
22ms Image
image/png 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imworld.rediff.com/worldrediff/pix/redifflogo_n1.png
Requested by: Host: imworld.rediff.com
URL: https://imworld.rediff.com/worldrediff/style_3_16/article_4.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 94d60bed59d1612c078119df55a50d94ff6198a108de1ce688f1746e9f76b054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imworld.rediff.com/worldrediff/style_3_16/article_4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:24 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 987
Expires: Sat, 06 Apr 2024 06:06:24 GMT

GET
H/1.1 200
OK srchbtnicon.png
imworld.rediff.com/worldrediff/pix/ 388 B
625 B 39ms
22ms Image
image/png 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imworld.rediff.com/worldrediff/pix/srchbtnicon.png
Requested by: Host: imworld.rediff.com
URL: https://imworld.rediff.com/worldrediff/style_3_16/article_4.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 5e4bea37a2e5e6328039e3cf241894935b329d45dbfe273acc6b2fe99f58794c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imworld.rediff.com/worldrediff/style_3_16/article_4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:24 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 388
Expires: Sat, 06 Apr 2024 06:06:24 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2932970604686705&plah=www.rediff.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc4b10c977e3e9d710504fc765a0fc0a1a75605ae7829f7227d241819f0c2578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135183
x-xss-protection: 0
server: cafe
etag: 15736820698871491157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 7FBF 10 KB
5 KB 71ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Sun, 22 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 AGSKWxVOkZpVTS0_DdHYpdwbQ9hooE9OgFa0EFWWfOmK2UElQUr-GetuNSHwPBd00M9QKiRtGyENbPqNJYTZlTBo1RgiUw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
35ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVOkZpVTS0_DdHYpdwbQ9hooE9OgFa0EFWWfOmK2UElQUr-GetuNSHwPBd00M9QKiRtGyENbPqNJYTZlTBo1RgiUw==

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uVN9emouThXhga7yFUCFlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-uVN9emouThXhga7yFUCFlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.rediff.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 76ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.rediff.com&callback=_gfp_s_&client=ca-pub-2932970604686705

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2932970604686705&plah=www.rediff.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd24a6d32841a12f2b3299a3358234c57fd1e2a47dea5d0c49b46f4b077109d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A082 346 KB
82 KB 583ms
583ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2932970604686705&output=html&adk=1812271804&adf=3025194257&lmt=1696824384&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696831584721&bpp=3&bdt=184&idt=196&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6965609858664&frm=20&pv=2&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076839%2C44798934%2C44804783%2C44805131%2C31078301%2C31078602&oid=2&pvsid=82716926715922&tmod=1341217369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=218

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ba79676bd555e262ba4838ee3ce4652ed3ef16e55f734396aa5397261844d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 84190
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:25 GMT
expires: Mon, 09 Oct 2023 06:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=topfixedrow&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 153 KB
52 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf69d92170111172727ec80de5bbb02c0a8d0a06d6dd284db4e0927d5b0925a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53320
x-xss-protection: 0
server: cafe
etag: 15842986768202015590
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:25 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 061A 10 KB
4 KB 25ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Sun, 22 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame D887 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Sun, 22 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 061A 4 KB
1 KB 78ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 05:46:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 06:06:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 061A 205 B
651 B 73ms
19ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:51:21 GMT
x-content-type-options: nosniff
age: 386104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Oct 2024 18:51:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 061A 604 B
695 B 73ms
19ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 160292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 06 Oct 2024 09:34:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 061A 15 KB
7 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:55:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame D887 23 KB
9 KB 78ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:36:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F760 143 B
166 B 21ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 05:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D887 3 KB
1 KB 74ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D887 20 KB
8 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H2 200 491153707357785590
tpc.googlesyndication.com/simgad/ Frame D887 11 KB
12 KB 59ms
26ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/491153707357785590?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkv4vnmXp1tsr4Jv1LSZ-oIIvS9iQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eff851a52e06e8ac47e0cccbfbf5e97c15a0b088f59fceb0dafc19b990aabf9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 21:22:26 GMT
x-content-type-options: nosniff
age: 377039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11738
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 12:50:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 21:22:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D887 187 KB
59 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:25 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D887 36 KB
15 KB 78ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 10:47:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F760
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
35ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:25 GMT
expires: Mon, 09 Oct 2023 06:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C269 14 KB
1 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 05:44:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 06:06:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C269 2 KB
973 B 22ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame C269 23 KB
9 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:36:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D038 143 B
166 B 23ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 05:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C269 3 KB
1 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C269 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C269 187 KB
59 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:25 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame C269 37 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 10:17:18 GMT

GET
DATA 200
OK truncated
/ Frame D887 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd2f5e054c32283bdfa0b62f3ac43129fa9cb7b177f6f7e41eeec411c76d9a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D038
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:25 GMT
expires: Mon, 09 Oct 2023 06:06:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D887
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CROnSYJgjZa2LPJWY7gSGjoeIA7_yyKNyk97j740SZBABILKnwF9glYqegrAHoAHf8aT1KMgBAqkCzhuwEN3CsT6oAwHIA8kEqgTiAk_QgQj2SEeR108Itang8FVcVgIMGU3Lnxd8Pc5Tplq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213513742416312745327%22,%22debug_reporting%22:true,%22destination%22:%22https://heattransformers.com%22,%22event_report_wi...

0
0

94ms
54ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213513742416312745327%22,%22debug_reporting%22:true,%22destination%22:%22https://heattransformers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210983389407%22],%224%22:[%2210-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225962462201785792097%22}&andc=true

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:26 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13513742416312745327","debug_reporting":true,"destination":"https://heattransformers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10983389407"],"4":["10-09"],"6":["true"]},"priority":"500","source_event_id":"5962462201785792097"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Oct 2023 06:06:26 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Oct 2023 06:06:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13513742416312745327","debug_reporting":true,"destination":"https://heattransformers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10983389407"],"4":["10-09"],"6":["true"]},"priority":"500","source_event_id":"5962462201785792097"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame E9C5 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 12:44:05 GMT

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 73C0 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 12:44:05 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 118ms
55ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 06:06:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D887 42 B
64 B 98ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1Gi5EwOw1Rn-EB0jdG7zS6Y-wzytwQE2YvdNpdo9OE6YTn6igyo6HUOpgSLEegjO-1Z83VCI7WVwY3QRUyZWCWnJ3ApRJtoRWwJV6M_mniNPjL-jFa-XN6Jb417vY_T5jTb4gt6ZE4om3&sai=AMfl-YRWhSEoqUQSJ_CQwDTuqphQLQFQR9otU1wUWrfUHCLntxQQvKl8hQOukJhrcc3Z0NAkS0CFQacDm7qA5R1k7AWI__nq3NgarkCVelZKo_WG-7Vt_rvyBhaPpZM1HH18LCXFXyOd9vlzmRv1&sig=Cg0ArKJSzH_RX5lRHeU4EAE&cid=CAQSSwDICaaNzccpzSD2c-Kceq7fkT_MavquzIVliX3N3nLpmfiATGfrYO-jaLp5QzDxgPFiK-fBUrnOYH1ocmSTBgzYqOFAsy8R0wCUHRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=90,773,1000,1085,1144&tos=90,683,227,85,59&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696831585713&rpt=225&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 482ms
160ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=280&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2F&cb=020b3a357c
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:28 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 43
Expires: 0

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035613/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

23ms
23ms

Script
application/javascript

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 05:26:44 GMT
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2725
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: TTZqcx4V22YfHtyRmb9o1DupXP4iFekVZBYl2jCyz3LzbPgck5IOYQ==

Redirect headers

date: Mon, 09 Oct 2023 06:06:28 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: n8-6BCK7IQorssPlV1pfushvbCxcaZJ5nZ5KkTihDJd9zjWdNcqwzA==

GET
H/1.1 200
OK 20231008.htm
usmetric.rediff.com/www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/ 1 B
371 B 810ms
147ms Image
text/html 202.137.238.20
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usmetric.rediff.com/www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm?rkey=833630&device=pc
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 202.137.238.20 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-202-137-238-20.rediffdns.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Last-Modified: Sat, 11 Sep 2010 14:28:33 GMT
Server: Apache
ETag: "1-48ffcad8be640"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1

GET
H/1.1 200
OK afr.php Show response
newads.rediff.com/rediffadserver/www/delivery/ Frame AC15 1 KB
1 KB 315ms
163ms Document
text/html 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/afr.php?zoneid=453&source=_blank&target=_top&cb=INSERT_RANDOM_NUMBER_HERE
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: c07417ffc3c3a0155112b45ecbd8d3799814a771cc68737f2d1e248a60dbf90a

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 747
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Oct 2023 06:06:28 GMT
Expires: 0
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK / Show response
recoprofile.rediff.com/shopping_recommendation/get_article_recommendation.php/ 4 KB
2 KB 964ms
306ms Script
text/html 119.252.154.22
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://recoprofile.rediff.com/shopping_recommendation/get_article_recommendation.php/?function=show_recommendation&frompage=article&artUrl=http%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&is_mobile=0&location=US
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.22 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-22.rediffdns.com
Software: Apache /
Resource Hash: e0e06c6b7918fc0ca7b4d8c585529a801b3e327a5b985092bfad5ed5dab7bcc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1740

GET
H/1.1 200
OK shareiconsprite.png
imworld.rediff.com/worldrediff/pix/ 3 KB
3 KB 22ms
22ms Image
image/png 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imworld.rediff.com/worldrediff/pix/shareiconsprite.png
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e0f1f0bc1475187cb7f4e04b1a41324aa4aa5a50041d2a9f51d0403ac1e1e443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3025
Expires: Sat, 06 Apr 2024 06:06:28 GMT

GET
H/1.1 200
OK waitimg.gif
imworld.rediff.com/worldrediff/pix/ 845 B
1 KB 471ms
471ms Image
image/gif 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imworld.rediff.com/worldrediff/pix/waitimg.gif
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 7bfc7444d7ee08fbd52ef8d2d573b8ac6993c91a04a0977ca77445e93623497e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 845
Expires: Sat, 06 Apr 2024 06:06:28 GMT

GET
H/1.1 200
OK rediff-on-net-footer-1.png
imworld.rediff.com/worldrediff/pix/ 2 KB
2 KB 22ms
22ms Image
image/png 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imworld.rediff.com/worldrediff/pix/rediff-on-net-footer-1.png
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 3aa7c1aa820d8582dd88d19e867ce0672552b76a280ef29e181e46b29b64c2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1554
Expires: Sat, 06 Apr 2024 06:06:28 GMT

POST
H3 204 AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 31ms
31ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ISuA_FLS0uI.es5.O/am=ggE/d=1/rs=AJlcJMzwaUy1AEc2c7_89HySqFvNL-gSlg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YUwpdZOQ26v4rsTIl7J_9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-YUwpdZOQ26v4rsTIl7J_9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.rediff.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX9mXC_0ZwND3-csipzwb9C6ciUQOl5PVcYVkuO8oslG7Nxll_ynKPvX-AdTRvyRYLmW2grS72pVF4GbXG_j5H8a4gEgmmF9nYNWNjsuVv9Qx2HTcrwN9EvljXLSb-EEykO9xEz5g== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX9mXC_0ZwND3-csipzwb9C6ciUQOl5PVcYVkuO8oslG7Nxll_ynKPvX-AdTRvyRYLmW2grS72pVF4GbXG_j5H8a4gEgmmF9nYNWNjsuVv9Qx2HTcrwN9EvljXLSb-EEykO9xEz5g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2ODMxNTg4LDMzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucmVkaWZmLmNvbS9uZXdzL3JlcG9ydC9jcm9va3MtaGFjay1wYXltZW50LWdhdGV3YXktY29tcGFueS1zaXBob24tb2ZmLXJzLTE2MTgwLWNyLzIwMjMxMDA4Lmh0bSIsbnVsbCxbWzgsIklTdUFfRkxTMHVJIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjEiXSxbMTEsIltbXSxbXSxbXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9dae134698b0f47b86dad39e5539b63ef66e9ff1d7072111050edcf16ff24a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wBFN9G1N1BkcS8mS1VhHyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-wBFN9G1N1BkcS8mS1VhHyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 17hacker.jpg
im.rediff.com/335-180/news/2020/sep/ 16 KB
16 KB 29ms
29ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/335-180/news/2020/sep/17hacker.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 6c8c267112268517a37cd4e4cae9ea1717738ebaa1c7a8e1528300e776c2c060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Cache-Control: must-revalidate, max-age=31462431
Last-Modified: Thu, 17 Sep 2020 10:17:51 GMT
Server: Apache
Connection: keep-alive
Content-Length: 16236
Content-Type: image/jpeg

GET
H/1.1 200
OK 03pan.jpg
im.rediff.com/335-180/news/2023/mar/ 10 KB
10 KB 32ms
31ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/335-180/news/2023/mar/03pan.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 723110ba4c41600f554b5f5b70fd36d48c8397954a48b67109eb92aad5da9023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Cache-Control: must-revalidate, max-age=31491149
Last-Modified: Fri, 03 Mar 2023 04:04:07 GMT
Server: Apache
Connection: keep-alive
Content-Length: 9794
Content-Type: image/jpeg

GET
H/1.1 200
OK bank-apps-o.jpg
im.rediff.com/335-180/news/2017/dec/ 13 KB
13 KB 55ms
25ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/335-180/news/2017/dec/bank-apps-o.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 40b8fa86f905cc306d96539bb46bc9f7bb0ad808953e341818cca34c0d6c7869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Cache-Control: must-revalidate, max-age=31462398
Last-Modified: Thu, 28 Dec 2017 12:44:45 GMT
Server: Apache
Connection: keep-alive
Content-Length: 13242
Content-Type: image/jpeg

GET
H/1.1 200
OK 09marsh-drop.jpg
im.rediff.com/335-180/cricket/2023/oct/ 9 KB
9 KB 674ms
642ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/335-180/cricket/2023/oct/09marsh-drop.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: d50a49c66a3693b3f71ac082bfa6e2313f738ad00f386d894064ac6b68ab5d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Cache-Control: must-revalidate, max-age=31536000
Last-Modified: Mon, 09 Oct 2023 05:54:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 9270
Content-Type: image/jpeg

GET
H/1.1 200
OK 09israeli-attacks21.jpg
im.rediff.com/335-180/news/2023/oct/ 19 KB
19 KB 737ms
700ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/335-180/news/2023/oct/09israeli-attacks21.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: f44524f4c2c58bd1362b6d3447dfaa8085de8e6212f66c4c0a0cb3de7817d3dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31535999
Last-Modified: Mon, 09 Oct 2023 05:54:41 GMT
Server: Apache
Connection: keep-alive
Content-Length: 19136
Content-Type: image/jpeg

GET
H/1.1 200
OK 09rice.jpg
im.rediff.com/335-180/money/2023/oct/ 16 KB
16 KB 620ms
583ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/335-180/money/2023/oct/09rice.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 265e911c9c48dbcba2283248e0583e9c851aa555c287272d48a96a927fe3f737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Cache-Control: must-revalidate, max-age=31536000
Last-Modified: Mon, 09 Oct 2023 05:51:30 GMT
Server: Apache
Connection: keep-alive
Content-Length: 16193
Content-Type: image/jpeg

GET
H/1.1 200
OK 15independence-day6.jpg
im.rediff.com/335-180/news/2023/aug/ 14 KB
15 KB 605ms
596ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/335-180/news/2023/aug/15independence-day6.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: f529f70a13a14075f1c370b29c0e59374bdc4e7c59f2708f259c1277a88bab0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Cache-Control: must-revalidate, max-age=31536000
Last-Modified: Tue, 15 Aug 2023 09:58:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 14651
Content-Type: image/jpeg

GET
H/1.1 200
OK bank-apps-o.jpg
im.rediff.com/news/2017/dec/ 88 KB
89 KB 33ms
25ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/news/2017/dec/bank-apps-o.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 90a9076fec149fab0a4f877838bafd194f45078138d906c626c308c8b155240c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Last-Modified: Thu, 28 Dec 2017 12:44:45 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: must-revalidate, max-age=2159435
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90426

GET
H/1.1 200
OK frauds-o.jpg
im.rediff.com/news/2021/jan/ 234 KB
235 KB 23ms
22ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/news/2021/jan/frauds-o.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e32a964945deb3bbbb1440d19be007cb960080a71d89bdabe94062b305dfd3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:28 GMT
Last-Modified: Mon, 04 Jan 2021 13:12:06 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: must-revalidate, max-age=2547144
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239981

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
67 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111630784-8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FM4PW27JR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ed3356eccecaf7ee997383573b72c9a75b4f18a63a561c2cd7e37b7bf7d3ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 06:06:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 72ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3FM4PW27JR&gtm=45je3a40&_p=297538792&cid=195423686.1696831585&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696831588&sct=1&seg=0&dl=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&dt=Crooks%20hack%20payment%20gateway%20company%2C%20siphon%20off%20Rs%2016%2C180%20cr%20-%20Rediff.com%20India%20News&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FM4PW27JR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111630784-8&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Oct 2023 05:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 09 Oct 2023 07:51:33 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 22ms
22ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035613&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1696831588414&ns_c=UTF-8&c7=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&c8=Crooks%20hack%20payment%20gateway%20company%2C%20siphon%20off%20Rs%2016%2C180%20cr%20-%20Rediff.com%20India%20News&c9=
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:28 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: L3gRG4Z5kflHNPCtit1LxLTuO2SA3Vcu0qEdr4paO8whypMcCVa3wg==
x-cache: Miss from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
28ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=297538792&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&ul=en-us&de=UTF-8&dt=Crooks%20hack%20payment%20gateway%20company%2C%20siphon%20off%20Rs%2016%2C180%20cr%20-%20Rediff.com%20India%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1863988310&gjid=1476015961&cid=195423686.1696831585&tid=UA-111630784-8&_gid=522669464.1696831588&_r=1&gtm=457e3a40&jsscut=1&z=435069055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 82ms
27ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111630784-8&cid=195423686.1696831585&jid=1863988310&gjid=1476015961&_gid=522669464.1696831588&_u=YADAAUAAAAAAACAAI~&z=52394104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Oct 2023 06:06:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
35ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111630784-8&cid=195423686.1696831585&jid=1863988310&_u=YADAAUAAAAAAACAAI~&z=909819077

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111630784-8&cid=195423686.1696831585&jid=1863988310&_u=YADAAUAAAAAAACAAI~&z=909819077

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ Frame AC15 43 B
463 B 320ms
161ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=2625&campaignid=1043&zoneid=453&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2F&cb=d0b9aedced
Requested by: Host: newads.rediff.com
URL: https://newads.rediff.com/rediffadserver/www/delivery/afr.php?zoneid=453&source=_blank&target=_top&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newads.rediff.com/rediffadserver/www/delivery/afr.php?zoneid=453&source=_blank&target=_top&cb=INSERT_RANDOM_NUMBER_HERE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:28 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK get_ad Show response
contentads.rediff.com/ Frame D1F9 4 KB
4 KB 447ms
143ms Document
text/html 114.31.225.44
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Requested by: Host: newads.rediff.com
URL: https://newads.rediff.com/rediffadserver/www/delivery/afr.php?zoneid=453&source=_blank&target=_top&cb=INSERT_RANDOM_NUMBER_HERE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 114.31.225.44 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-114-31-225-44.rediffdns.com
Software: nginx /
Resource Hash: e4b697fc8700c56a1360554939c7c22c8226ae28a9265bff2be874246b6fd30b

Request headers

Referer: https://newads.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *.rediff.com
Connection: keep-alive
Content-Length: 3788
Content-Type: text/html;charset=utf-8
Date: Mon, 09 Oct 2023 06:06:28 GMT
Server: nginx

GET
H/1.1 200
OK article_3.css
im.rediff.com/worldrediff/style_3_16/ Frame D1F9 41 KB
9 KB 35ms
35ms Stylesheet
text/css 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://im.rediff.com/worldrediff/style_3_16/article_3.css
Requested by: Host: contentads.rediff.com
URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: a4dd60de1b2e32632bb395467006d7abd155f3824e70ae1146251fcaca8116fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contentads.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jul 2019 04:32:01 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: must-revalidate, max-age=590076
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8881

GET
H/1.1 200
OK 25voters.jpg
im.rediff.com/215-145/news/2022/mar/ Frame D1F9 11 KB
11 KB 426ms
425ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2022/mar/25voters.jpg
Requested by: Host: contentads.rediff.com
URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 64f6b92d9b188787a35a7a12ae46e67ac016767cf72f1e05e9ad16252fc0e35f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contentads.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31536000
Last-Modified: Fri, 25 Mar 2022 10:22:45 GMT
Server: Apache
Connection: keep-alive
Content-Length: 11446
Content-Type: image/jpeg

GET
H/1.1 200
OK trade-o.jpg
im.rediff.com/215-145/news/2017/oct/ Frame D1F9 8 KB
8 KB 25ms
24ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2017/oct/trade-o.jpg
Requested by: Host: contentads.rediff.com
URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 80e8746c8ea93fa38e50b2e15647b26a9c7324439afda55fe8b85c9dd3aa88ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contentads.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=30103784
Last-Modified: Thu, 26 Oct 2017 11:46:27 GMT
Server: Apache
Connection: keep-alive
Content-Length: 7998
Content-Type: image/jpeg

GET
H/1.1 200
OK 08cwc-meet.jpg
im.rediff.com/215-145/news/2023/oct/ Frame D1F9 10 KB
10 KB 26ms
25ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2023/oct/08cwc-meet.jpg
Requested by: Host: contentads.rediff.com
URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: a5a97dc88b67ca5d72476736a7a1a56825bf265ed92ec173b41c1c43d4ef4c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contentads.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31528518
Last-Modified: Sun, 08 Oct 2023 17:04:15 GMT
Server: Apache
Connection: keep-alive
Content-Length: 10374
Content-Type: image/jpeg

GET
H/1.1 200
OK dynimpression
indmetric.rediff.com/www.rediff.com/ Frame D1F9 1 B
266 B 772ms
138ms Image
text/html 202.137.238.20
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indmetric.rediff.com/www.rediff.com/dynimpression?rkey=47230&position=1&label=edit_news&c_type=outb_ad_edit_news&news=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fec-to-announce-poll-schedule-for-5-states-today%2F20231009.htm&property=art_outb_pc
Requested by: Host: contentads.rediff.com
URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 202.137.238.20 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-202-137-238-20.rediffdns.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contentads.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Last-Modified: Fri, 04 Aug 2017 06:32:19 GMT
Server: Apache
ETag: "1-555e7a8a8e2c0"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1

GET
H/1.1 200
OK dynimpression
indmetric.rediff.com/www.rediff.com/ Frame D1F9 1 B
266 B 772ms
138ms Image
text/html 202.137.238.20
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indmetric.rediff.com/www.rediff.com/dynimpression?rkey=33854&position=2&label=edit_business&c_type=outb_ad_edit_business&news=https%3A%2F%2Fwww.rediff.com%2Fbusiness%2Freport%2Fisrael-hamas-conflict-indian-exporters-may-face-higher-risk-premiums-shipping-costs%2F20231008.htm&property=art_outb_pc
Requested by: Host: contentads.rediff.com
URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 202.137.238.20 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-202-137-238-20.rediffdns.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contentads.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Last-Modified: Fri, 04 Aug 2017 06:32:17 GMT
Server: Apache
ETag: "1-555e7a88a5e40"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1

GET
H/1.1 200
OK dynimpression
indmetric.rediff.com/www.rediff.com/ Frame D1F9 1 B
266 B 777ms
142ms Image
text/html 202.137.238.20
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indmetric.rediff.com/www.rediff.com/dynimpression?rkey=70422&position=3&label=edit_news&c_type=outb_ad_edit_news&news=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fpoll-strategy-caste-census-to-dominate-cwc-meet-on-monday%2F20231008.htm&property=art_outb_pc
Requested by: Host: contentads.rediff.com
URL: https://contentads.rediff.com/get_ad?template=OUTB&page_url=https://www.rediff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 202.137.238.20 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-202-137-238-20.rediffdns.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contentads.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Last-Modified: Fri, 04 Aug 2017 06:32:19 GMT
Server: Apache
ETag: "1-555e7a8a8e2c0"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1

GET
H/1.1 200
OK bank-apps-o.jpg
im.rediff.com/215-145/news/2017/dec/ 9 KB
9 KB 29ms
28ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2017/dec/bank-apps-o.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: d155c5953f9f1a8722ecadd4b104956697f7c04bbcd50c9ec386c680bee2fca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31115159
Last-Modified: Thu, 28 Dec 2017 12:44:45 GMT
Server: Apache
Connection: keep-alive
Content-Length: 8868
Content-Type: image/jpeg

GET
H/1.1 200
OK frauds-o.jpg
im.rediff.com/215-145/news/2021/jan/ 8 KB
8 KB 29ms
28ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2021/jan/frauds-o.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: b69069ebdff74081eb5be82f9ba29901110a95dfc1884f3369a46d3da7ae4650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31494646
Last-Modified: Mon, 04 Jan 2021 13:12:06 GMT
Server: Apache
Connection: keep-alive
Content-Length: 8428
Content-Type: image/jpeg

GET
H/1.1 200
OK 17hacker.jpg
im.rediff.com/215-145/news/2020/sep/ 8 KB
9 KB 42ms
41ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2020/sep/17hacker.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 477ac851653f64be40a6a7e8a94867faa4283c069bcf4515e41160b3f4535fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31494647
Last-Modified: Thu, 17 Sep 2020 10:17:51 GMT
Server: Apache
Connection: keep-alive
Content-Length: 8584
Content-Type: image/jpeg

GET
H/1.1 200
OK 03pan.jpg
im.rediff.com/215-145/news/2023/mar/ 6 KB
7 KB 29ms
28ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2023/mar/03pan.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 5784edcd3e8ee97446434d62db2d5f24307ee5b39f801b2f202119ea2f608126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31494647
Last-Modified: Fri, 03 Mar 2023 04:04:07 GMT
Server: Apache
Connection: keep-alive
Content-Length: 6470
Content-Type: image/jpeg

GET
H/1.1 200
OK 08gehlot.jpg
im.rediff.com/215-145/news/2023/oct/ 8 KB
9 KB 26ms
25ms Image
image/jpeg 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.rediff.com/215-145/news/2023/oct/08gehlot.jpg
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 3233293caf7989565743fb9a823a3ada0f121c509b68557e7e35b06b7202f99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:29 GMT
Cache-Control: must-revalidate, max-age=31457265
Last-Modified: Sun, 08 Oct 2023 04:09:51 GMT
Server: Apache
Connection: keep-alive
Content-Length: 8540
Content-Type: image/jpeg

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.4632696742741722

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2BhJvKmYgVJ3rPuyfpkNYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-2BhJvKmYgVJ3rPuyfpkNYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 56ms
55ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.8084289052957503

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ouOuIp2KLrYhkWmWotYwRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-ouOuIp2KLrYhkWmWotYwRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 32ms
32ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DOnrOgJgQpajiT2ULT1TAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-DOnrOgJgQpajiT2ULT1TAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rediff.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
70ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b16c643bfc888d647600ff99116a5a03548f029f74b471c8b7efe547d38ba2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12273
x-xss-protection: 0

GET
H/1.1 200
OK asyncspc.php Show response
newads.rediff.com/rediffadserver/www/delivery/ 14 KB
3 KB 211ms
210ms XHR
application/json 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncspc.php?zones=333%7C274%7C277%7C391%7C256%7C259%7C262%7C265%7C271%7C268%7C315&prefix=revive-0-&source=_blank&target=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm
Requested by: Host: newads.rediff.com
URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: f69d8edd09550bc0c08970c85ed53f1cfcd6a5330faf9c6a7ecd349d295f2488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.rediff.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 2213
Expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 06:06:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE97 13 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 20:01:01 GMT
expires: Mon, 07 Oct 2024 20:01:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDA6 829 B
559 B 32ms
31ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebcb799adf679646bcdc30ba8cbb137cb9855f7c8b0d1d0d86ee99d41d71ad7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nEu36tMq0Nmpd-YxAkX5xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nEu36tMq0Nmpd-YxAkX5xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:30 GMT
expires: Mon, 09 Oct 2023 06:06:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame AE97 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Oct 2024 18:58:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DDA6 0
0 54ms
54ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=82716926715922&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 advertisingmodule. Show response
fundingchoicesmessages.google.com/f/AGSKWxV6msokXHE95BQPBMLAFJXblveNSlJ9o4FPhhRNeVczMrKuwiYudrCiFgdeOrBvCD9O6uyo1RHEpXHok5IzhSKWe_uR5IO0Nuxg1AoZ_3meCZGdkivyFQ08wJzm2PpXfZwgD9lFyewGuLfnYh3pSk5Y--iF7... 54 B
109 B 40ms
39ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV6msokXHE95BQPBMLAFJXblveNSlJ9o4FPhhRNeVczMrKuwiYudrCiFgdeOrBvCD9O6uyo1RHEpXHok5IzhSKWe_uR5IO0Nuxg1AoZ_3meCZGdkivyFQ08wJzm2PpXfZwgD9lFyewGuLfnYh3pSk5Y--iF7H4tGRhfNIzFuIDIZiBHqVcAHthX5230/_=advert//ad/semantic_/vghd.swf/asyncjs./advertisingmodule.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ISuA_FLS0uI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGPEcEyM__geJv35PaUEFtF_ef3Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b2f9ae0192c7cc1dc55b9768623266681dc120f03a1552ef331df1abe7e1293

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LbLSZVbBODWPM9SWsFYpdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-LbLSZVbBODWPM9SWsFYpdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 05:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:25:04 GMT

POST
H3 204 AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
36ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M3VNtjXwfeUlCOcoTTFtoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-M3VNtjXwfeUlCOcoTTFtoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.rediff.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK blank.gif
imworld.rediff.com/worldrediff/pix/ 43 B
279 B 21ms
21ms Image
image/gif 2a02:26f0:480:d::210:f14b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imworld.rediff.com/worldrediff/pix/blank.gif
Requested by: Host: newads.rediff.com
URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f14b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:30 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sat, 06 Apr 2024 06:06:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 99 KB
29 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: newads.rediff.com
URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e8e9a28adada53ea1a7cdf5aa39284133ed93deb3bb796a056d7c7c9c79bd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29548
x-xss-protection: 0
server: cafe
etag: 809 / 19639 / m202310030101 / config-hash: 4974023841911941900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:30 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 232 KB
84 KB 91ms
22ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d74d5adfbf0c05f948301d7d1f1b9613e234f58a61018858ce31ca919ba37de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:34:44 GMT
etag: "23-eUfTY6GHG1DudMFHVSTcx8en/Ho"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 2df596f7af821273d4dfa7fb7e2b9dae
timing-allow-origin: *, *
content-length: 85655
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 index.php Show response
hbs.ph.affinity.com/v5/rediff.com/rf2/ 40 KB
10 KB 221ms
153ms Script
application/javascript 34.117.1.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/v5/rediff.com/rf2/index.php?t=998
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.1.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.1.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f35316cd1c783e3cc84bb1c407d12cd7a54d0151a8a54142c3e7337a40d4093d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: application/Javascript; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Oct 2023 07:06:30 GMT

GET
H2 200 index.php Show response
cdn4-hbs.affinitymatrix.com/v5/rediff.com/rf2/ 40 KB
11 KB 98ms
20ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/v5/rediff.com/rf2/index.php?t=998
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.6/6.5.25/v2fra1-www /
Resource Hash: f35316cd1c783e3cc84bb1c407d12cd7a54d0151a8a54142c3e7337a40d4093d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-version: 9
date: Mon, 09 Oct 2023 05:30:59 GMT
content-encoding: gzip
x-real-ip: 2001:1b60:2:240:3247::5
server: v/6.7.6/6.5.25/v2fra1-www
age: 2326
x-tata-request-id: ae95517c83784d03ddfe0700687d5d9e, ae95517c83784d03ddfe0700687d5d9e
vary: Accept-Encoding
x-cache: HIT,v2fra1
content-type: application/Javascript; charset=utf-8
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 10544
expires: Mon, 09 Oct 2023 07:06:30 GMT

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 162ms
161ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=333&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=b00e07b629
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:30 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 1167ms
171ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=880&campaignid=406&zoneid=274&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=264ea5a579
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=88
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 1335ms
164ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=883&campaignid=409&zoneid=277&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=37575886ca
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 1497ms
162ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=391&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=8ec30a8380
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 1660ms
162ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=6907&campaignid=329&zoneid=256&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=beef27f661
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 1821ms
160ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=259&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=9b1632283c
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=84
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 487ms
167ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=874&campaignid=400&zoneid=262&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=fbfd993c70
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:30 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 819ms
166ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=877&campaignid=403&zoneid=265&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=d3d04139b0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:30 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=90
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 652ms
164ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=5975&campaignid=399&zoneid=271&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=3dd9c9597b
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:30 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 319ms
165ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=5967&campaignid=397&zoneid=268&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=fb64e538d8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:30 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ 43 B
463 B 986ms
165ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=5977&campaignid=374&zoneid=315&source=_blank&loc=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&cb=982b633a47
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=89
Content-Length: 43
Expires: 0

POST
H3 204 AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 32ms
32ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1yKvWsgTTnbbEnWeVn_eBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-1yKvWsgTTnbbEnWeVn_eBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rediff.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wKWbBfXPHelAQcdgfNpNww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wKWbBfXPHelAQcdgfNpNww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.rediff.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
35ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtS9oX3ZrdhhcH6qFNwVV31OEKAcVHR4gvs2Uc-YTi0kelILPoiWT3lLi7Sxwn6HHuwSUBf8lZAEQVNNnldkcP3lBLFSO9pZeXzXO2mig_EVwnQ1-eL1uCTkJ27k-DhZVWUl5LnA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pdaaE48inJsTOOoaJ4ZkVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-pdaaE48inJsTOOoaJ4ZkVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rediff.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUGOWk74R8pJEr3uFLXT3DpWwDaAFzrcZxl9VkLAIyAcNEr6mLOxBiRtEebGgMo3VvJdilJUS-HK3nZ35hy7unAzWDM6ECdg1GWCeZyrSXqq0YDXceFzB3jCmDrRaHEj0y4cuJeUQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUGOWk74R8pJEr3uFLXT3DpWwDaAFzrcZxl9VkLAIyAcNEr6mLOxBiRtEebGgMo3VvJdilJUS-HK3nZ35hy7unAzWDM6ECdg1GWCeZyrSXqq0YDXceFzB3jCmDrRaHEj0y4cuJeUQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2ODMxNTkwLDE1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnJlZGlmZi5jb20vbmV3cy9yZXBvcnQvY3Jvb2tzLWhhY2stcGF5bWVudC1nYXRld2F5LWNvbXBhbnktc2lwaG9uLW9mZi1ycy0xNjE4MC1jci8yMDIzMTAwOC5odG0iLG51bGwsW1s4LCJJU3VBX0ZMUzB1SSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFs3LCIxIl0sWzExLCJbW10sW10sW11dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9013248fe77b3f4263f2369b0bbffe2665e2d5c8e11aaf96778d256461fcdd6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lM4nZ1mxG2rcCkqERiSMag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lM4nZ1mxG2rcCkqERiSMag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AE97 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?S-LDlA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 20:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34365
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 07 Oct 2024 20:33:45 GMT

GET
H2 200 affhb.data.js.php Show response
cdn4-hbs.affinitymatrix.com/v5/hvr_man_rediff.com/ 65 KB
20 KB 25ms
23ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_man_rediff.com/affhb.data.js.php?t=998
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/rediff.com/rf2/index.php?t=998
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.6/6.5.25/v2fra1-www /
Resource Hash: a40579d18f3acb5aebb4cf0976354a7baca4ebd40cb8e9b24d6e58dcb72f7510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-version: 9
date: Thu, 05 Oct 2023 15:41:43 GMT
content-encoding: gzip
x-real-ip: 2001:1b60:2:240:3247::5
server: v/6.7.6/6.5.25/v2fra1-www
age: 311086
x-tata-request-id: 8836f007ca391b648757be18461ded11, 8836f007ca391b648757be18461ded11
vary: Accept-Encoding
x-cache: HIT,v2fra1
content-type: application/Javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20483
expires: Tue, 08 Oct 2024 06:06:30 GMT

POST
H3 204 AGSKWxVjMCBj_tw1LdGciAU5k89pqKBsotlfjh1W93tZmNOOBUZBXl12FhVYET4dsCYPrXY0cvbfnG0NGPa9K0Lp8xiyfYFlOmuM2S1E3d4cqgyCDzT-tcb7V1GPGi5hwjyABIIFLwps1A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
33ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjMCBj_tw1LdGciAU5k89pqKBsotlfjh1W93tZmNOOBUZBXl12FhVYET4dsCYPrXY0cvbfnG0NGPa9K0Lp8xiyfYFlOmuM2S1E3d4cqgyCDzT-tcb7V1GPGi5hwjyABIIFLwps1A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-83HbPl8i6JUJHgK_nsSFJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-83HbPl8i6JUJHgK_nsSFJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.rediff.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 100ms
93ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_man_rediff.com/affhb.data.js.php?t=998

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

446b80aef2b8c6411be2e0f3a1bd890efb5c400e9f993e30778149a69e51d5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29548
x-xss-protection: 0
server: cafe
etag: 78 / 19639 / m202310030101 / config-hash: 4974023841911941900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:30 GMT

GET
H2 200 prebid7.50.0-95e3911895aa08ff2ac2d07c547de0a1-cur-sch-gdpr-ccpa-ucrit.js Show response
cdn4-hbs.affinitymatrix.com/app/pbjs/2023A/ 347 KB
132 KB 21ms
21ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023A/prebid7.50.0-95e3911895aa08ff2ac2d07c547de0a1-cur-sch-gdpr-ccpa-ucrit.js
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_man_rediff.com/affhb.data.js.php?t=998
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.6/6.5.25/v2fra1-www /
Resource Hash: 98f444de7fa108725f957cc7e358e406375e80d14abae50360bf906a94c81f58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-version: 9
date: Sat, 30 Sep 2023 19:10:41 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 16:29:36 GMT
server: v/6.7.6/6.5.25/v2fra1-www
age: 881713
x-tata-request-id: 446b1ed3cb09d7ca3f86db37f4b7293c, 446b1ed3cb09d7ca3f86db37f4b7293c
x-real-ip: 2001:1b60:2:240:3247::5
vary: Accept-Encoding
x-cache: HIT,v2fra1
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 134532
expires: Tue, 08 Oct 2024 06:06:30 GMT

GET
H2 200 cfg.php Show response
hbs.ph.affinity.com/app/ 148 B
255 B 133ms
133ms Script
application/javascript 34.117.1.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/app/cfg.php?d=hvr_man_rediff.com
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_man_rediff.com/affhb.data.js.php?t=998
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.1.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.1.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 102aeb33a77e03fcf47d060dbaa2e9e7e05d31b8bb4b56fec289a67153d681e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: application/Javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d3d3LnJlZGlmZi5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 105ms
26ms XHR
application/json 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnJlZGlmZi5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:30 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=30185
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 17f7f965bf4afb0dcf106623d8ec6fbd
Content-Length: 15
Expires: Mon, 09 Oct 2023 14:29:35 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 23ms
22ms Image
image/gif 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 06:06:30 GMT
date: Mon, 09 Oct 2023 06:06:30 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 72ms
29ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231009

Requested by

Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023A/prebid7.50.0-95e3911895aa08ff2ac2d07c547de0a1-cur-sch-gdpr-ccpa-ucrit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

650ae8f7c90ede05991a1fab60aaf04c8f04d82f9470c1b37f9e46af27793002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7538
x-jsd-version: 1.0.1837
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4573-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"640-WMXXL644BJGOS75wQ8RzfSxrGeg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUl1R9lpKW5P2hLQVH6lCeRveQl9c6lkYjfz4SdpS2q7%2BYwko0B8vEKzEPmk3e4GHZMw4zxGC38E2Sd2K82XWeUnqWjX2uvtZ5axA9kQsh0q%2BG9APoAedsu71iIyDA0ghMtEmg%2FfEMAGnq2dFUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8134701fc8593a44-FRA

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
16 KB 669ms
667ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=82716926715922&correlator=3812127741008470&eid=31078603%2C31078529%2C31078602&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=21677187305%2CRediff_ROS_728x90_ATF_INTL&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C750x100%7C970x90%7C980x90%7C930x180%7C950x90%7C960x90%7C970x66%7C750x200%7C728x90%7C980x120&ifi=4&sfv=1-0-40&sc=1&cookie=ID%3D06deed25cae3450d%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MbHWohMQfYE1zyOj-URY3_7BlYjOw&gpic=UID%3D00000c92fa5f1a97%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MacouBpkpCCxliWTF9yLLgjIfx-Vg&abxe=1&dt=1696831590387&lmt=1696824390&adxs=315&adys=203&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=true&dlt=1696831584537&idt=5805&prev_scp=author%3Dpti%26url%3Dnews%26subsection%3Dnews-report-crooks&adks=1179352869&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44bc31053f9d2df157797db845dc930b30b469a6e435db21d46b30c58f9046f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15818
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rediff.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
40 KB 377ms
376ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=82716926715922&correlator=3812127741008470&eid=31078603%2C31078529%2C31078602&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=21677187305%2CRediff_ROS_300x250_ATF_INTL&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D06deed25cae3450d%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MbHWohMQfYE1zyOj-URY3_7BlYjOw&gpic=UID%3D00000c92fa5f1a97%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MacouBpkpCCxliWTF9yLLgjIfx-Vg&abxe=1&dt=1696831590394&lmt=1696824390&adxs=288&adys=360&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&vis=1&psz=0x0&msz=336x0&fws=0&ohw=0&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=true&dlt=1696831584537&idt=5805&prev_scp=author%3Dpti%26url%3Dnews%26subsection%3Dnews-report-crooks&adks=3822637794&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5f90f4f3797d6fac1a0bc20c9380cebae74231c403a248144c166509b2464a4

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COHexKGm6IEDFY2SgwcdNd4CyQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/8056895536743055360/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COHexKGm6IEDFY2SgwcdNd4CyQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/8056895536743055360/index.html
date: Mon, 09 Oct 2023 06:06:30 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40634
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 894ms
893ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=82716926715922&correlator=3812127741008470&eid=31078603%2C31078529%2C31078602&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=21677187305%2CRediff_ROS_300x250_BTF_INTL&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=6&sfv=1-0-40&sc=1&cookie=ID%3D06deed25cae3450d%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MbHWohMQfYE1zyOj-URY3_7BlYjOw&gpic=UID%3D00000c92fa5f1a97%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MacouBpkpCCxliWTF9yLLgjIfx-Vg&abxe=1&dt=1696831590397&lmt=1696824390&adxs=288&adys=655&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&vis=1&psz=0x0&msz=336x0&fws=0&ohw=0&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=true&dlt=1696831584537&idt=5805&prev_scp=author%3Dpti%26url%3Dnews%26subsection%3Dnews-report-crooks&adks=2326695374&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aa77b87600f346371e78c8f44516a4721231eac555d391b27599c3f83e0be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11825
x-xss-protection: 0
google-lineitem-id: 5239818466
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138296911000
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 418ms
417ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=82716926715922&correlator=3812127741008470&eid=31078603%2C31078529%2C31078602&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=42115163%3A21677187305%2CIP_rediff.com_ALL_300x250_BTF_Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&sfv=1-0-40&sc=1&cookie=ID%3D06deed25cae3450d%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MbHWohMQfYE1zyOj-URY3_7BlYjOw&gpic=UID%3D00000c92fa5f1a97%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MacouBpkpCCxliWTF9yLLgjIfx-Vg&abxe=1&dt=1696831590399&lmt=1696824390&adxs=288&adys=1603&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&vis=1&psz=0x0&msz=336x0&fws=0&ohw=0&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=true&dlt=1696831584537&idt=5805&adks=3060647460&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09d69a08a5693ec24f2f87cc1dab4890f7b523011eab6a89e7f9440f920a6727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9924
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 565ms
564ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=82716926715922&correlator=3812127741008470&eid=31078603%2C31078529%2C31078602&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=42115163%3A21677187305%2CIP_rediff.com_ALL_300x250_BTF_2_Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&sfv=1-0-40&sc=1&cookie=ID%3D06deed25cae3450d%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MbHWohMQfYE1zyOj-URY3_7BlYjOw&gpic=UID%3D00000c92fa5f1a97%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MacouBpkpCCxliWTF9yLLgjIfx-Vg&abxe=1&dt=1696831590401&lmt=1696824390&adxs=288&adys=2793&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&vis=1&psz=0x0&msz=336x0&fws=0&ohw=0&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=true&dlt=1696831584537&idt=5805&adks=961891627&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dea5408288eaeaeaa6e91afd0910a6f019012f1172f27d392397b6c25c7792b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9810
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
15 KB 807ms
806ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=82716926715922&correlator=3812127741008470&eid=31078603%2C31078529%2C31078602&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=42115163%3A21677187305%2CIP_rediff.com_Desk_728x90_AP_MessageBoard_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&sc=1&cookie=ID%3D06deed25cae3450d%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MbHWohMQfYE1zyOj-URY3_7BlYjOw&gpic=UID%3D00000c92fa5f1a97%3AT%3D1696831584%3ART%3D1696831584%3AS%3DALNI_MacouBpkpCCxliWTF9yLLgjIfx-Vg&abxe=1&dt=1696831590404&lmt=1696824390&adxs=435&adys=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&vis=1&psz=0x0&msz=730x0&fws=0&ohw=0&ga_vid=195423686.1696831585&ga_sid=1696831585&ga_hid=297538792&ga_fc=true&dlt=1696831584537&idt=5805&adks=1375657871&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a72648ebd89ba074e7d9c7f87a17c3f493a3b6874c910252958ac29858e7b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15718
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rediff.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BDE3 6 KB
3 KB 104ms
30ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:30 GMT
expires: Tue, 08 Oct 2024 06:06:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 98ms
27ms Script
text/javascript 2600:9000:2016:ee00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:ee00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:08:43 GMT
content-encoding: gzip
via: 1.1 a1c4b15d670dc9e4a6cbea1be6412324.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: HAM50-C2
age: 43067
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: yR3aPCB_ij8wOUiKEenGwXGD47ks94vmips36TOVR--RpPyL0YNJww==
expires: Mon, 09 Oct 2023 06:08:43 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 381ms
119ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=14620092101291292165521866725125240618368056600388018158715073519271&nc=0&tsf=0&tsfmi=&pv=0&cb=1696831590666&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=604957648&at=&bid=e30%3D&di=W1siZWYiLDk3MTNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NTIsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMjg0%0D%0AMzE4NTIxLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCI4LGVjWEdYMTlubnJ2Vk8ySmRsTmh4QktRa0x2U0ZkQVFCQ2xo%0D%0AMTRWVVZGQWxGNytDQUlxWFJCRkNFMTZGWWtvVlVwQVdoQVNJRDJrWjVOdFUrNjliLzErNTg3Y3pX%0D%0AUkpBUGxHbDkiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJrZXl3b3Jkc1wiLFwiZGVzY3JpcHRpb25cIixcIm9n%0D%0AOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFst%0D%0AMTQsIntcIm9cIjowLjAxMjA0ODE5Mjc3MTA4NDMzOH0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFst%0D%0AMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1c%0D%0AIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixc%0D%0AIi1cIl0iXSxbLTIwLCIxOTU0MjM2ODYuMTY5NjgzMTU4NSJdLFstMjEsInlrU1VPNVRYIl0sWy0y%0D%0AMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7%0D%0AXCJ0amhzXCI6MzczMDAwMDAsXCJ1amhzXCI6Mjk0MDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0i%0D%0AXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwie1wi%0D%0AdlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2%0D%0AXCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUs%0D%0AIlsxNjk2ODMxNTkwNjMzLC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0%0D%0ANC02Ni0xODAtIl0sWy0zOCwiYywtMSwtMSwwLDAsMSwwLDQ0LDM4LDY2OSwzODI4LDIsODU1Ljks%0D%0AODU1LjksNjg0OCw2ODQ5Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNj%0D%0AYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDNdIl0sWy00MCwi%0D%0AMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEw%0D%0AMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiRXVy%0D%0Ab3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJi%0D%0AbmNoIiwxMzddXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A640%2C%22y%22%3A1757%2C%22w%22%3A53%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=ZXSx6IMgi7&sdd=%7B%7D&pto=6882
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 70d0368bca7367312943b2020e0394e97f80dfe6c769e75d78cf0f733afe4a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 09 Oct 2023 06:06:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1814
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=82716926715922&bg=!mpmlmdbNAAbjlzx0w5c7ADQBe5WfOJq3vfMjS3RTeR4I8pSt2t-9qyo7dF401E_x_HoaBMNiYrD7pv25uRRjNpmgdnpfAgAAAGZSAAAACGgBB5kCuj19TVEWCY3Bg5QmzAADRoOY2lVKLEzNyKdhikfdR9AFsTje3C8VIyyiUPuw7qlsNe0Xc4l8bQpYISIVeVfqd7NnMp0PaJzNvTeFl8lFhe9CQZm8FW9uMy94Xc67e409snehcd8NXA5iP92iIwdguxQaD66VLNoBU4UrGUBf5430seJFy6pmSEojZz5P5w78Chb_gI4cwTk_-zU6hThsdu0FYVco3q9euP9gzFnmac5LKv_tzjgYqq4pZkXjL_aItXT1P6cOoD4xw_trblRwRZs4IRyTkmX0Te0u9L1ZMcSsRfNxCf_QNqYDNSwFNhpCSB6ri1ESDUuSBbRKk0Xos7xkY8mUtU-oAaq-v4znHnYPy-7GRF5U6b2ckOV37VLA9ypvCjtDtMZrQeKFxe4YGbwky-4iLVJuNQfPcplqcxLF2hL9hltCScg9N7nFgitUD2quJnDdxNe3dkZgHmi3EOlKvoJJUcycMIbMu334bRCZEArOfNmp2TYmi6pL3kHSvQrxA_osKb2gCvwF871YRpdqQ9WJvVclLBHVTr8ezY6h36ycsRO0PU4WHxAwgkFZyISSarmRT65MgLfldeYKLYJ7IYZAj8ROuuHFtPlHPXYNq_F09ku0h2eyk_ILCp_W7wtHSGnh8nS6LQ8R3-QsS66QodG0qQV_5MKwaay5ij2JFxktlp5SgKAc2X7Qla1ppGGXs7BLG5zGl5H_4bo7Ht6lCaBtpZhOAFCIxemsBp5O27JN4wBpCRvm94-PvUg3iVw2OYKGlfgSvmjMMX8MXCTodk0fD9XMTjF-oECV4vaGZwR_w8TTWiXyVQQPYYPp8ScXaGiFQBU6fSnJMRrKI674eIzgBsZKkoa5HOf2HKfaG-nllOyWq_QyVoI_MntvyGCdvksMIqealkEVDalTk4jehG3WHIV5oCSi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 container.html Show response
7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D340 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:30 GMT
expires: Tue, 08 Oct 2024 06:06:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C6E3 6 KB
3 KB 19ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:30 GMT
expires: Tue, 08 Oct 2024 06:06:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 3290 78 KB
21 KB 28ms
27ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6956d2bcf831148b894f41749b6c1d6c2ce9a03aff163c7460429de1b4baf10b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 239741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21014
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 11:30:49 GMT
expires: Sat, 05 Oct 2024 11:30:49 GMT
last-modified: Mon, 08 May 2023 14:58:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 104ms
55ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CN_WOZpgjZeGTG42ljuwPtbyLyAzBqqXtctbOuIHDEWQQASDp4YBlYJWKnoKwB6AByo_U9ALIAQmpAs4bsBDdwrE-4AIAqAMByAMCqgSVA0_QIaejbE4Gb0Sjqg7e2thAW921PKul2qVE8n9MsLNs0GWzjnV7J-gwRvA99esY1t4UEWc_aUzsL2kYtaR5hcUXA3ivdoLm2HU2UwdaMRJqeWG4ampJxpr1ycCjYo5LLS01A3_4jFIngn3u6WoHTFy5DTvN1ho6gmDMCUCiBibHR5E0XdX86fl8ruo7w3LWe7aD7Hba1BF0z952iJS5b0OewjCtdUvYvOCD01JjBFtxfCj_CVyNbMrt_-lHxJXpNw_hdGJwzfAbZ28UH57XH8ANP6hhVDi9SwRqXkDOWjw1qZApifNMYK4SaOqpP4486S9f1YXnNIMtc_l_2El-GTAGzhngNddSV9LOJX4bLTXBMPi8ytNXN8vPBkuR0k4PXwUWpFpidIhSQo5pIcib1ChRwnnxmlkJez2DPFlm2Ol94FVnEKYmGiEcLUWOHvy0tNp9TAAxhrHlK32CPjfWUaWKnWU2JzD72E9kboZLXR1C0LAcSQhAk1H9fmcjBT5IDfLqEIcTIaO44MQj0Kess8xP8rCIvsAEsYWpk50D4AQBiAWzk-mLKZIFBAgEGAGSBQQIBRgEoAZdgAee8KuLAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMjxKNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCR1odHRwczovL3d3dy55b3Vyc3RvcmVib3guY29tL4AKA8gLAeINEwiy6sOhpuiBAxWNkoMHHTXeAsnYEw7QFQGAFwGyFx4KHAgAEhRwdWItMjkzMjk3MDYwNDY4NjcwNRjZpWs&sigh=1zR4IBvb84U&uach_m=[UACH]&ase=2&cid=CAQSOwDICaaNO838nySXifDupsNZqNI5Yu57Lj9yw35PFjfuSkbbOEYgKutmUHX9B4BtFxUzOyj5qGcq6fLRGAE&nis=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 06:06:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D340
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CN_WOZpgjZeGTG42ljuwPtbyLyAzBqqXtctbOuIHDEWQQASDp4YBlYJWKnoKwB6AByo_U9ALIAQmpAs4bsBDdwrE-4AIAqAMByAMCqgSVA0_QIaejbE4Gb0Sjqg7e2thAW921PKul2qVE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224368169665277042156%22,%22debug_reporting%22:true,%22destination%22:%22https://yourstorebox.com%22,%22event_report_window%...

0
0

53ms
52ms

Fetch
text/css

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224368169665277042156%22,%22debug_reporting%22:true,%22destination%22:%22https://yourstorebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22781518794%22],%224%22:[%2210-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211079872487082177089%22}&andc=true

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4368169665277042156","debug_reporting":true,"destination":"https://yourstorebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["781518794"],"4":["10-09"],"6":["true"]},"priority":"500","source_event_id":"11079872487082177089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Oct 2023 06:06:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4368169665277042156","debug_reporting":true,"destination":"https://yourstorebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["781518794"],"4":["10-09"],"6":["true"]},"priority":"500","source_event_id":"11079872487082177089"}&andc=true
access-control-allow-origin: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame D340 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:36:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D340 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D340 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EBCF 0
16 B 67ms
60ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiA4Z3cATAB&v=APEucNXtGcVsw2_E7ywg1EEt--xJp7pY5kQnMaTFE548zqFCvNPqQl5iirBa54CnP9bpEOLTuZTF2jsNJzDMZ5lAlLSG1bq9tg

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C6E3 89 KB
31 KB 110ms
105ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6E3 42 B
63 B 59ms
54ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWfrph2P3s5Oym0pATz6rdub3BzEnebWa2cdIGNagJrHjMo88NfWo88kXW2zpcxDD7csFKE9Lp9Ensxifv6K8MMHselBSkMGAWBew57kJZlgHjpOI

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6E3 0
20 B 59ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8023144387744820806&x=1&ct=76

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C6E3 3 KB
1 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C6E3 20 KB
8 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6E3 0
0 35ms
31ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSW9rFOii4plUzofoh3cj6MbiuZsABTvXt79QTwZGW-h8EoNw7XMoPC2T5lfXrt_vK_Xx9C
Requested by: Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6E3 187 KB
59 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3290 7 KB
760 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular|Arimo:regular,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ac53c3845a5de139b3a50f23e4ef5d0871565618884637aa9fef608954d405e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 06:06:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 06:06:30 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3290 16 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 19:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 09 Oct 2023 19:46:05 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3290 34 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 02:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Oct 2023 02:28:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D340 0
0 31ms
31ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTF7pzNDcIef2QtH1dnVx61Tq3nID-4ZKgFF4e4wmzmkc5qiZj-6933pAve1dzlcEUt0RclnP0G4HnVGLdvjfuECtjp0w
Requested by: Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D340 187 KB
59 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:30 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 744ms
107ms XHR
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696831590919&sessionId=fbee4d15-ee42-a1df-fb68-9ddc62a8a7a8&url=www.rediff.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 946b5b20473fe53279c350f4f4efbf0c
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 7 KB
3 KB 245ms
160ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&srcUrl=https%3A%2F%2Fwww.rediff.com%2Frss%2Fnewshead.xml&idx=0&rand=18993&widgetJSId=AR_5&va=true&et=true&format=html&clid=fbee4d15-ee42-a1df-fb68-9ddc62a8a7a8&fdu=www.rediff.com&px=640&py=1757&vpd=557&cw=53&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010477&sig=ykSUO5TX&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9437938ac45cb68a27c8dc9088b7393b02462270474340cf9a79c1fcfbe9af46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1696831591.020630,VS0,VE136
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21983-LGA, cache-fra-etou8220092-FRA
x-traceid: 92f8e8d523a990ed5cddc3a5af07c895
accept-ranges: bytes
content-length: 2706
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D340 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc037eb0f4a061b83c2ba40a7accd29bfc8960f910ebd3eeb5b81b900592abde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 3290 20 KB
20 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Arimo:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:25:25 GMT
x-content-type-options: nosniff
age: 301266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20040
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:25:25 GMT

GET
H3 200 container.html Show response
7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55A4 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:30 GMT
expires: Tue, 08 Oct 2024 06:06:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 345D 0
16 B 64ms
63ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnsBxCgu8sBGPyF-9wBMAE&v=APEucNVy9TDGGR_7VTapiWBa0PlnM53YiUmvPTLcKIWkIhkWXorDQ5y8PGAM0gg4bzYNx81lQNPCOTMKAZzOmvZ_Umofn0cBSg

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 55A4 89 KB
31 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A4 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPfbgl3Rl9tMFcUs6yeAJFKmAWZMWjObh3StKy2qvEs1TPmEovVautK51DsQs3wGUTi_30hCCK8MyVTzox0Mb7NHhS0gvGqhGWvFtAx1Hinct4Qr0

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A4 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15212241713647177938&x=1&ct=76

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 55A4 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 18:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 18:58:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 55A4 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55A4 187 KB
59 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:31 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6E3 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=245559845854&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6E3 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=245559845854&version=m202309260101&ct=76&x=1&cor=8023144387744821000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C6E3 80 KB
37 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGWhpyrVi7XjHQOxjaRIaiUEtYQKNf_n4BsFldoyworefay0c_6JSSASo297wHz9WoNP1BnEkBuCNhbKSACRAgr-QPmA&cry=1&dbm_d=AKAmf-DEcZaAvmXT4JHhWL1YQ1T8JmKnrediGaUokrTbb49xAl5bSpRSBnJ-dpoApjkFrLGi__aqlupaq7sKb76Hid5ygMq424YZFx7fyRz_nP3i4Iov8Rk387LKIIqsuuxeJyFEJvK6n3Va-h2NfbN5qhfnw_-D15DM6fVf_MV1Qtv9lvkNBtJiU0ttwvVn3s9lQs8mIC-fhT_GZdUeZxEiE8s-KPxwTujRZX5aV6GWRKB90Bk1PljqPWXdkubxl1pFw2jE8NBj7jJCf1Cua2LbkvKy_dYBLVq4yd-vz8vljV-SzjtgB5wzRrKVgqpFP35ORh6ekZ6SvRmkdadtv_0kXk3U8JkLX9QwEGCuwv2Ksu-4HRnWdVPjD9-rDCqXEZKGYDmzrwedVcMQcz1peqqn8ult7b6BBZH5UyhFuFN0JtgPzJQ79LtBkbLn-ZgJr8pdid0xTqC-FFCrzbr1oMEY7wnLPZw3Ubqt4pHyKNA97i60GzzobdgVHiJq0hklo3uX_fTcsUcAtr8uUppsVntNe6NXkiWaisH98CxbYbsLnX8H9ZudF7hd0QcDA1VTfrcPWTs8LRp0sRuxw3I6YhqsW_1RZMvP8F77tnHK_cMj_LiBzYn_hQbxUqCqENjnSu-93J0RRu6nbCq4FNGT1HSVYo0t0NMxhldzEM1gPKU3wN4QxIBNcbxBz9uewVqAhy7FgnNNM3__8nx24G4pISL4KPT1px_uqBaLQWaKqT2lRT62uJgbzyZkUE8NU3GWo8idP31lJSevg6L27NaRPP2hJ7MeMz5nzyFvbI5zIUH33sF5mYPY7DNCmhMsa2XgTFNTlqN3wPBNJnwVY_MOrAxnBeFVhZLUWg3oGYunCxVOuvm4aM3mmVEMgAeZ7WJoPf4aSH0TmXaACrVNb8Zh8q5-o6yLVXn1011qYigixpapSLjrkVa3bReH2dVtYZW2VUUsqV0uULmcHQXecckvVpBBOvNXfM59FznJbrXu7tLgapRwRmxMMEF7HS88ktgDWZhczyAbx_UXvkoQwu0Ak4prtXOWhqqdgkYfWiO_nh3eHXLexZ2UiMqaDzYUpN-VvPSJgyQuQf07znO6qQoksPFiZdHfYezkpij0c46YuJe7SSZuax-yEPWRqy6LqVk475tuF96EYBO5k8AS4SUMwmTOpEk1wFq6P-GK-om3ETMkB0H29m2FcN_RiNCUbzho0rAeKiWq3ptQwUbshRrivAxtQWM50qN6eLuW7yu6YcUk2K_wMVeHwI-G6xQU4f3qzjQuTmjhN30V0hWLy3Lt9YJabTCfSnnmz1bqc0tX_kpKQ8V-gSiuK-H7TvThYEcFd0YkGaLErINt4y7ByVAPZ-AjsnIYi0TxQWelzdSmmqwVgxqOBBwo8IM04_ExxFStl93UnEtmLw0xWdVvVr9U3E4JOps94X07PClGf2ctPwjFb8sFNCfyu6tSUW59IUQ6GRZB1-Jtq2nXhK2bMr8i5Jon8bEdRUg3kG_g3_Onvv2cNYpJBSF5MlT0Yo-nVOwJyFwm4Xwj21kb2SxN55GcG_Mbtv8HaYf8rdPijPx3GWnv-cq22FrImnRImkLXN0wxCaiG1L52AhPYI4Z0lTABlS4m818_-OESklbSMw3tL7mdTC83MWIHbq1_5h08jCyPDxMMdRkkv0OuhPpbrjLgxYgyfvhDoxkDbsRNz_o4fe2K5q7Aee-ZPZ2OYQUDlYPq3iggvp0PVfVCYtG2ePhwzlYORIm1Z5KtFT6MKCommS3WjPk7957fpi_JGLgGzAdqGDUwzQphG7LL8TFxShnVA8LQvC71AF4Uv3rOCqklxz3YtszO_6qJ9FbNxRQiF_FkB4g3IZBxEO9pTtMhIr1GIimXaT72ZMUHymy4Lbrm_YX2x7rGzF1aQc1l47zLbqOpgCMZEjJnvWThxvAi3M1Zc1A60Zg2P2y8Co34Tbbl4iPqAkt_wDANicPLPJ34YjVjqT-wpa4JxyloUtWNOJFawcZwUClSAWXijzxIgXV5IAeA2pxxVe5fonoLlPl_SvHe_BriLVwQmWInzAtMRzX9YFfbCqsMu62Nhu7RrcdVufwRpxefJ26sAnP2-ndpPRmvvr6Nf9rM6tLhqLFPkO7h2zdi-Qm5fHcV8xJgpudrMFhlUig1HcKD4kqbXv1fgZJIpMW5cGv1p9Ly3NdRBigcdRowy1q2FgCcB3qPbgw9lglYmWM0ssr_Fn_1jeF2HqQi-duJaxJ1uomndFhBszQMcHI-7myrFdNBvsxAwKotLPNDYG5EU0uunXvfZc_tTk_npGsnSBapswA1d2tZjNWE9QZXiydiHB4tAmtenwk3GM3RM1eWXxGnPBDxfAkrSZZex3sIjstxsQLFlbURoHAyHU0D_ZNIzXaNHWwV9TAjBZQrTc0C9xUDImAGv6lH5RODPEUMMIkc5mFJEP7-EJxdUxyNTXwBmpAQSmLj5PwIpZrE_aypr6ZLuD4mU0fIpukae4kTsfuhh8sUbB6zVQryVnSPoJs5wJ4vY2kbxwvSKzcAdJ2kRT5PpWifbeg4x6KuLH88RhQaPSlI8CbOg-NpK6UH_3Uw2UIKvhCCiOuSZaKd8Nynq_EhF-ASVH1JYqUyXwBuzxeZb8NST0BgQa8xBz5u_yVkawgpJhxB4OWvp9hKFEGsz_R9Ti-rAOYHWx2rxu_i2dydLHxFoRK3LurvoFddVZqOPAWbTu5_5YJOLfZLS8XQomxwnDE2Yegzgj8DGsv-47HuSCQKfERWOL3Zs2n-uuiior7B5xPlS0WfFFt--4hkgX0Q8v3-usXdFp6SBw6pJpXqMIbGUaQ9Au-GIXDWGYz_ZuH4Bhae5A7o3IQed8ucysD8JECrZWtV4JMYXstDibZz-JNM5Mwwu3Dfr9YYCdy82I2cLtTbjxiVaeugfRFROwUkUT2HtUAGBEUSBUD7rWaw2KCvTex5e2gLdCgBF14taLNd50Q8uOmDLDRcm-JW8WaDTWMpYvIyCW0rLYC4mm9JV6e1aGwYMas0-7ZySAAWse46oRkomi7J31_TnKVdMM8L7af4NVgQL9y3EB838nTU7emKPXuk1lpCPbec-ri7fdAya2X7wqLyrLW7QwWDj5acyma8PQqBeZbg2P-6TWYMGv0zaCER4P2PwsMcm2FiRXs_TyqByPLMF2QeMjZh2Xd2fq9vCHfEv0YVbR0GH8UtZWhDZzs4F3JTYkkpTBi_uVtL3yI7hblEdWyejktM2RRdqlSjwjzyruzZqJMzbmuml7KkGA2g7-yXGMG8hh0nIyDK-sdMa6L472HyGm_J8WlUZaQ2mrPJ6XRqV5omuD7O7_qDrLAKos7Tk__Lh2OdXwU5znGQGgQ4nbbD0rYAOo0IFjRyblEKSpz0e_Qv70e-PzWGm-jkJVG7lZ3S_8GoPiQTRzCmQdkysgl0hcj9GvzFx8sLv0q4t-gHinK5hvgKTube7J6WnsAvQ0odq9XSLo6Wb52SuruLD47APG4wWaAFAQpPziHMvX9ssHMKZsHSWfRL_b9wgxUkQVkC5_pGwfHcnVFAjGFUG0VVwLh2y2D3gpqFYHG4siTzg9HBQxrXAJ0ZOpwE1oPxSHqfiejgt7Y2KmKWgvKForK-8G-IoFTG6yIJBAcwHF9wr5mlSIlq0s7T25XSOjCwQa4eoKDWPRUCn7FQiXK_tet9uqRCc1C2Ou8MqSLExsu5z97P_sYrQARfhexW0bp4ucq8hUWJHFYbAHph1kHpDAGB7SdFb40NhS8bB9uY9141KyNW_61wbmwZGBJGZ95dENJoxrar-PmC87Fyvo-WTdk39n6lPZq4Nf6jH3RsrrK7gjbsqJcikH8jGSOCqSCDY9dTvG5FRA6XtWe-SbLRE1SLAIaeJvUtm-bLdjpXZGcYgP4hG0Tui8ccliDurjAp0I-w0o-v7vK4c9HVwh9mlO-OJaQbXWAFIAVhXi1Q4KR4unLi3SqPJVlM_edCf_h2B0poKqASqe2ZGmUShW05kEzgWOCHnPsxgR5J33167MEa-cSt0APZO789zsF8tjqddB9yErQn0BVQkgiViz1_Iak8Lx_YE0O7KbViwK5N2lnqZ7_2NFJ3Y1YN&cid=CAQSOwDICaaNZIjKfNU4YvNHNMbDgFvRgv5J9PuHW8nWD5lamvnpspcdUXdAjjfLcr7m6h1vrLCww1ylyoWpGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.rediff.com%2F&ds=l&xdt=1&iif=1&cor=8023144387744821000&adk=4188270525&idt=117&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6279f3f78fbed75f97404d2df10470430c7b92d1621a67be3df3b420ff4d6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 55ms
55ms Preflight
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 06:06:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 601ms
107ms XHR
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696831591064&sessionId=fbee4d15-ee42-a1df-fb68-9ddc62a8a7a8&url=www.rediff.com&cheqSource=1&cheqEvent=2&responseTime=650
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 965181aa8b5d234ef05cbea8208c2ec1
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
102 B 113ms
112ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001363e8cf36eb42839d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d75062f578afe6d6e1474fbf4d8fbd3aea25dd61c45085052aae2d05f91e46042cce5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1f08f77f6aa1931c7aefdcf264ec57a917f0dd07c74cccd17cc22a2984db7299779ac0eaa689ebea1023f37be4bcfb2c0530bad36b93b316b616435285590fd4d2d49981b2c527df21d6deedc85ec54d5814aa5f0ddb90c01f208ab325ad56e795499521fd28411a509737ed5a8a97fb24bb8169c349a7c19ccc7780191c2de84b011f6e4e78cca867f844d9c3ca28a28b74b0802bc88ff9e8308ea0ea526f6fc7e35d45d2f81b5919fbebee22b96dcbae09a8b167af2fff6cd5028a5dcaeb65874278bab3cd3069222240370a5a16a2e1913f901db5454c4028f8b447c1c05c51eca4cdeee97ec8ecf8eec4adfeb214112ef1449aa41b3291490e06de635d7070f567b2771bc5f7dc608263cb2689ad30cebb0485660921211e61159cc4f8c63f7d5586054395d1c5a6b1ca53059eaca07c96cf7378c4cf133c69f997c54b20b72785588307e23f9b12d3d40ef9ba32e19b94cf994762ece1277e8376a68eb2b70b9d6c34120388754250b1a75893f115ca999ec839d195d421042533cb2fb717f847b88075847712334b3e616da20fccc76617ca3085f9b16c87985f863031ea44603edca8c3005aa3&cb=1696831591064&cri=ZXSx6IMgi7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 logo-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 3290 3 KB
3 KB 20ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/logo-image_4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f55d52e9b2df0f21d26e6f32f8266eb5dd702f03f44e52127514d539abcf60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 03 Oct 2023 06:05:53 GMT
x-content-type-options: nosniff
age: 518438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3469
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 06:05:53 GMT

GET
H3 200 product-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 3290 122 KB
122 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/product-image_4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab6301d8bb2f355f676bbd2755549d01bcc2d6fab04e5f8378738579119f535

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 06 Oct 2023 06:10:16 GMT
x-content-type-options: nosniff
age: 258975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124968
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Oct 2024 06:10:16 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame D7FB 223 KB
62 KB 111ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 22:17:54 GMT
age: 373717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Oct 2024 22:17:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame D7FB 15 KB
5 KB 151ms
58ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 12:23:54 GMT
age: 322957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 12:23:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame D7FB 94 KB
28 KB 152ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 00:09:37 GMT
age: 367014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 00:09:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame D7FB 5 KB
2 KB 155ms
63ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 06:28:23 GMT
age: 344288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 06:28:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame D7FB 40 KB
13 KB 156ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:08:35 GMT
age: 331076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 10:08:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D7FB 6 KB
706 B 32ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 04:23:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 06:06:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D7FB 4 KB
655 B 34ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 05:49:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 06:06:31 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D7FB 2 KB
2 KB 26ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 31634
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D7FB 295 B
322 B 25ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 31634
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H2 200 14379026876617780569
s0.2mdn.net/simgad/ Frame D7FB 263 KB
264 KB 71ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14379026876617780569

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43c9e3a6f6597f00d484d2c96b7922c1eb151f0c16496f040ef855c8fc5f392a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 23:01:38 GMT
x-content-type-options: nosniff
age: 198293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269585
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:57:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Oct 2024 23:01:38 GMT

GET
H2 200 4281262366461888013
s0.2mdn.net/simgad/ Frame D7FB 10 KB
10 KB 69ms
20ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4281262366461888013

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 23:01:38 GMT
x-content-type-options: nosniff
age: 198293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10020
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:57:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Oct 2024 23:01:38 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame D7FB 42 B
64 B 49ms
46ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXEr8l3U8Q8nwbiBGEH55XmbyTGRGIiFOBVi2Jcsr5ZTkRUzFWRDpP0ahh3WYLexferWe3cXyMtjpqQXmxJwSwd-KQuvih0iWsTzPD0lqr_ILQHhxC6_p_n5bBfTFRYSJnBAg_KJL6efEYFpUnx7qekg-CpQ&dbm_d=AKAmf-CEtzvzfE1ObWYotYjmwDcRZUF9SyN-2P12K5cBKAnbBFZ3yB5ODzISEvH1gpT7PEwMVD8XcG6hYsRkU7vhabRfphfEfQbdlJK-H98DyhwEfioGkt-V7KU8pdB-exDKxqcUJX27S-w112n_npHAoAlL0uHGYvXO4JoFpN5OJ0wALPsHExQS8msT-4F829dKZ2O8KU88dptoAp8zhY8czGBOAqm_gRnPlZ2Se37Dw_ipsdu2gHwGwnubzV4vSX74oklkjEZr_58rZQBc1R0bML3RQW2UZwNS604GmXKoGwLya83m1ep886UQl8zKWEdBodeFtjgfPNWc78mJvmEBlUrxZ4t569BuMGsRFNDL-rBksjzh1mmuelfcS7ymjtAlCfSGIfQJdMQ47hkRM94SXnE4K6mXdJ7fUvlDyP0nZNIXBFy05HkCpmShWMv_VAOpkA0nxD2pcyMz1iO9sP3ZauOgg1jr88Jq4ZyOkFyiB5soyD3gxX4hSX1rl0t4zjJyHLJvrvFK3buvUurXcGCz31oKoboLmEP5Rzncfo5vwC1njS7jSm1K5m0yL2YghOluzbOhdasqkVt-0DTCoVe-meQ6l7A9BJvj4tF0fHcbDAx_Eqb-jxeo_qApje22LHArbtyiPB8ki8CcMtzUe1knJ0urykHZPY8XAAJ1EXzIBeFJPj0tF1fJp5qhiRzQqA2fSRgTm7epQxMJMgfn18wyJqEJ86LDX6i6FH9vaGwWNyL8uM3q-GdBbfOSK2ZXxu93v7EEsQumsHIwZmJQOr_LcH7sUHEfSW1uWlAPXC1cnhE35sdj29D1f_feVWwiLan4zXu9TX0JXkaVkM1GJwcMACJq_Ois-JYdNUBNLrqpqeK7J3U4xwb0w0JzS1Y3EKlXFXJpbfkXxJKsE_KZ7pSJOva_Sm3ZokUE3ocUgSayGFukh8qojNssKb3r-BKWNpa9aEjdod-yJVVBTuY0NDhgZshYtSOPy-7TY0x5OAdU2WbCWR-gSviM9_-2esTA8M1JJfnItUB3BYQVvdil8Ksg8fg09rDEsJjXOylTLRbX0ae0hwP58WWDf8xIp-bapnMnQ-9_dxJ2F5uqz8EeKnKrhwWwO1FTHBJM04x3ZJmM33tCeIP0w-53GAS-r_eYPoJ0VHLjjOoo2GUzNZE2yK2pR2mH0M1KnlvEkbLI76LNPckJl-BNU3ErnRYSJoOL9cNLbslP7A7ns3iStAMt4-Df-_WzPCRSlAsswL8UDDuYo8Bjm-1j8Q-9jWkQtFsuy8W8zo_bM4Dzw0GotN4eXvnAUUuGzhz3Cbgli37X7J5PXuIHJNKayiBLy_ShzP0-UxN4ANdGuUNHHKVlWQK0B3uImA5N0-zxJ2hiX1Mw_k32-tVQ_atXwEuDvvQlNuTmwANa3YzWj2l5eo4VptYmkyWHGY8m6YPjp457NdS5s_rBOtmK1R42wzbxF5IGZORQCs9bpPZYM1G_2uxVWkE2HPfkz6Ge_5rVdAM-SPMtroijF7DqC7PpcmS1gqGIExHJNonfs9paECUiBcWGJaZywXphL14RqJ2fRXhl0hCXVJQVzfo7oPA-WW7vLMzyXVP4spJ2ZMxGYLwU_RjIpOKkbMmCQ3Tpc5HgxwSvzcNOZgDnt52GgFhj2O4ZaP8AvXtxxl297RGcgUFzk-GQyM-opssHgLVqdzh31SxXzdBZiRPy1aZsXGCjgejjKWP9rsfpMu1Cb7ayEcyR_0-CAKKBRYrmGEnhaY2w4c8qWl7cS7EiHDwayxbrAyJvqfVnVs8HsPA9q7YvYGrdquLj5ZRou3gFNJxVnfBuhh5s6gP6IgyFn4prKN-0p2XxjBBPg4-KfT1Kifpm9kwMkdoJlE3s6vF8lKU7zeVq8KBKD_45yZkKbot_pOX4Yc4U65imc0A4N3gg_OQiM6QKzMw_YUKSm2DXO2Ew1OPOrwTDh88za4Of7rms9MAvzvnTJyn1gt_Wv4RU96yB4dEVqs7IP0o7M-06KTApoN9D_51ZLD3pJayXuWObRZIVUzyGaxNLDjdfTIH2Tog6EQo74ANB9ZbG6QASm5WkRUmDOFA1k7XPzotcXsmq_hl5ag9Ue0FwnnRy-_pQja9hV6XZAeY6FqXR2IZLN87W_FB0V-KJTGhZcnv5kQqJfF71WYfnuQ14a6t6drFuCvBykv2zMLqdRKZDYvUF6OolqcvtoM46XTQprvyCvmrkkAyi5j01RuR6xBqcQP05CJqcYYPsET7N5hxojiaUJHi3CjRVL5ySdBvqp72CoQ44p-GLDJjhohqmleha07MHira4e0iMLNBfTaybOGYsI4-DM8jH48oDiBr8wDL4HSaPX1UODynn2k5Efutrac8xq2Xjnnh1YwbiGx0SzTpVygUuIVO5nv6aNQDL6NmZIFusHYI_KxyfsGob3_2jqIbGnNxyTQmZzyBHJxKAvTU4Xaes5t2H9vAe68t3aPyUEp8Y62EAazzwGMJOY5ORc_qJtr6iGE14FyOjiaCwuVKdjyVC0LfgJOni_XfxqxTbsFtVRip0YJSOSnyha4_tLy9ANIIc4mxvA0oHN7sXEKQu7KW8reRqYwlzAhf7CBkeH-OsS7IGy_eWXOx-QP-c2Ct5AMqbzQI8_McFqfn3dAUu1svxZYruIPynVs7ip8unGGcdjpYm8kiA3JGogsHZ7JMF5lvmq6FtbKpUksBafafawCsJrQR3eqmNbGu5FYZ6-nsds62Ug54ls66X0yJizkKyAKs8ed0NezL339HtoQPvLl9nkl1mrpYYDmzpNgVP4JHDALk4620w2lSvIkE1oA-WNqlJXxszxO4XFWPy-QMQlqUhhIaMgn2JtVcTOEoluZdzr4NwLyPqlHDrbOmtGvb588-dgu5GXBV51W9fpVtjpRFem1Ryd0VTEqFwfa1NpAz9Kq0rhsMD330j6x3pAsr19gT-yIvDPcamPpMj0YHSRTINsqZKXFtDzFt-adAf4M1kIvDrYHRMWSezhKh7MwyI-Akt-9t-XmJ222mJJyN0FgobwQoi2a_E3VKEEDohXPEbojzYqpTm-xTnQufiyz5ha1d019o8Gka_2oIZFPOIJKWfYwWR12fR3Czd5xFbhpt41fJmRj45wBCTfGFK3Rpd50y35c3_VZZwAwgtYddp3p-shdeTRG1Xi4xqBs5nRRO42gfbZPdDNFr4Jw2mlSDgrqkrFoMfExsxmi6WOm-cm8NTgqEKEZUpkGsUhEgenqpTnMF8D-9S_tLwYK7dxM5NjWSWuUfinr72MUdNoDZsEGAIgZ5m138SoJ5lOzgHj0F9IshneHTUW4bqy7QcyKI4N_L08ihGasfBg47H9ilUf9kUGRLHmK_rfFWCLBCk5GT-iSh8q3MNa0mHyjMAbNU9bjX-OOdC2_834F1XHRhcxCmVZQSL_AkKSv0rv0M4y1m2KC5-3p8XYuoi9UZfT3o5DwlwmAJ8ihOl3SdYtlazxllwtXvDW2gf-KxwbfnbojEcXv9pvBpUlw20QDfr9KYagEaNSVm16HD9GZXkIAlQDzmZ1SA3LbWTvFspVE5E3zizPLaoowu_aytpoFYh6GaHu9FtSKV60e9aQiFqJOJnWjMk1wrwQvdJpQQRO10TqD0i80MUb1PLGwkRSfnO7YYNXyod7tXeEYW8Ri3xVAVQ5b7u0fbmpLfJCPaN50WkragDyeRAgzCcJJYVlQe9VDcxgzvwP6A08fBMVjyhZdSbsTvVM0HzvFl-MmxIPr7RgHYZl303Ame9k78Y-zCpDpYFDP-Bm9byZ34J4vzk8qRt0ihNu4akB6ZS-h9SrbpepbyoWiqB0YXm55ZvV02cWf1UHUHYD3GPtZqehWPEsdzIUS1cTpwnpulZPk5PmolUwDrMKhkYInyBlxdMI3VuEzaALz4jsrNwtq3MNb8rLoIuZjQwWzlYeSSDsNuU3EKHZqULsB5gPeprKfcw7lsvwSYLu_Z1u9SXwBwMvwGS2H5bY6Xw0pkPihcuy4sgWVibZmDy2U8BG1bi3ITXhVB94mcr81bjwkJcG3R2LxSQ0zLP4W9XNMRLLMFKWDi5Hu6RvgVVBINgRuCT7EVDcaQCYStvw7eAuMdvBA2IXqQP8nh6OJaJqwiu1vo4Vsaw1nU7BgKjGtkBVoEfbwkRaed5gxOJjsPNR21yckSusEXCqFlzN7xFds5_ZKRF4tnSiG_Y1cVxF5DzqFnRLGAdhMZ_-Mwkg_SuY4qXNooWhGTueIVeTRawmn4wWgkPLuJTRiSyTU8qiK4DdQUjGjEf8LrepPZbCf9R1TR5UOl1Z6miMnRRXGnMAk7mN-DuGuQHOIpLCTk8-isn1-aJMrjvkuBXR1a5JgZQZhrngz9swx8BUp-jbeKdjTOL3mnZ2SJ0CAR2JGwy086i-uz3xRVBX-0eQEonEiRlYtaT7RB3Vn8ek6hHXw4PM1HKIU57mOb8dy-ZKPcdeVlk7IMcEdKzdRILZzIPietWujq4P0drM5HrOonHjI9VlYnjJQ&cid=CAQSOwDICaaNaBPwdlIyNcjsCEbzrmjl9lG7P1g4m_F8dAdnQjRCy2zqLZ8WDSSWqhz4b7G9Q9IGf9grJ1njGAE&dc_exteid=31301018096194809608234700992897425&dc_pubid=4

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D7FB 0
0 59ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNxdVZpgjZcLQLa6yjuwP6aGyoAz7ssG5c4qa-Z-jEaXzs6aEQBABIOnhgGVglYqegrAHoAGC4O7SKcgBBqkCzhuwEN3CsT6oAwGqBJ8CT9Bqbh3yPXpQGgJsFZk-PjBpKu7yqmxGmK9c-azfLEzQkRHgI-lIHK97KjunvFdCVdsoYoo_Jmawxl5tuvmyLC0ADFFnjTmsl0-Wn2e4yB0MgyAWR8kfX5rMUbKIjXm_jxD0huZkE-yaZVXKnMBx-5JR9qe4-1kLb1cho4XtP3aRfK4LmOTVJsdRQCAsVopx2_aUfm9wFmLh5URGY4PdAvgzgK9SeNgeo-p3nEFEhxH6vluIDfNxboUMexg81qDh6cnz-5T0aYJyyDEGbRZBUWWvIrWYkadYQQIyHghivwi7a3_VEQL7pkVk3CGGkEjn-utwoddcSbPRbq5T37-zT9XnTmuEHpG9fd95eTJQjcD5ChtiGz5_fXzDPurY-gvABJqy__W_BOAEA4gFl6KdykySBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB4KYv7IEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ9oxiGMrUxfcB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJzgFodHRwczovL2ZvcmQuZGUvc2hvcC9hbmdlYm90ZS9idXNpbmVzcy13ZWVrcz9iYW5uZXJldT1udHY6c2VwOjIwMjM6bDp0YTpzZDpyZXRsOmt1Ojpmb3JkcHJvZ3JhbW1hdGljOnByOm5hdGl2ZWFkOjEwMDE3MjU4XzAwNF8wXzBfMl9rdWdhLTAwMDo6eDp2bTpwcDppbnRyc3QtcGxhdGR0YToxeDE6aWFzOmRlOjphbXAxLXQyOnNocHI6YWZmaW5pdHk6bnR2OnRya4AKA8gLAeINEwio-cOhpuiBAxUumYMHHemQDMSwE7eS9RTIE-Wm2OMD0BMA2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTI5MzI5NzA2MDQ2ODY3MDUY2aVr&sigh=zBZr3o5Vq-g&uach_m=[UACH]&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSOwDICaaNaBPwdlIyNcjsCEbzrmjl9lG7P1g4m_F8dAdnQjRCy2zqLZ8WDSSWqhz4b7G9Q9IGf9grJ1njGAE&template_id=509&vt=10
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame D7FB 0
0 31ms
28ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQpOfcFcVotJkYRsoaAjYltLQjhv9wtMtTPalI5W97fRHwxSBp5oB7y4DhTynEImRfpp3-J130TJ--c-gxMPzcZGb7kA
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D7FB 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00951c3b4f4c4bf46e409b6285647e6ae3995cfd262fd72858513c8a226a52a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3290 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 product-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 3290 122 KB
122 KB 19ms
18ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/product-image_4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab6301d8bb2f355f676bbd2755549d01bcc2d6fab04e5f8378738579119f535

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 06 Oct 2023 06:10:16 GMT
x-content-type-options: nosniff
age: 258975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124968
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Oct 2024 06:10:16 GMT

GET
H3 200 logo-image_4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/ Frame 3290 3 KB
3 KB 23ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8056895536743055360/logo-image_4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f55d52e9b2df0f21d26e6f32f8266eb5dd702f03f44e52127514d539abcf60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 03 Oct 2023 06:05:53 GMT
x-content-type-options: nosniff
age: 518438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3469
x-xss-protection: 0
last-modified: Mon, 08 May 2023 14:58:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 06:05:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame C6E3 30 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGWhpyrVi7XjHQOxjaRIaiUEtYQKNf_n4BsFldoyworefay0c_6JSSASo297wHz9WoNP1BnEkBuCNhbKSACRAgr-QPmA&cry=1&dbm_d=AKAmf-DEcZaAvmXT4JHhWL1YQ1T8JmKnrediGaUokrTbb49xAl5bSpRSBnJ-dpoApjkFrLGi__aqlupaq7sKb76Hid5ygMq424YZFx7fyRz_nP3i4Iov8Rk387LKIIqsuuxeJyFEJvK6n3Va-h2NfbN5qhfnw_-D15DM6fVf_MV1Qtv9lvkNBtJiU0ttwvVn3s9lQs8mIC-fhT_GZdUeZxEiE8s-KPxwTujRZX5aV6GWRKB90Bk1PljqPWXdkubxl1pFw2jE8NBj7jJCf1Cua2LbkvKy_dYBLVq4yd-vz8vljV-SzjtgB5wzRrKVgqpFP35ORh6ekZ6SvRmkdadtv_0kXk3U8JkLX9QwEGCuwv2Ksu-4HRnWdVPjD9-rDCqXEZKGYDmzrwedVcMQcz1peqqn8ult7b6BBZH5UyhFuFN0JtgPzJQ79LtBkbLn-ZgJr8pdid0xTqC-FFCrzbr1oMEY7wnLPZw3Ubqt4pHyKNA97i60GzzobdgVHiJq0hklo3uX_fTcsUcAtr8uUppsVntNe6NXkiWaisH98CxbYbsLnX8H9ZudF7hd0QcDA1VTfrcPWTs8LRp0sRuxw3I6YhqsW_1RZMvP8F77tnHK_cMj_LiBzYn_hQbxUqCqENjnSu-93J0RRu6nbCq4FNGT1HSVYo0t0NMxhldzEM1gPKU3wN4QxIBNcbxBz9uewVqAhy7FgnNNM3__8nx24G4pISL4KPT1px_uqBaLQWaKqT2lRT62uJgbzyZkUE8NU3GWo8idP31lJSevg6L27NaRPP2hJ7MeMz5nzyFvbI5zIUH33sF5mYPY7DNCmhMsa2XgTFNTlqN3wPBNJnwVY_MOrAxnBeFVhZLUWg3oGYunCxVOuvm4aM3mmVEMgAeZ7WJoPf4aSH0TmXaACrVNb8Zh8q5-o6yLVXn1011qYigixpapSLjrkVa3bReH2dVtYZW2VUUsqV0uULmcHQXecckvVpBBOvNXfM59FznJbrXu7tLgapRwRmxMMEF7HS88ktgDWZhczyAbx_UXvkoQwu0Ak4prtXOWhqqdgkYfWiO_nh3eHXLexZ2UiMqaDzYUpN-VvPSJgyQuQf07znO6qQoksPFiZdHfYezkpij0c46YuJe7SSZuax-yEPWRqy6LqVk475tuF96EYBO5k8AS4SUMwmTOpEk1wFq6P-GK-om3ETMkB0H29m2FcN_RiNCUbzho0rAeKiWq3ptQwUbshRrivAxtQWM50qN6eLuW7yu6YcUk2K_wMVeHwI-G6xQU4f3qzjQuTmjhN30V0hWLy3Lt9YJabTCfSnnmz1bqc0tX_kpKQ8V-gSiuK-H7TvThYEcFd0YkGaLErINt4y7ByVAPZ-AjsnIYi0TxQWelzdSmmqwVgxqOBBwo8IM04_ExxFStl93UnEtmLw0xWdVvVr9U3E4JOps94X07PClGf2ctPwjFb8sFNCfyu6tSUW59IUQ6GRZB1-Jtq2nXhK2bMr8i5Jon8bEdRUg3kG_g3_Onvv2cNYpJBSF5MlT0Yo-nVOwJyFwm4Xwj21kb2SxN55GcG_Mbtv8HaYf8rdPijPx3GWnv-cq22FrImnRImkLXN0wxCaiG1L52AhPYI4Z0lTABlS4m818_-OESklbSMw3tL7mdTC83MWIHbq1_5h08jCyPDxMMdRkkv0OuhPpbrjLgxYgyfvhDoxkDbsRNz_o4fe2K5q7Aee-ZPZ2OYQUDlYPq3iggvp0PVfVCYtG2ePhwzlYORIm1Z5KtFT6MKCommS3WjPk7957fpi_JGLgGzAdqGDUwzQphG7LL8TFxShnVA8LQvC71AF4Uv3rOCqklxz3YtszO_6qJ9FbNxRQiF_FkB4g3IZBxEO9pTtMhIr1GIimXaT72ZMUHymy4Lbrm_YX2x7rGzF1aQc1l47zLbqOpgCMZEjJnvWThxvAi3M1Zc1A60Zg2P2y8Co34Tbbl4iPqAkt_wDANicPLPJ34YjVjqT-wpa4JxyloUtWNOJFawcZwUClSAWXijzxIgXV5IAeA2pxxVe5fonoLlPl_SvHe_BriLVwQmWInzAtMRzX9YFfbCqsMu62Nhu7RrcdVufwRpxefJ26sAnP2-ndpPRmvvr6Nf9rM6tLhqLFPkO7h2zdi-Qm5fHcV8xJgpudrMFhlUig1HcKD4kqbXv1fgZJIpMW5cGv1p9Ly3NdRBigcdRowy1q2FgCcB3qPbgw9lglYmWM0ssr_Fn_1jeF2HqQi-duJaxJ1uomndFhBszQMcHI-7myrFdNBvsxAwKotLPNDYG5EU0uunXvfZc_tTk_npGsnSBapswA1d2tZjNWE9QZXiydiHB4tAmtenwk3GM3RM1eWXxGnPBDxfAkrSZZex3sIjstxsQLFlbURoHAyHU0D_ZNIzXaNHWwV9TAjBZQrTc0C9xUDImAGv6lH5RODPEUMMIkc5mFJEP7-EJxdUxyNTXwBmpAQSmLj5PwIpZrE_aypr6ZLuD4mU0fIpukae4kTsfuhh8sUbB6zVQryVnSPoJs5wJ4vY2kbxwvSKzcAdJ2kRT5PpWifbeg4x6KuLH88RhQaPSlI8CbOg-NpK6UH_3Uw2UIKvhCCiOuSZaKd8Nynq_EhF-ASVH1JYqUyXwBuzxeZb8NST0BgQa8xBz5u_yVkawgpJhxB4OWvp9hKFEGsz_R9Ti-rAOYHWx2rxu_i2dydLHxFoRK3LurvoFddVZqOPAWbTu5_5YJOLfZLS8XQomxwnDE2Yegzgj8DGsv-47HuSCQKfERWOL3Zs2n-uuiior7B5xPlS0WfFFt--4hkgX0Q8v3-usXdFp6SBw6pJpXqMIbGUaQ9Au-GIXDWGYz_ZuH4Bhae5A7o3IQed8ucysD8JECrZWtV4JMYXstDibZz-JNM5Mwwu3Dfr9YYCdy82I2cLtTbjxiVaeugfRFROwUkUT2HtUAGBEUSBUD7rWaw2KCvTex5e2gLdCgBF14taLNd50Q8uOmDLDRcm-JW8WaDTWMpYvIyCW0rLYC4mm9JV6e1aGwYMas0-7ZySAAWse46oRkomi7J31_TnKVdMM8L7af4NVgQL9y3EB838nTU7emKPXuk1lpCPbec-ri7fdAya2X7wqLyrLW7QwWDj5acyma8PQqBeZbg2P-6TWYMGv0zaCER4P2PwsMcm2FiRXs_TyqByPLMF2QeMjZh2Xd2fq9vCHfEv0YVbR0GH8UtZWhDZzs4F3JTYkkpTBi_uVtL3yI7hblEdWyejktM2RRdqlSjwjzyruzZqJMzbmuml7KkGA2g7-yXGMG8hh0nIyDK-sdMa6L472HyGm_J8WlUZaQ2mrPJ6XRqV5omuD7O7_qDrLAKos7Tk__Lh2OdXwU5znGQGgQ4nbbD0rYAOo0IFjRyblEKSpz0e_Qv70e-PzWGm-jkJVG7lZ3S_8GoPiQTRzCmQdkysgl0hcj9GvzFx8sLv0q4t-gHinK5hvgKTube7J6WnsAvQ0odq9XSLo6Wb52SuruLD47APG4wWaAFAQpPziHMvX9ssHMKZsHSWfRL_b9wgxUkQVkC5_pGwfHcnVFAjGFUG0VVwLh2y2D3gpqFYHG4siTzg9HBQxrXAJ0ZOpwE1oPxSHqfiejgt7Y2KmKWgvKForK-8G-IoFTG6yIJBAcwHF9wr5mlSIlq0s7T25XSOjCwQa4eoKDWPRUCn7FQiXK_tet9uqRCc1C2Ou8MqSLExsu5z97P_sYrQARfhexW0bp4ucq8hUWJHFYbAHph1kHpDAGB7SdFb40NhS8bB9uY9141KyNW_61wbmwZGBJGZ95dENJoxrar-PmC87Fyvo-WTdk39n6lPZq4Nf6jH3RsrrK7gjbsqJcikH8jGSOCqSCDY9dTvG5FRA6XtWe-SbLRE1SLAIaeJvUtm-bLdjpXZGcYgP4hG0Tui8ccliDurjAp0I-w0o-v7vK4c9HVwh9mlO-OJaQbXWAFIAVhXi1Q4KR4unLi3SqPJVlM_edCf_h2B0poKqASqe2ZGmUShW05kEzgWOCHnPsxgR5J33167MEa-cSt0APZO789zsF8tjqddB9yErQn0BVQkgiViz1_Iak8Lx_YE0O7KbViwK5N2lnqZ7_2NFJ3Y1YN&cid=CAQSOwDICaaNZIjKfNU4YvNHNMbDgFvRgv5J9PuHW8nWD5lamvnpspcdUXdAjjfLcr7m6h1vrLCww1ylyoWpGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.rediff.com%2F&ds=l&xdt=1&iif=1&cor=8023144387744821000&adk=4188270525&idt=117&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:57:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame C6E3 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:43:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6E3 0
0 155ms
76ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWYanFUIfwxEZqUT5VNwBCyUyKCCHrBo0Hn3q7QYfoDRN4s0W-CEMmKI1pacnjoYhNuscLWXfi0Kvszig4itXcPjysklgpwK_TiNioGf14ML5z7VRJQb5zP_N1EqWZQUZaaS76jKnL4gmqqv2kzfU9jWzJHWJkLQJhzE5wrhNd6rFOUlLXS_S17U601QHoHj0nU1gPepJ7pfKpE3SUY9owJE8sWrTD8BNlDnqzLJRfjtUd7uZgSF7X4RdVY6fC-E_9u2Y6Yq8I-8fLXMH-evGKizsdXVq7zqnx60hrcQpinzfPZPPYc4qkjwSxzYBcSm1wwiraCwcvjTwKimm347KYT_niihEK0efy2U_IBUyURl_SRTj4LdOfdwkeXvKKZ9hKEdonAgvrwz8x8AhxfOjna1UdM1w0bZUazfNUeedDTU72cjcaCe-eJyGbpt9HNCnCpmcXKNE2q4JbiDJSlRwg1bF0BAr5PBRjRso_EWNLkYI2LLZnmx7Srvj8tXUr04vF5PvYjmQFQcCtLGxaMn6kogq8ymTemlyhLfks1UzvJHU-rweWqPWCOqhwW83zSua8mntbzVBZ5sPKywmozQD7ctRjG2ibgtnWGO0h4f5kSF-QxpcydLreTTUga1jK_mp_hB00ftD5BbgtiyTyF9lG-E3f68wXUpGLlSJMiGJ7LJ05Na89dABS4ajdXoBNmM5cOEpEwaU7wNsYVpuxq3fwQ3ZpZdx8LANlMdI7X48IYp6wkbL9enAaRZYUd5ZDCQEop5EZ5clO6y1989j5XyQ8v76cil8jqrLISmJB3H5Pd5KD19G4XMz_9Oe_DiqprtwhaapHKWa9AE1sUSqVbYvtLP10MWkj72IJhS3L5hIIb-EYuvXMr1D7LBWQc2piBchpbeHgjZaIe_oKG_Nr0jNaareJQrqpvlwt6RkhdpKqxniAXMTPFz18IHlo1goFwHQgIuympoH_ZLTo5dOvzR1coj4uOK5bTBpjKzFs-UxArRF9u04sHJYSf9xOlcNvUzBQDbN6n4Y7EGscbBJsQLsCN88QXf4wfxpZoRIoCXQMi6vVL9PaQ2zMHtq-7zZsxYvFA_6z6Aj_cQLStyc94tYrujDByYi-QQ-8NXduAmF0OP48GN5SlpCmTlQDnYoV9qGaI_wwFmngySxu7B3YvrJ8fBC95W_xabUys46IhS37iRBENUE6omGeNMpM3uBZLBGOhcbX2ajdlV6X0weIEdQEf3m9zxKXiKUWrOWNTSgqg3Btn0pMRX-EhMSxmjYD-17CR6Zy7lXOOxdRZGREt_F2qI3FnG6629kTResfgZ03qTVXvdO80eLBdhBHiiv-6S40iHO76O_VT-Xr2tby-LcQ51-qk35gvWWKmvOfqld3HqEnroNUk6uM90MjEPBEBD6ygizwymGkIJMzYaueKB911GWYgI_jGTG0z8b0ROyJnTaezbmDsIBFc_skOLI&sai=AMfl-YQppg9OgO7DQhQvesBCoFzYQTPuh8jz8zdGooIDELCrZXM4-NmCkne_OvBFjWelNunOB-q6lOH9Cc7X49OaDbJYfgzLSGfJR-yDS05hhtmwXwXUCPA_TZ0-Yf9luBWfLheE8T5aELsXnsawe8hAW-fvBfCtGAeXwdz3KgGdCTMnjw3VW9ByLrcN43TOKM89Ej447hXzcaeCE1eSo0bM1TIhzvyXsVk1FdHq6qKo1F3NsIICHUjl47LnZzDmVeTIsRW2&sig=Cg0ArKJSzPUQ9eY4SNIWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231004.81986&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C6E3 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 369294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
H2 200 4431902876421974796
s0.2mdn.net/simgad/ Frame C6E3 75 KB
76 KB 56ms
43ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4431902876421974796

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7adfb3bf9f8daa4adee7cf8ef871c7631ed310f243e6383fc1de48dd12ba3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:04:43 GMT
x-content-type-options: nosniff
age: 342108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77251
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 13:52:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 07:04:43 GMT

GET
DATA 200
OK truncated
/ Frame C6E3 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36c4421ecd66ea76951289635ed3b8d0cb57725e7d53ae460443a8be2f6fafbe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D7FB 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rediff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 309220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:12:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D7FB 16 KB
16 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rediff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 477617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 17:26:14 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A4 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1526043874834&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A4 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1526043874834&version=m202309260101&ct=76&x=1&cor=15212241713647178000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 55A4 80 KB
37 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dy1YtkrlBE_1GQzw7rGEPOBGwPmT7urrb8XtHzBvtY0j8z_qOGkPnaZTJWxMhHnPw0FVoZZNJ4muC32JUJlQp1306nAQ&cry=1&dbm_d=AKAmf-Cf6yjeOkwH8smzN__nQFRcxxcF9sOQP-OmTzbGS8z230HrHA5rGM1lsaej0d24J3oqh8YX0Dq7loEjH7xcZQNtDiaLN428DDakjuP-ecRH7USutNJ5E8JmGEA8RjfamjM9YeayPU0JKYS5u6UGOY-yESfkmCdFCadgo1aQCTAgoyZMd7fgfYx4Csea4dZaQsrj_peGNC6GF-IWJ3d1ob4N3Sw0NzW5utB7INzOIUBnL3BwxKFocgpFsl1eDNo5j3WoNxWFJnGge2-UWEeWNxaBDzDU8hIYeUlMDlQnvcHRtp70E_CoDiLcLdHOKf1C2m46R47XlOAi9GQ3hErducgl04lmlKYzg9CcCQV3Y2Pg1ToQtGCDrV6rW3ydu3b6XCFqMZlNotCGTgrZjlpPk1P7ndmNv921_9iJk5hSSFwUo-ndaunmYJ8tM69NSLzwmeCCYEFJenExv8ayTHx3EIhAXf6F4gmO4D0y1mckH71cCNl2A4FMWe3EvgSl0Q_wG4nULVIQVRWLCM-ojHyzx4mFpcn2t_jly0kfuUgLfF6m5a4emVaAQp1ZMbNjkp6QQUg9zl8n4niLrbsg65xer8v5_IURyoQ-cawUAFldVUxwKLEQV-2g4K-PhzrLBoZRSS3a7fhcaIBy5LQpnGwuk2zMK2sG5nx7Uu8WTU92Qm5uW5kziFHztJlU0NlqBffuYrawIcvqmlqsOvHvgweqHH6QM2j3FD4Gi4aBZQPtGr_5GGF7w8cj_LaxnshvU2DOD_g_cY589w5hvKp82bb3-NYqyZlEXsmCyiue0vGT2TQK3ni_V5VDHgJrS3vHtOsyHbKrQuY0rdO4PNlBJr8cX0tC3V7jRJgWFFU25a42hu3pMlvXeiQpLvD-QJkQbsRd242JTWWod4oWatcBTmbNnnU5ICxaKUEKBm241CPdjf795P3k5BPu3G7oHVQAcpCY66q5FrrWd0AjQMvb0_zttf0XdeMvM-cB9mXGSq6btNuuoj54_TM44roaY8TLVQdG5NE5NRBPb3KB_2iJikU5BagZ7EIdi30W5CBH545CXJoQMLpgaoeZrpjFawsN4hd6rj7rSKMf2bR-yLe30BGzHkelq1g7c_yMBl9kQP308MZ4XmRTVCA88OIINmCtGWqzdF5iM9PLYN3u-GZUqqP-3qGCEiTtpnVfJAO2PsmUEMwcaBJJbi3LT1Hxt-oX0tCL4AnyPaxCkguiGV7UU1Of-TTdAGD0QNSUwhTfWnghQnOKuwYTqPgkD55f-g9-V0-2EkpUY2OrWVu9WOKbr4TQdmRZ1R0AJp-qMUs7imj-Pbj_fU7d_Jbu2y6FNF_s_dmvlZQ60ftaeF9KYUzUSQgBe4SXSvAGdfllute6_n9GNIClRCun9nryDdondTMha3BvOOs0FBVMV3R-jP3D5zpjUO2hU6mZ_M0NvmEiwHgT-F089_uFdvKKCMPKTG_zV9zLW6B7wljlK29A3iOe8RTAOzKFTsHi7705OdAOFX3LAmpKrf1He9nZ7YOvJwSd5WG6m_gVF8rieHPppwO43mV7SVstt4KRiGwkFPgyeQpvsgoPbdjk7t1gnRDXM-Bvk99F7o_6jsSTieIZVpfBkvVmjgO1oSQ_EXRINCEnWztfNROUPHtKVgbOOP9Ugy2IYBET42qA_nXiFMXjGEUr6ykJrfuhjvGKyeyQMWsSNpPbsI6Y6rfbfaz16OmIH5o2Z-7glpp_L8onXagvpTlrlXczHF6xcbily7cPGiZrvR6g2C7BrPYowmu6aXPyHWcI7kzVk9pv4eVqje5S-z5TuYhlAD-XHFDpIU7GShWtClQoLtm1635w4_tRx1KsLSbxqI6xKMW87yadiM-iX9UDKB0zLD1CXj3jSNH7rn4q_BWWaeA2F4G3wzWesSIGGInznNP04A6WlPo7PxRApKTsoFeSfm6KThW-IC6rz6X5ikUyojZIvbEc_bLPtP9zhyCVQ7CAFr0k_jib-xEdfV7tsHqQywessSA6f46t2d5jnAl1VmVVgmM8N-fhQGI4D3KX-AZTL5D2aIJssyg1Z6Did6yFRwgbBhYRYA9CTL_UcmoWXt6J2qbPG8PxFaoopjGKd-btuF_mYg3ZnnecUGHxl461MghP4KIkTtnf-wtWGqOUzyYyPGmOQJItqb5j2YffTPPJhxpa-c4P7KLDzTv9Y24waJTF7uaTyQoCpt8t49jLYlwyKOislDXL-PEHwbzyioA2vk_XUzRJ2RV4OkDGmfppcTW0J-NbiqppowVM5PPOO1j7dFmWQW3_0ITqD5zkLk_1FZ_76_ah0RJRLuiK4x3a3QXArOWAvA5rxxuD90kxPUh_AEXPV1DepKXv7jn_gmwv9aRyL675MNYeMjnK55b3WWRo_zgmAezF5e38hi-_H-mdmGfLY_AJBauavuy11wuB_twjmLHs46B-pkcE73pegPGS8GDu2FM5vE_WGN_OMlqAcw7iLIfv4DDMrcbioPDCC8Rf5jtqDexUXG85Ngmr4cbebP3olGhJkl-slxPfNacBGb7MUoGTgFwAnUw_Rdz_6zELyalEoKopf6nyvYguoLxD4IjnSScjh_cjQTjCC6mG_WfJRYdIDykK2VAC94xEDVrbG-PRScB3LhYsyUoQmwssuWHBrjhJMRzFY-gjS2EjdrvoNMhlYtQAH4KjAbFGQlbtgxjuO73Oqls6RlSqK5MM4PGk9OjDPIq145agvYJyq72U6GSaxw1iDrqRMyzAdMj1O2Z6Wx-0Nq29SyoiEqa4o1lgH-78-zQWePOORNTfLiF5WF2_Dso4AhCuZDPPw_7EIPEmDgtZjpSSvc1BRaxTrpvdwSXmGsIkOWHEyrJsUMsMPID6D04trwh4a9QRolq8YeCbnRWtmhmFGyT-EjWq9RAjcVaTD3CzMc4raUDmNa0KngN0g_5JEhH7YaS5-hWNKWTv07UBM1qQoEUnnUVP13YvYFOIZlCpT0Dc8NOi1UZqCY1Cy2sRWfxCAmazywNQqywdCHupGksEdhPv6-UmgQGxBGdR-nxx1sBWHD2UV0ZuDtHcOSEZCFCNqua7KJy2DvV_zILLo9NbPtIs4lONK1RMjvQ24RG7BwOmDCYyFiR7s2w2JC47ukXgPmB5PY99Z64zvLiqeXm2qmYE7jRl5NjEPYZhFMgAI3Pbj_dj_1zUMOFY8hruMOC_eCojZMbDSpAGTGhMz12oJWBj_xiz5Z37g8V6vTsXiQCydKf09zUTzbkZHgGFGOxxwpkL63cp1TYfwj8vzUI3MKgsm3QghbLD-WrWRIdIsSnZYnkTmeJN5tulZ3kdJbJe-hOiki6KJNUe6f6TVUkRvbKi9aw2AqA2TSDbDDwZKgpxn7DQZwymurnSE8NUWmmoglkd47HykHZVesnz2LKZxZ_4IgxMnR_u0kHmHBEV-ZZrjjEcsWCwTKjvJsK8P6_9az7hguXB5E7FOJ6dorKKhIa2tT-ZqqPxhpbN2QM3gzRNufRFAs_ars6Yu9ZjZYyrJQMTpKytQSpYSbxvoeKOlXhR43utTwso_hO30eecuPWV4TrSB26GD-3X5mF1UkrWeNBLuDTxTBdUl00Uy8DNvR15mLkCUdJkd6LTVJWtWhJ6ElqmpV8WNosQdEdyi6OsSXfIuEv5B8tg3wUH19VmQLfiYajVTfxPnjyVPr8G1yf2vhSDuSKUIT-oY9qJSYDIXIpQdZGrKdgyJN1Ekb3EDpjCTLvainZq3iQUFODiPaWnz3-Tv4QlQ-wYBxRLF3NesHqjL4fEiQY_VJZQRO4D9Echp-LIzeV-omzUw_6w4bl4cjINZf36OQDlG21b1wN8i6EYlMY2j5DIfb2NjZ2VaJSOl-unJK32peHfrfbDsEMS2GE6dE7xTNp60396meZ9h9aEAieeUVtvFjG0_FJB2mpmfY0u8Ge7tYB33DSZUNYKGZcbM6mNYOMY8n7PI4ZWaju9y69BU56L1i03wMzLKhintM5XO6Vi-7kBNqcI2R40uC-ttnVxbJDQOJ4B00PWF99cSdhC-cTs&cid=CAQSOwDICaaNsWv1Hp5War7gPLs3fnRN_EmVQS4mwzwrukPnnZClHrB1_xh6RodcvNtzcvlo55WPGzEiJsmWGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.rediff.com%2F&ds=l&xdt=1&iif=1&cor=15212241713647178000&adk=3037181500&idt=120&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719c4bb9e3f7f9b5368a3f8aacc980c62693d868367342f8627716ddddac9142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 12C0 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 364800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:46:31 GMT
expires: Fri, 04 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 482ms
109ms Fetch
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=45a3a7ef842e93920bb59cfaa432ea80&pvId=8af220da1093cb54448b4c7310360328&sid=7301&pid=30350&idx=0&wId=1970&pad=0&org=0&tm=925&eT=0&cnsnt=no_consent&widgetWidth=53&widgetHeight=0&widgetX=641&widgetY=1757&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=264&oo=true&lo=6459&obreq=6393&mvreq=7136&mvres=7400&cet=4g&to=1696831583786.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: bacc6b5c844a9dc72d20d29c23625909
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 39 KB
6 KB 375ms
374ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&srcUrl=https%3A%2F%2Fwww.rediff.com%2Frss%2Fnewshead.xml&idx=1&rand=54799&widgetJSId=GS_1&va=true&et=true&format=html&t=OGFmMjIwZGExMDkzY2I1NDQ0OGI0YzczMTAzNjAzMjg=&clss=Ik80NxCph5RtMt5vqX3Dp%2FhoYB%2Fcyktn9pLGjHODK%2BkU0Y87mihZuvh1Es5VDd9zoocX%2Ft3y87P%2F336w&px=640&py=2779&vpd=1579&cw=672&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010477&sig=ykSUO5TX&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e577c983073939b55605434bccf052adbf0c5bc5bc75d5d2b4d3951b1482018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1696831591.207558,VS0,VE349
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21956-LGA, cache-fra-etou8220092-FRA
x-traceid: 7db980a0bd546f73c3181334f0fd8cd9
accept-ranges: bytes
content-length: 5624
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame 0D9C 223 KB
61 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 22:17:54 GMT
age: 373717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Oct 2024 22:17:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 0D9C 15 KB
5 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 12:23:54 GMT
age: 322957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 12:23:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 0D9C 94 KB
28 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 00:09:37 GMT
age: 367014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 00:09:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 0D9C 5 KB
2 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 06:28:23 GMT
age: 344288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 06:28:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 0D9C 40 KB
13 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:08:35 GMT
age: 331076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 10:08:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0D9C 4 KB
655 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 04:51:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 06:06:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0D9C 4 KB
655 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 05:17:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 06:06:31 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D9C 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 31634
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D9C 295 B
322 B 21ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 31634
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H2 200 1834919631769142547
s0.2mdn.net/simgad/ Frame 0D9C 627 KB
627 KB 21ms
19ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1834919631769142547

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cf9220a1a3781126fd9a78b81b27753612d1ce2cfc8a1d5e6e774e845ba4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:00:03 GMT
x-content-type-options: nosniff
age: 353188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 641988
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 04:00:03 GMT

GET
H2 200 15392006718608047725
s0.2mdn.net/simgad/ Frame 0D9C 5 KB
5 KB 22ms
20ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15392006718608047725

Requested by

Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b973a1fc6c2f5b494d0476015f47f5da42d1fd968310924e8c49f820a6c7eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:00:03 GMT
x-content-type-options: nosniff
age: 353188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4788
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 04:00:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0D9C 0
0 30ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb7RWyIGDJjdliIx98wQWxyAKPJrIF6ociKiGTqZ70tV1rhtLnPfKfScXurqIlpsFiLJPV
Requested by: Host: www.rediff.com
URL: https://www.rediff.com/news/report/crooks-hack-payment-gateway-company-siphon-off-rs-16180-cr/20231008.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0D9C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0fb469043da74a5ca2a2fcb55df139932552ea6a0c25b00685adde0ef3a20f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6E3 0
0 60ms
60ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWYanFUIfwxEZqUT5VNwBCyUyKCCHrBo0Hn3q7QYfoDRN4s0W-CEMmKI1pacnjoYhNuscLWXfi0Kvszig4itXcPjysklgpwK_TiNioGf14ML5z7VRJQb5zP_N1EqWZQUZaaS76jKnL4gmqqv2kzfU9jWzJHWJkLQJhzE5wrhNd6rFOUlLXS_S17U601QHoHj0nU1gPepJ7pfKpE3SUY9owJE8sWrTD8BNlDnqzLJRfjtUd7uZgSF7X4RdVY6fC-E_9u2Y6Yq8I-8fLXMH-evGKizsdXVq7zqnx60hrcQpinzfPZPPYc4qkjwSxzYBcSm1wwiraCwcvjTwKimm347KYT_niihEK0efy2U_IBUyURl_SRTj4LdOfdwkeXvKKZ9hKEdonAgvrwz8x8AhxfOjna1UdM1w0bZUazfNUeedDTU72cjcaCe-eJyGbpt9HNCnCpmcXKNE2q4JbiDJSlRwg1bF0BAr5PBRjRso_EWNLkYI2LLZnmx7Srvj8tXUr04vF5PvYjmQFQcCtLGxaMn6kogq8ymTemlyhLfks1UzvJHU-rweWqPWCOqhwW83zSua8mntbzVBZ5sPKywmozQD7ctRjG2ibgtnWGO0h4f5kSF-QxpcydLreTTUga1jK_mp_hB00ftD5BbgtiyTyF9lG-E3f68wXUpGLlSJMiGJ7LJ05Na89dABS4ajdXoBNmM5cOEpEwaU7wNsYVpuxq3fwQ3ZpZdx8LANlMdI7X48IYp6wkbL9enAaRZYUd5ZDCQEop5EZ5clO6y1989j5XyQ8v76cil8jqrLISmJB3H5Pd5KD19G4XMz_9Oe_DiqprtwhaapHKWa9AE1sUSqVbYvtLP10MWkj72IJhS3L5hIIb-EYuvXMr1D7LBWQc2piBchpbeHgjZaIe_oKG_Nr0jNaareJQrqpvlwt6RkhdpKqxniAXMTPFz18IHlo1goFwHQgIuympoH_ZLTo5dOvzR1coj4uOK5bTBpjKzFs-UxArRF9u04sHJYSf9xOlcNvUzBQDbN6n4Y7EGscbBJsQLsCN88QXf4wfxpZoRIoCXQMi6vVL9PaQ2zMHtq-7zZsxYvFA_6z6Aj_cQLStyc94tYrujDByYi-QQ-8NXduAmF0OP48GN5SlpCmTlQDnYoV9qGaI_wwFmngySxu7B3YvrJ8fBC95W_xabUys46IhS37iRBENUE6omGeNMpM3uBZLBGOhcbX2ajdlV6X0weIEdQEf3m9zxKXiKUWrOWNTSgqg3Btn0pMRX-EhMSxmjYD-17CR6Zy7lXOOxdRZGREt_F2qI3FnG6629kTResfgZ03qTVXvdO80eLBdhBHiiv-6S40iHO76O_VT-Xr2tby-LcQ51-qk35gvWWKmvOfqld3HqEnroNUk6uM90MjEPBEBD6ygizwymGkIJMzYaueKB911GWYgI_jGTG0z8b0ROyJnTaezbmDsIBFc_skOLI&sai=AMfl-YQppg9OgO7DQhQvesBCoFzYQTPuh8jz8zdGooIDELCrZXM4-NmCkne_OvBFjWelNunOB-q6lOH9Cc7X49OaDbJYfgzLSGfJR-yDS05hhtmwXwXUCPA_TZ0-Yf9luBWfLheE8T5aELsXnsawe8hAW-fvBfCtGAeXwdz3KgGdCTMnjw3VW9ByLrcN43TOKM89Ej447hXzcaeCE1eSo0bM1TIhzvyXsVk1FdHq6qKo1F3NsIICHUjl47LnZzDmVeTIsRW2&sig=Cg0ArKJSzPUQ9eY4SNIWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&vt=11&dtpt=120&dett=2&cstd=0&cisv=r20231004.81986&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 12C0 37 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 12:44:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 55A4 30 KB
11 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dy1YtkrlBE_1GQzw7rGEPOBGwPmT7urrb8XtHzBvtY0j8z_qOGkPnaZTJWxMhHnPw0FVoZZNJ4muC32JUJlQp1306nAQ&cry=1&dbm_d=AKAmf-Cf6yjeOkwH8smzN__nQFRcxxcF9sOQP-OmTzbGS8z230HrHA5rGM1lsaej0d24J3oqh8YX0Dq7loEjH7xcZQNtDiaLN428DDakjuP-ecRH7USutNJ5E8JmGEA8RjfamjM9YeayPU0JKYS5u6UGOY-yESfkmCdFCadgo1aQCTAgoyZMd7fgfYx4Csea4dZaQsrj_peGNC6GF-IWJ3d1ob4N3Sw0NzW5utB7INzOIUBnL3BwxKFocgpFsl1eDNo5j3WoNxWFJnGge2-UWEeWNxaBDzDU8hIYeUlMDlQnvcHRtp70E_CoDiLcLdHOKf1C2m46R47XlOAi9GQ3hErducgl04lmlKYzg9CcCQV3Y2Pg1ToQtGCDrV6rW3ydu3b6XCFqMZlNotCGTgrZjlpPk1P7ndmNv921_9iJk5hSSFwUo-ndaunmYJ8tM69NSLzwmeCCYEFJenExv8ayTHx3EIhAXf6F4gmO4D0y1mckH71cCNl2A4FMWe3EvgSl0Q_wG4nULVIQVRWLCM-ojHyzx4mFpcn2t_jly0kfuUgLfF6m5a4emVaAQp1ZMbNjkp6QQUg9zl8n4niLrbsg65xer8v5_IURyoQ-cawUAFldVUxwKLEQV-2g4K-PhzrLBoZRSS3a7fhcaIBy5LQpnGwuk2zMK2sG5nx7Uu8WTU92Qm5uW5kziFHztJlU0NlqBffuYrawIcvqmlqsOvHvgweqHH6QM2j3FD4Gi4aBZQPtGr_5GGF7w8cj_LaxnshvU2DOD_g_cY589w5hvKp82bb3-NYqyZlEXsmCyiue0vGT2TQK3ni_V5VDHgJrS3vHtOsyHbKrQuY0rdO4PNlBJr8cX0tC3V7jRJgWFFU25a42hu3pMlvXeiQpLvD-QJkQbsRd242JTWWod4oWatcBTmbNnnU5ICxaKUEKBm241CPdjf795P3k5BPu3G7oHVQAcpCY66q5FrrWd0AjQMvb0_zttf0XdeMvM-cB9mXGSq6btNuuoj54_TM44roaY8TLVQdG5NE5NRBPb3KB_2iJikU5BagZ7EIdi30W5CBH545CXJoQMLpgaoeZrpjFawsN4hd6rj7rSKMf2bR-yLe30BGzHkelq1g7c_yMBl9kQP308MZ4XmRTVCA88OIINmCtGWqzdF5iM9PLYN3u-GZUqqP-3qGCEiTtpnVfJAO2PsmUEMwcaBJJbi3LT1Hxt-oX0tCL4AnyPaxCkguiGV7UU1Of-TTdAGD0QNSUwhTfWnghQnOKuwYTqPgkD55f-g9-V0-2EkpUY2OrWVu9WOKbr4TQdmRZ1R0AJp-qMUs7imj-Pbj_fU7d_Jbu2y6FNF_s_dmvlZQ60ftaeF9KYUzUSQgBe4SXSvAGdfllute6_n9GNIClRCun9nryDdondTMha3BvOOs0FBVMV3R-jP3D5zpjUO2hU6mZ_M0NvmEiwHgT-F089_uFdvKKCMPKTG_zV9zLW6B7wljlK29A3iOe8RTAOzKFTsHi7705OdAOFX3LAmpKrf1He9nZ7YOvJwSd5WG6m_gVF8rieHPppwO43mV7SVstt4KRiGwkFPgyeQpvsgoPbdjk7t1gnRDXM-Bvk99F7o_6jsSTieIZVpfBkvVmjgO1oSQ_EXRINCEnWztfNROUPHtKVgbOOP9Ugy2IYBET42qA_nXiFMXjGEUr6ykJrfuhjvGKyeyQMWsSNpPbsI6Y6rfbfaz16OmIH5o2Z-7glpp_L8onXagvpTlrlXczHF6xcbily7cPGiZrvR6g2C7BrPYowmu6aXPyHWcI7kzVk9pv4eVqje5S-z5TuYhlAD-XHFDpIU7GShWtClQoLtm1635w4_tRx1KsLSbxqI6xKMW87yadiM-iX9UDKB0zLD1CXj3jSNH7rn4q_BWWaeA2F4G3wzWesSIGGInznNP04A6WlPo7PxRApKTsoFeSfm6KThW-IC6rz6X5ikUyojZIvbEc_bLPtP9zhyCVQ7CAFr0k_jib-xEdfV7tsHqQywessSA6f46t2d5jnAl1VmVVgmM8N-fhQGI4D3KX-AZTL5D2aIJssyg1Z6Did6yFRwgbBhYRYA9CTL_UcmoWXt6J2qbPG8PxFaoopjGKd-btuF_mYg3ZnnecUGHxl461MghP4KIkTtnf-wtWGqOUzyYyPGmOQJItqb5j2YffTPPJhxpa-c4P7KLDzTv9Y24waJTF7uaTyQoCpt8t49jLYlwyKOislDXL-PEHwbzyioA2vk_XUzRJ2RV4OkDGmfppcTW0J-NbiqppowVM5PPOO1j7dFmWQW3_0ITqD5zkLk_1FZ_76_ah0RJRLuiK4x3a3QXArOWAvA5rxxuD90kxPUh_AEXPV1DepKXv7jn_gmwv9aRyL675MNYeMjnK55b3WWRo_zgmAezF5e38hi-_H-mdmGfLY_AJBauavuy11wuB_twjmLHs46B-pkcE73pegPGS8GDu2FM5vE_WGN_OMlqAcw7iLIfv4DDMrcbioPDCC8Rf5jtqDexUXG85Ngmr4cbebP3olGhJkl-slxPfNacBGb7MUoGTgFwAnUw_Rdz_6zELyalEoKopf6nyvYguoLxD4IjnSScjh_cjQTjCC6mG_WfJRYdIDykK2VAC94xEDVrbG-PRScB3LhYsyUoQmwssuWHBrjhJMRzFY-gjS2EjdrvoNMhlYtQAH4KjAbFGQlbtgxjuO73Oqls6RlSqK5MM4PGk9OjDPIq145agvYJyq72U6GSaxw1iDrqRMyzAdMj1O2Z6Wx-0Nq29SyoiEqa4o1lgH-78-zQWePOORNTfLiF5WF2_Dso4AhCuZDPPw_7EIPEmDgtZjpSSvc1BRaxTrpvdwSXmGsIkOWHEyrJsUMsMPID6D04trwh4a9QRolq8YeCbnRWtmhmFGyT-EjWq9RAjcVaTD3CzMc4raUDmNa0KngN0g_5JEhH7YaS5-hWNKWTv07UBM1qQoEUnnUVP13YvYFOIZlCpT0Dc8NOi1UZqCY1Cy2sRWfxCAmazywNQqywdCHupGksEdhPv6-UmgQGxBGdR-nxx1sBWHD2UV0ZuDtHcOSEZCFCNqua7KJy2DvV_zILLo9NbPtIs4lONK1RMjvQ24RG7BwOmDCYyFiR7s2w2JC47ukXgPmB5PY99Z64zvLiqeXm2qmYE7jRl5NjEPYZhFMgAI3Pbj_dj_1zUMOFY8hruMOC_eCojZMbDSpAGTGhMz12oJWBj_xiz5Z37g8V6vTsXiQCydKf09zUTzbkZHgGFGOxxwpkL63cp1TYfwj8vzUI3MKgsm3QghbLD-WrWRIdIsSnZYnkTmeJN5tulZ3kdJbJe-hOiki6KJNUe6f6TVUkRvbKi9aw2AqA2TSDbDDwZKgpxn7DQZwymurnSE8NUWmmoglkd47HykHZVesnz2LKZxZ_4IgxMnR_u0kHmHBEV-ZZrjjEcsWCwTKjvJsK8P6_9az7hguXB5E7FOJ6dorKKhIa2tT-ZqqPxhpbN2QM3gzRNufRFAs_ars6Yu9ZjZYyrJQMTpKytQSpYSbxvoeKOlXhR43utTwso_hO30eecuPWV4TrSB26GD-3X5mF1UkrWeNBLuDTxTBdUl00Uy8DNvR15mLkCUdJkd6LTVJWtWhJ6ElqmpV8WNosQdEdyi6OsSXfIuEv5B8tg3wUH19VmQLfiYajVTfxPnjyVPr8G1yf2vhSDuSKUIT-oY9qJSYDIXIpQdZGrKdgyJN1Ekb3EDpjCTLvainZq3iQUFODiPaWnz3-Tv4QlQ-wYBxRLF3NesHqjL4fEiQY_VJZQRO4D9Echp-LIzeV-omzUw_6w4bl4cjINZf36OQDlG21b1wN8i6EYlMY2j5DIfb2NjZ2VaJSOl-unJK32peHfrfbDsEMS2GE6dE7xTNp60396meZ9h9aEAieeUVtvFjG0_FJB2mpmfY0u8Ge7tYB33DSZUNYKGZcbM6mNYOMY8n7PI4ZWaju9y69BU56L1i03wMzLKhintM5XO6Vi-7kBNqcI2R40uC-ttnVxbJDQOJ4B00PWF99cSdhC-cTs&cid=CAQSOwDICaaNsWv1Hp5War7gPLs3fnRN_EmVQS4mwzwrukPnnZClHrB1_xh6RodcvNtzcvlo55WPGzEiJsmWGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.rediff.com%2F&ds=l&xdt=1&iif=1&cor=15212241713647178000&adk=3037181500&idt=120&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:57:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 55A4 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:43:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 55A4 0
0 66ms
66ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8OmzLCT-R9CXiANJCuUGYj2rojkoamK0gHc9KiSSVXtQIp1T5LCFlleoL4qb0sKEoDgmTVP8f5Pie5NkoYopwXab-WODTsO2AZ_bQ8WVO4RKmRq5ERjj5qlcCjofksJuokWvqJbIGrY3TvLNIl6lGcaiB8rinomgCzJvJyb1h5ww8iv5mT8yJOlmHpZ0Ue6A0gjnOfw0hX1FjAv362GY0msGFg7ilGG4-mrHJj-b3PoKNYnNR1sNMjUqhgltxoPVDEBmUWs9lMVEwxsTh5ahfBXRZENzCELro4mEbCQJfuqHw5bWeSVyKXBss9jXebN4yKF3RUkAYSwo5_ySIs9bHokGtj0cvCrtrq9TfG6OjEiZZomZVEg9pB2oXTGwoSU6T80ngoD84bAVDQBVrs37yx_h4c7CUyhve2_eVKHeXoNqsgC6_zlmOvo5ciI5ul5xeu2_3QwpudRFHsVJrJWXrhkzeVTk6D9ns3DeR5z8nAKqALB34LeMmvcrKiFvFPV8MmvnxFwVlXfM29YuHegse-CgQN57PHdCkunwlpWeygf-BQMxAUvqfd8Up9VZfwK7CrqtRTziHzeqoN0UlYFOf_RkB9USwssFtPXFp02d7ukze17_N3eT0CglsYP5vQiCbdSPQvlyqcHs9eO1m2Eq7pv9DYj4uGR4Q-WZFbAE5tPdYmOH06WJh3KWenGcJkGWNlIYPku0KJcOeXOfe-XqFjRQ_lyWU5JX4SRwban1Aekys-FVG-kYn1wFn3F2xd5ujHHllBSAiHbNKAD9HHZ1odN9uzXNbJCNFCYYfqlIsXoFXuwY8nXVyLc3W0RrtNNH-C1UXrtcJVjme-TjgSZZFKCIXURagrCQZAQWktIw9CzUIxpT11a9CG6Kdor_6Zp8jHN4wWel7zsGkACSgIfIXYXFIe_OtFdxzBdAem8RBLuC7PkecgOlyJ4d0msDU8sRdBvwcYI7OpopMi86UAWrC_wFzxhvSXKEyJqEgTATTYHm10ZLM7OsmZhskjk0U9_1_QiHY4iZyySxbCQm6iPh5FuXrp5AqFErfm2h1ccZax1ek1Mj39dx3wewCy9iASTWLapjP9HoGlVH1CYy5sHmNu_4A5zImEUkdbvCLN-7M-XTbB-8MOkusNcSyiQWgIhkl0nTsl5KLz4b2aNG_R0O5r-HTRmf-44rYwz0hbF0bPf71su7x1BHqKq1ZX6xWiaIHFWHZNpjxrc44JeIqvHYKsYEgCpd6ibJp0gmIEzp1hGjljWX22c7w7hOBRhcnJ0ZaJairbDkSOr0VuZa-_50dIt8DZIDJvvZP7moU-toB4DCE_YFrVZlkfEH0VQUCSI0m1cVfz7v-NV5kNAtdCfqyLURjnOy7L6xFxU5Q8gqo4j41uQ4xSWTLimDg0Ck_4tr6W8n43TikL4LmJHOmRjYcryx9Tc_hIlLjbUxTlDibQNo31CstK_ZfRJZ7thwT6z3yB2jQdntiUNVyRKBuWgq8HMw&sai=AMfl-YRMlCQLm12DCw8auA55ZJYmRf81vZSjVBOPA_YBSMVfVNbI2shqxrv8AhSWR6jVZLardvOYyBvjWdIFp8WiBDXx3nhjnHRe_cVDaJFE3DZ7SWtc6cuEOQ-rVU4R8vqPuFcVexCgmVeYE9ED0GCK7IS_yBY5jb71U1TVRfnobncnid9hUB73bRNMlmEusTqgiQ4ytJkdlo_bXfJSnIRdJO91Dh0fIw4moclwbbUQ_f6H5oB7Dn0P7lKngI4wJPR2SwSR&sig=Cg0ArKJSzC8s7J1JlDthEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231004.17231&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 55A4 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 8563340531119840745
s0.2mdn.net/simgad/ Frame 55A4 96 KB
96 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8563340531119840745

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81aab37d8c9d95a568c57e163c65bbe40c0fd0a521f64fc04200ebf7c5074e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:32:08 GMT
x-content-type-options: nosniff
age: 225263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97890
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 13:07:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Oct 2024 15:32:08 GMT

GET
DATA 200
OK truncated
/ Frame 55A4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d12bc78f4982837e3a5aaa4fcf14c06064764c5bd8c3f7eb3307d8e1b5d39d07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D9C 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rediff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 309220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:12:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D9C 16 KB
16 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rediff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 477617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 17:26:14 GMT

GET
H3 200 container.html Show response
7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1825 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rediff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:30 GMT
expires: Tue, 08 Oct 2024 06:06:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 55A4 0
0 58ms
57ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8OmzLCT-R9CXiANJCuUGYj2rojkoamK0gHc9KiSSVXtQIp1T5LCFlleoL4qb0sKEoDgmTVP8f5Pie5NkoYopwXab-WODTsO2AZ_bQ8WVO4RKmRq5ERjj5qlcCjofksJuokWvqJbIGrY3TvLNIl6lGcaiB8rinomgCzJvJyb1h5ww8iv5mT8yJOlmHpZ0Ue6A0gjnOfw0hX1FjAv362GY0msGFg7ilGG4-mrHJj-b3PoKNYnNR1sNMjUqhgltxoPVDEBmUWs9lMVEwxsTh5ahfBXRZENzCELro4mEbCQJfuqHw5bWeSVyKXBss9jXebN4yKF3RUkAYSwo5_ySIs9bHokGtj0cvCrtrq9TfG6OjEiZZomZVEg9pB2oXTGwoSU6T80ngoD84bAVDQBVrs37yx_h4c7CUyhve2_eVKHeXoNqsgC6_zlmOvo5ciI5ul5xeu2_3QwpudRFHsVJrJWXrhkzeVTk6D9ns3DeR5z8nAKqALB34LeMmvcrKiFvFPV8MmvnxFwVlXfM29YuHegse-CgQN57PHdCkunwlpWeygf-BQMxAUvqfd8Up9VZfwK7CrqtRTziHzeqoN0UlYFOf_RkB9USwssFtPXFp02d7ukze17_N3eT0CglsYP5vQiCbdSPQvlyqcHs9eO1m2Eq7pv9DYj4uGR4Q-WZFbAE5tPdYmOH06WJh3KWenGcJkGWNlIYPku0KJcOeXOfe-XqFjRQ_lyWU5JX4SRwban1Aekys-FVG-kYn1wFn3F2xd5ujHHllBSAiHbNKAD9HHZ1odN9uzXNbJCNFCYYfqlIsXoFXuwY8nXVyLc3W0RrtNNH-C1UXrtcJVjme-TjgSZZFKCIXURagrCQZAQWktIw9CzUIxpT11a9CG6Kdor_6Zp8jHN4wWel7zsGkACSgIfIXYXFIe_OtFdxzBdAem8RBLuC7PkecgOlyJ4d0msDU8sRdBvwcYI7OpopMi86UAWrC_wFzxhvSXKEyJqEgTATTYHm10ZLM7OsmZhskjk0U9_1_QiHY4iZyySxbCQm6iPh5FuXrp5AqFErfm2h1ccZax1ek1Mj39dx3wewCy9iASTWLapjP9HoGlVH1CYy5sHmNu_4A5zImEUkdbvCLN-7M-XTbB-8MOkusNcSyiQWgIhkl0nTsl5KLz4b2aNG_R0O5r-HTRmf-44rYwz0hbF0bPf71su7x1BHqKq1ZX6xWiaIHFWHZNpjxrc44JeIqvHYKsYEgCpd6ibJp0gmIEzp1hGjljWX22c7w7hOBRhcnJ0ZaJairbDkSOr0VuZa-_50dIt8DZIDJvvZP7moU-toB4DCE_YFrVZlkfEH0VQUCSI0m1cVfz7v-NV5kNAtdCfqyLURjnOy7L6xFxU5Q8gqo4j41uQ4xSWTLimDg0Ck_4tr6W8n43TikL4LmJHOmRjYcryx9Tc_hIlLjbUxTlDibQNo31CstK_ZfRJZ7thwT6z3yB2jQdntiUNVyRKBuWgq8HMw&sai=AMfl-YRMlCQLm12DCw8auA55ZJYmRf81vZSjVBOPA_YBSMVfVNbI2shqxrv8AhSWR6jVZLardvOYyBvjWdIFp8WiBDXx3nhjnHRe_cVDaJFE3DZ7SWtc6cuEOQ-rVU4R8vqPuFcVexCgmVeYE9ED0GCK7IS_yBY5jb71U1TVRfnobncnid9hUB73bRNMlmEusTqgiQ4ytJkdlo_bXfJSnIRdJO91Dh0fIw4moclwbbUQ_f6H5oB7Dn0P7lKngI4wJPR2SwSR&sig=Cg0ArKJSzC8s7J1JlDthEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&vt=11&dtpt=105&dett=2&cstd=0&cisv=r20231004.17231&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1825 24 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Oct 2024 06:34:09 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1825 39 KB
15 KB 205ms
21ms Script
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 06:10:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=122061
accept-ranges: bytes
content-length: 14527
expires: Tue, 10 Oct 2023 16:00:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1825 187 KB
59 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 06:06:31 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D9C 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 31634
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0D9C 295 B
322 B 19ms
19ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 31634
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 09 Oct 2023 21:19:17 GMT

GET
H3 200 1834919631769142547
s0.2mdn.net/simgad/ Frame 0D9C 627 KB
627 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1834919631769142547

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cf9220a1a3781126fd9a78b81b27753612d1ce2cfc8a1d5e6e774e845ba4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:00:03 GMT
x-content-type-options: nosniff
age: 353188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 641988
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 04:00:03 GMT

GET
H3 200 15392006718608047725
s0.2mdn.net/simgad/ Frame 0D9C 5 KB
5 KB 23ms
23ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15392006718608047725

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b973a1fc6c2f5b494d0476015f47f5da42d1fd968310924e8c49f820a6c7eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:00:03 GMT
x-content-type-options: nosniff
age: 353188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4788
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 04:00:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A229 22 KB
8 KB 26ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 317819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1825 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYglnMTeZgiH-zYUdfcqfkbjBbyqdQF9JRtjSJdW_7shDrwoFiFo5T_JFLQsGasJpJOCwXU2HAdAim1jFBVVLV03UqMwawusb5t8zf4XbSaWv0nV-ng2bxswWT73HlXvK02apxQ0N8Mei16xae7Nx4MhW2hgf0T84xk9pbS1gD15nfOJLjzRTRoht8KDFVNJwccL8zY0ZofPsGRSBBPildSFG1O15NKxX4zs1EGvGGlC542AwUnXJbwUClzsd9q8kQeflll9074rE_lhhF2yumpI0U_Zc-nbeWt26zOuL4hQPFxxhR_U1rn7u9zPS8qHmojKnI6URY0S0pdS30SJ2Dq2bXCKBEwA&sai=AMfl-YTjIT9qTZAgQJOYIDIivaqGi_eK353PQ4VF0NVCqggpYeyv1ly9BpnNMZCdHDEiXjkN3U6H_MGL5yR_Qpt3WwvBKG4fwh5hgSybiuiMoLaT2KuXhhemEkndaOq0pQ&sig=Cg0ArKJSzKra4OJhdGEMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 22ms
20ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 06:06:31 GMT
date: Mon, 09 Oct 2023 06:06:31 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 187ms
110ms Fetch
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ca7c1a573d8626fa2e24849d6124a52c&pvId=8af220da1093cb54448b4c7310360328&sid=7301&pid=30350&idx=1&wId=829&pad=0&org=0&tm=1322&eT=0&cnsnt=no_consent&widgetWidth=672&widgetHeight=25&widgetX=641&widgetY=2787&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=391&oo=true&lo=6459&obreq=6393&mvreq=7406&mvres=7797&cet=4g&to=1696831583786.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 856f7e6930766a46909f9bd499759eba
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 181ms
107ms Fetch
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=b73b31535b7968085fcd5002bb576c86&pvId=8af220da1093cb54448b4c7310360328&sid=7301&pid=30350&idx=2001&wId=1515&pad=0&org=0&tm=1328&eT=0&cnsnt=no_consent&widgetWidth=666&widgetHeight=0&widgetX=644&widgetY=2836&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=6459&obreq=6393&mvreq=7406&mvres=7803&re=7805&cet=4g&cs=5&to=1696831583786.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: f5b360f1e03023cf0cd1cbbd581f0069
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 188ms
109ms Fetch
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=24d93600f71aaef9835891202f5a6aa4&pvId=8af220da1093cb54448b4c7310360328&sid=7301&pid=30350&idx=2002&wId=1515&pad=0&org=0&tm=1330&eT=0&cnsnt=no_consent&widgetWidth=666&widgetHeight=0&widgetX=644&widgetY=2836&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=6459&obreq=6393&mvreq=7406&mvres=7803&re=7807&cet=4g&cs=5&to=1696831583786.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 786c0ae60677e76960acf7a41e7aade8
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 285ms
107ms Fetch
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ded539507e203ddb6e98506bb423445d&pvId=8af220da1093cb54448b4c7310360328&sid=7301&pid=30350&idx=2003&wId=1526&pad=0&org=0&tm=1331&eT=0&cnsnt=no_consent&widgetWidth=666&widgetHeight=0&widgetX=644&widgetY=2836&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=6459&obreq=6393&mvreq=7406&mvres=7803&re=7808&cet=4g&cs=5&to=1696831583786.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 64d83f901ebf1cb6d9f6c7533f26ead6
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 286ms
108ms Fetch
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=0d3e22d0397e16b339d2509cc0c424d2&pvId=8af220da1093cb54448b4c7310360328&sid=7301&pid=30350&idx=2004&wId=1515&pad=0&org=0&tm=1333&eT=0&cnsnt=no_consent&widgetWidth=666&widgetHeight=0&widgetX=644&widgetY=2836&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=6459&obreq=6393&mvreq=7406&mvres=7803&re=7810&cet=4g&cs=5&to=1696831583786.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 0ed0d20956c0629018a6c13c7f244a76
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 293ms
109ms Fetch
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=7b0c15eeb88ef190886720c96f669e78&pvId=8af220da1093cb54448b4c7310360328&sid=7301&pid=30350&idx=2005&wId=1515&pad=0&org=0&tm=1334&eT=0&cnsnt=no_consent&widgetWidth=666&widgetHeight=0&widgetX=644&widgetY=2836&wRV=2010477&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=6459&obreq=6393&mvreq=7406&mvres=7803&re=7811&cet=4g&cs=5&to=1696831583786.5&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:31 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 6652c63eb79fa0fef9310d2e5ff60634
Content-Length: 4
Expires: 0

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
8 KB 24ms
24ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 06:06:31 GMT
date: Mon, 09 Oct 2023 06:06:31 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "b79638966e0374c455e78107aee59bf4:1673369411.171576"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7647
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12C0 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdeM-Z5gjZYKzBN6XjuwPn5Wg-AMAAAAAOAHgBAI&bg=!MDOlM3zNAAYMG8UMLBs7ADQBe5WfODBQJN1PXhZ35v5cl4X8FIGdklaTtVBgty7sk3aiKzkkAcp2GbkkG30pfXJMfW3cAgAAAKJSAAAABmgBB5kDBHCFbEtJHrKMUHBt41iYOlZ8NzL1BjikZfApxp5tT7BLbBQwJX4NVKVBQjeBYsItnqnYQ3W33J4yXM1PnxW3tOr7dTKvJXGssygKFlUd00SbTcG2xwFSilkqBhUxnZ31wH0XxexhGVdqXaCb51CZlj5hOGWuvmDQXbQW2acnAwBiL6rrZM305O9fG7WjqyBHKWqyNRhnAWaDEtQohBQvipYmyflJaSJF6Jg96Z13VwxhNjUFIP6io_etyHVmnZoJZ8RnpEZaWqJNWGdaCSg9nx69AlVe6Hpzj7V--26-OTJokDM47NygZmZVWiCohTvNc2mIEJ46pUxTmjFxNtFdf9LDfbgZFB7Q_vV1047IhNxhuFNhHUcKnj4xEMa6e8Pr5_uvP0eKalhvL3kbgBw7dbPBky4GGjP1lW3_4MtxnHS0O7wjarphFeceT8VtYR-Sp04zrhn4MwWOJkn1CJsK4j3c-7Lzqa485wQ1Hr8CvuFjJc29NUVn7Fa9DYZcBAnYpcgEKirD-lZjT3d-BFVSoPnWti94ENkXPDqDjaHkqfxWI5bruAKpcmmPNkSkUP8WbkvP9lPDfkaukAbezDSkBF1AmyBcrasmd4YvqXJifJIMfN6J_2Ho_p5CriZx7EarHT5I31EDf4Fm9eFVc8FDCwl7yzmy5XhCFBNkogrd90DkmxrFz9XAs_wcLehelCfkjZq5BVAunZdxQcINaUFKPUK8Xyv5bagm9OvC5bCp0mDWFHBeKDVHhZ7_EzpmnzfS_ambppxNdOJHF0bgZQBzCy1BNk3HFjYPFj2u7o29YcR9IfdJSYvOVKfiEPeqAM5tCS5oW6zrwZqHmm4cXpMXzgggUDdBn1FkY4H_JCp1rrcrMDHM15ttUssl7MTj5yB-gg6CQiisLGRcrP5Rnx0N-F2N_lSigtr1TaneGqtkqn1QymlfWDwfpEvfExwczzoB3_vqL7CjeAG6mukx_jZeamBMS1eu39HTfFG-KAnZhSfvzqgEFaC0IjZPXGUDo858DtqkqfY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 0D9C 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DU7KeSI8l7cmQjB6Jc-WHNR2QJHi5unHXVHY4cijUTo4gCThaoeZ62mDWAktA4UntVbANyaWU1jIcTRk4h3bP8peNJAko1K66e_KlS_LcEnLetga4l_3e1rH1N1SBf6emUM_sUVw7YJ4MxWC7a2QmfhXqiPEbtGYnnVVC5wRTIRgl3CD0&cry=1&dbm_d=AKAmf-BlY3R1O3yrL-ndcfFAkscRs6pDHaNLIIcNYQEUijMWEvDnYBplZ49M-WYrmHqxB9MQiwIZ4pQRXMr3_c2ahNx_jKmPTELitP78mYRIROPNWb3oAnO2O2nPPlW3rJW7JJNpOxHmxXWvZaL_DXaqxd2MwCvS9rEYzdCUAvUZwl8lh3E1suxLb5Er-A3LnIXT7zSOlihJNiCt8I3hogPSuypZrTcMBvpXgJuti6JujEy-p0xsKqzT4cetCbUFdwPNi-Fp4jNS632X6dk5jlPCsJ7HZKqsMhUewr_DMVU8tU0qt6HbMigUIJWrarFJFcJrGaIj90TrsGmpfSthpjf5-mDEmXf0QT83kop_7luXCFt9MQN5BxqxZp3T3cKWcPkL1dc_cTC-PhqW1nvzszpmzmeQDcCd3s_zXSvrioy8rGXZeeKF8nss7qOU0sZGusXiJQt8MsKPEscbtX4pUp6hBqsu7lRxQyW3LAt1dz2EcRvabQ-MIwLvGBZfsj_GDUSfi5xYPF3ZrPM1unfoxQvjATQl7i0F8A4TWBaTH8iHHOquJ8COvw8uKj8o92P6l15-L1kfH3c6H39vx47Pj2e5ljXY4eqEeq26RHUiU7gS4jtV-UMnxneezjgE3FMthH5g6YMx7fMqxcmVEt_Za1tijTegob3t11KsgIggG14mkx6_7lgmm4UuuwZ1DSfc3nUiJ_foK7Aw5KPx8r2I84vIdNHgs5_C7uoponRjMFw6PIRZTMZc5GyIJo4jSXgnvK2CQ3ELqga3vl-l8FpXH3RuBxVDEN9ltzW1vlnmv7eNkGjVYiLyqnf2up1yoKK3StHNOFn_oSsgDC1kHMRrT-q3wPc97R2ieLvGP_-BKYedP8YeTQIaehVNMrpEfbfsRXlhmYeASNG1wn6yUQYZRYZk4llrYv-emSI7B3djbaCouYdSt1yZhY54cV_Wd3bRZpFV5cENn0rwEpW9AOrypev2Tpyrr2Ti5kJFSR5u3PAWVFC0H75v0u0FP6MRR5hz2BmEvBRBdHiHp-Aoq2PWY2SLw-r-kg8H5i--bWaVSOjq36QxZaBa4NAEzckCqHzFoK0gFXzhzTTlYs4JcOnMBSEJ_OAbXMLjiLcRn46m8sSbzXL7kPew64TykPz3ZA2eoEcF_AFYT3uU3ioGSIQooZr5s8B9ukAL9WT664TNICVqDB06z8gacHgrqn9Ydygk5VxssnEy8H2V6Dfs-6HJrlWP1GO7VvgvDm0MCIkyybCZtcyIgik-ZI8xbdfK7moNYU45QI1BcAUT9PBtDnNDcnwE2b09HanWMZ2SU3YewY6ltj50SKjJktiD_9tM2SqNe4uHEvk3fdpxRwIdrwWTxLwNVinqIhFzywX-eNzjK904qZa4a7Zv8Lm2xnP5Ds8fEximNfXvRtYxGyBz4obR8tU3RXmWosrBBSTcNyE94Hk-PNmkZuhrz_04qk1zQWiE1BlCN8RGgVJsp85MeaO0gou91W01Ohk_UfhrMkN72HV-XbnY2UTJiq6aJtQk_Z_8_TluI-giUbPrDtyBSaxFDerwlyh4hmte9RLFyo72_mxqAPm9KaEEDI1e_YTKieGA0gvnwQPF7dF9joPYfC0ninmL17c4TYKr96mreNQG2gfFtxzGAdySbz_Y9z4l_zd39c9jEzmu0-D-ldYFxZnm93lpEHhUzVd-cO2fl84Z7a-JuONYBrDAE1wL89d3O4bBBrTEmxtmxO4MsES6PlibQzKQHaIuLyNMfWmZPHemUD6U2ToYPHmW9QK_K-bMR2Au8g5WI-hE9nQZeWbRd1QoUa_DL5jGpYxa6ljjFTsumvEf8UNtLAZ1L9NpTd-Jqj_SeH0bbavldbG1dKeSWxRm38XL4VEciFiPYCJvtiTs2Nay_n7qoTL3NMLRN5iMXSP1xk800b8sXHh27iu6coJNJwk8Ifax_FlMW4HD0vW59rU6XBka1NP9TlnCNLkOJw7v3y_96jAoVlD-5GRJTQJ5zQSzepITjduXq-pp0fcmHMcKLTBE93k4iiNM2F0-jzsP-vcY6ILaLOYV8VVlSKh9qmrScc8siYS229ePRinUQKUF6ol62KRCrrdGqlr6bpUuX7VmvTdqaMGly3pibqDJEHViQL_R82AA7uI-B9j_1E0NG8PobpsUZTIvN7f5BitI6eBmBfRMHFJWlZ-NuU61G5uQi0c22_B_oLtZ-E2fnNt3ORp6rDDa-Zp7PqLarB4hZDZH1BPLici6tbLIQ1Vb7aMeFgmvBQ_TlCVOeGeBx4lHwpZ5yLLQYVkK6g9Nd7Cly9OrP_XcnR2VRjtY1nCohh3cKENELDwhcDFdDiyNd3GAIWXLq6UHZGTsU2pvLWD1UC6NA6buqcbGpe9owuKY4_EuH2B3clTZFZHhWws9CKlWLFXTXdd610G9N1AjB1cwIiKMAderH-O_AvqV1AFnvwATmyLFsqqlrcXz4E0MvBGz2rtEouHx5t42rNqllNPbsqVqqf_P4YVyVyg0xMw7UDun1KmlrGGVxL-S-wDEwrsbkW_iErebRkG2V_b5tEU10nvansMsCH421ERCvuDzT0pkbAo_QMo9vkecOAlnHPLnyNb_6QCYimCR-dZN2gDHpnkVJpUomtVqRJaPEI_a3tfhuTTPrvwUF8RF5d-pyUW7hOSeciwXWgZjr5kfY85CVQY7PrAnV6osf-ZqM_ZrcsBj0ebwvofDk7l3XXOwHJcGi0KhUebwmihzMQj8clE7w3-ufTL9Zh1MVXYIUY5a5L4UpjAEhlRyICQR5oQ81VxY65hUh2LrslqWRfAkeUIygiY-rSl4WY6zr7uZM0RzjVihCmwevgUxAwWl3HXJktzx-mqJMfxJIObbe6nj5K5rtlPUcYt0oQzSBUMaTnFRgoGQsW8wJXRAbQxPPgpxL3Dps4aNJeO2VYkU5y380PtrUv4DBVzespriXzF_0zHNEggAjqIgZvYh-C4dVDDDSG5saHoV3_0XzKIp8RN0g6l_nRXt2gJSSPGN0M-UtYK3-TBJO92EsN2PlfDLI7xAq2WWeYKjXvSreTVcawW_cazOOeE6Lppm2YiLFXE9HvM74cE-QH82u5YBBO0NzTWHJbT6JZOdPBOI4-pL8XSsJzJhVQk93Fw-RnuBMlTyYg2DEjuGTKeGslhY6-PJEB9KXs42khXDTuT5F9huWzKuXds1t9-f5U_MqMzQrQ05awzzVWh7EgCjKZL3njTXHVEvrG9vKVHH1wOY29hMnyW-6JQDofaBfLFRNXsOAbGRS1-3Fjr5HO9q4EZdMyQiMqya0kl5lY5bTtg7gVw7wRYqgEaIfUZDegXX3_YTlz9EFZxkKNCQ5YQjJ8yvFXoYfAXPScQWFbJvHtQkCgGKVZD9OrTFKPJ1LiaUWVk2slwm7NHrTLfad81isbygHkxJY6TrMrUa2ikbN0jXXVD_1QlxEwuzDYWC09kL8Thw7GMxj8k8FjxYpXYkzw6EfvLBQ_LPDQ5AcfY4QY_8raeu_ef1JVNik1VNjy4jdVYf2eIOrzamGso1rVCvkLExO6FGcmFqEN0Dkeyh6Mfj5swx9Cm7eKeRfQe1HUnq7kRVxMB9OLipOHRoG5ma6dEloUPzFZOe98d_u6bDQBZFD2rmsTt3q_OECh9a0Fr0g2e27XEl1tW4imzwjxaeTSfTw5v3Z6yx23CFTZlzJc-n3b0EaBcVsP-DtPTCDT9QGyw0_ZvN04skojYeVUrH_8ed1yQdOyNepeHkHY1BLNvaUbIs5tEl6S2xDcjj-Lj52JZKXiDR24Qbhm1LkU3YKMPO0lFoYh8XCHxdKzX7t07RiCITT2rCUNAk3i-8qJEpd1I8dc8LFuCEz4yG0IYNCCq6ziUZDZ6ex0c0E_S6_k-PwbFVMXSjDvSwwH2pfGOAnt2TzLm2kn7B0RkiSmGtu0ONbNmykg_hASPxk86oosHWQK1-o_gIwqOAYvQtgw010qpl61X-gWUg9hvGHYlt0NTwDjHDk67fgEZDigYAI1iRgljPH1Fyofb0Jjwc5YuTxnFjlBJhzb3MF2phZSEpuP9iqDFt3jKdK1gqm10lFyN3VkizFMAnhEweXPVxoTMGp79nIRmz4GtomGk_NRSxS5C1065295XAz76O7Dve9e3OzXgfBLF8MC9XqDkv7FL8spwBdbXJeWhywdd4RF2-twU9J1BgsNCrkp18n1Yijh5pv-ZJQUZqWZUNs6a9eMbbwh8KtoOqI0G9GCyW5UFBdEnmLmMIoc_JsmMIrFQJZFwpa_jYI5o3EOnORlvBNn2s2Br-ltqog50eNHI7C1GsS7rbJFX0Uv6m7DA58zb8QMIU46YEU7nKUzDSJdc-hQ3yxc8yd4QS8mO81HBA2PFY_HKLS7upvY-qNXxoGT44pJeRHxn9ccEQJo0iC-yjFHR29Tzn6X_5p4D2L90xVaw-ONloWDeo4UAYO7QVArF6Epbea4o&cid=CAQSOwDICaaNJ-reWcW4JYKzilNW9irP17lMxiwWHAWEZr-9XmkHKlBAk_yrxkkAJ7m3WM68WbLUUQOIXOuJGAE&dc_exteid=31301018098774715894142388161323873&dc_pubid=4&cbvp=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0D9C 0
0 58ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CteyxZpgjZev-OcmZjuwPyZuI0AGDkbeBc-CqicCSEmQQASDY44gdYJWKnoKwB6ABkrzovQPIAQapAs4bsBDdwrE-qAMBqgSuAk_QXawZpgTwIX7enlZBrWfIv9jGGfWd-YDIMEjnwZutumsBQB1db6S5xMYPaIMOvuyKIZZYKysgs2BSqiv5dzwV0RENi_gLJEPwkyf24YbQ7_wYPAyAmszW0LoG4Mk-TaBmuyXJbC8PoIUF_pIhhCXjorra0fN8IkP13mSiBbz6ebOeNdgriIO8iUamFIbxtnWJcXCy-YzWIeESksEUFCSQSpm64DAHkM4dkEB-6xy6XCfqVKz6gju5kxxzjtlrogv3-wt9Z1zp-l0CN4fr66bg8zCjbTqiARhHPaJzzF3r7d30EhMJBQXETtS42lbd2dog6nLK_3B5HgSYxMLTkkYJdxtFSl8sSnIgoYTMhCcgaY1rubxTu437VdeaBeRsTipa899Wfp-CtnHgV7DPwATh9KLvpgTgBAOIBYPvh8FJkgUGCAMQARgBkgUGCBsQARgBkgULCCIQAhgBSMLk6gGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB9bDl0KoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChD71AIY8J3F9wHSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi05MzAzODI5OTkxNjk3NjE3mgmeAWh0dHBzOi8vd3d3LnR1aS5jb20vc3RhZWR0ZXJlaXNlbi8_Y29vcGlkPURQQV9EX1BST19UVUlfRFYzNjBfQ0lUWUhFUkJTVDIzX1Byb2R1a3QmdXRtX21lZGl1bT1kaXNwbGF5X0QmdXRtX3NvdXJjZT1wcm9zcGVjdGluZ19EVjM2MCZ1dG1fY2FtcGFpZ249Q0lUWUhFUkJTVDIzgAoDyAsB4g0TCPOwxKGm6IEDFcmMgwcdyQ0CGrATyeDmFMgTy7r64QPQEwDYEwrYFAHQFQGAFwGyFx4KHAgAEhRwdWItNTg4MDQwMTAxMTY4MTQ4MxiDiBjoFwQ&sigh=3X-PXWs_7Ug&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNJ-reWcW4JYKzilNW9irP17lMxiwWHAWEZr-9XmkHKlBAk_yrxkkAJ7m3WM68WbLUUQOIXOuJGAE&template_id=509&vt=10&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame 1825 60 B
268 B 136ms
40ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c7ea0d52c9bc10e1bab7a982f4b55c5caf67cc7533f78888a66d6a882a609882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 06:06:31 GMT
cache-control: private
expires: Sat, 6 Jan 2024 21:07:16 GMT
content-length: 60
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame A229 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 12:44:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A229 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMkMdZ5gjZYG_C4KGx_APnoqu0A8AAAAAOAHgBAI&bg=!jY6ljsHNAAYMG8UMLBs7ADQBe5WfOE2Zz-syx4k42qF09sjMD6SfmEmwyG1YNV32EUx_Vw9QEDxHjYmN4pax_1tGffXDAgAAAD5SAAAABWgBB5kDBnLmub_mfMdBVbnejA1gvBXl4uU_kwhOJpNZWileMmwJD4BHErqSK_Get64WPETO8hbsjLNnN0X16RdV_fy_1_VSmimrtNXIP_lM9xiYFLhqW345A8F0thVPkOHh1hpJ_7M6_ZtWOLQ7nG4naZmoupoO4TEyHpgODoeC8G8K9BfTtqkDRpimUTtWemtQjUp-SMEBvBk3m2p1-FGqi-JGL75q17U0fkuSR4MZOJkF9tgC5_GElUmaLp2xkxZtiLWCMb6rMwgCXatfT-8HTILwyAX2kZKjvnEYBSbjzqCd-GAsVKd25KTu_Tcw0Cjds12Q_3ouoDGx-qAepqsMy3wWTmsHFk0s7pBzshbRTnjRyU9v0U9ykhxBetHQ3dGHo7tS3wGoizw_834zMUiqJMic8KobUv3u2GU_g50_2QBjBUOVTx3mi874bcBz9S5_NNfKJFpEpdlgLR6AbngEJ9h8dCwQCPmyBTuBlyhwNbuZOt5GES3IkMz6D0BM2vX8Ms8K43tEsYeJqSMbRVDI0gerSpRiQm_d82g3ViSiFJcjVaMdAxoc6F10qsUN54JPlas-L9_ek_0j-ZA45CfDDYOuStWDsE1_FhUILoXdERPHhGfeKtFopL6K1Y85Guzmkog3EnPnkV8FunbpA3IhFm9vhoOIbsXiqRJXipGNgXVelRT5vM9zsGK6rMniTgfNVsIBLCHHDWM8sd471og3jwbkb8c2Mmi7g5341xriD13XcSBuUo-VJlyDvOOPY1-Q2lYziNBa_TMfK3aJ3ooIk_GVRCazdSBj3wYHpoMkri3_QtS_y9PAoiKugeJ3gRIFPp6PsNaXHEihgXk_cY4p8GWube0z5cPKxllQf7gDSfYOHzcvN2i_Cl9-e80biVYmbnESlcgwu0FPx0bcYKEQ6xDERJyZs9D2egvHxef1oeoJsrmdkBxjpsMmmMVDzXLzJOElCSfkHqxktSilaWJfHbe1jICvG9lZQmsgF6kMS66VgKngY9MBsnZCUxIAg3pKJfHUDUXC6bxIdQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F58B 39 KB
15 KB 21ms
21ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=122061
content-encoding: gzip
content-length: 14527
content-type: text/html
date: Mon, 09 Oct 2023 06:06:31 GMT
expires: Tue, 10 Oct 2023 16:00:52 GMT
last-modified: Wed, 06 Sep 2023 06:10:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2A2E 39 KB
15 KB 25ms
25ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=122061
content-encoding: gzip
content-length: 14527
content-type: text/html
date: Mon, 09 Oct 2023 06:06:31 GMT
expires: Tue, 10 Oct 2023 16:00:52 GMT
last-modified: Wed, 06 Sep 2023 06:10:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame 1825 2 KB
2 KB 130ms
36ms Script
text/html 198.47.127.206
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=158429&siteId=597963&adId=2510291&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.rediff.com%2F&inIframe=1&kadpageurl=https%3A%2F%2Fwww.rediff.com%2F&operId=3&sec=1&kltstamp=2023-10-9%208%3A6%3A31&timezone=2&screenResolution=1600x1200&ranreq=0.9251377633047626&pmUniAdId=0&adVisibility=1&adPosition=655x287.5&rmp=safeframe%3B&pm_uid_bc=BBE11EE5-5BC3-4DC8-9092-55FB78E3111B&gdpr=0&sua_br=%5B%5D&sua_mob=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.206 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0600afeccc4aef64ec5f16ebf9976b521a9da6bb74070b2d6223f0d6ab0984c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 09 Oct 2023 06:06:31 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F58B 2 KB
3 KB 41ms
41ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84702424&p=158429&s=597963&a=2510291&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 87c5ded805beb6febfd4ce264babf478d358b58dce76fa02238f1651e16d81ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 09 Oct 2023 06:06:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 0452 43 B
363 B 125ms
39ms Document
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 06:06:31 GMT
expires: Mon, 09 Oct 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 293908
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 7304
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

202ms
202ms

Document
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 09 Oct 2023 06:06:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 33N1HENMWHK7YDHCZV2S

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 09 Oct 2023 06:06:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TN1CREW4RDP8SQZBRH7M

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A954
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea

42 B
569 B

136ms
40ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 09 Oct 2023 06:06:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Mon, 09 Oct 2023 06:06:31 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F58B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IQGron4hSxqC2EtvOuETtQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

28ms
28ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:32 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=117323
accept-ranges: bytes
content-length: 5606
expires: Tue, 10 Oct 2023 14:41:55 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame F58B 49 B
265 B 155ms
55ms Image
image/gif 54.77.82.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:32 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.252
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame F58B
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=493507800
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5

0
284 B

82ms
28ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
via: 1.1 google
last-modified: Mon, 09 Oct 2023 06:06:32 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5
date: Mon, 09 Oct 2023 06:06:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame F58B
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NG1meVFTTm51LUpTWmlpZk54d1Y0WFJTQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=8824644717817067780&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

116ms
116ms

Image
image/png

54.197.99.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Server: 54.197.99.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-99-246.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:32 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 09 Oct 2023 06:06:32 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F58B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjEwMUFCQTItN0UyMS00QjFBLTgyRDgtNEI2RjNBRTExM0I1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

111ms
41ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 09 Oct 2023 06:06:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F58B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECEjmbY7ItTVbHXMQSpNgWY&google_cver=1

42 B
270 B

112ms
42ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECEjmbY7ItTVbHXMQSpNgWY&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 09 Oct 2023 06:06:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECEjmbY7ItTVbHXMQSpNgWY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F58B 43 B
610 B 104ms
30ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 08 Oct 2023 06:06:31 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F58B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824644717817067780

42 B
472 B

130ms
39ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824644717817067780
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 09 Oct 2023 06:06:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8824644717817067780
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F58B 70 B
149 B 141ms
44ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame F58B 0
125 B 73ms
22ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F58B 43 B
426 B 145ms
47ms Image
image/gif 2a05:d018:d29:3602:92bc:acd1:fb60:2d82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:92bc:acd1:fb60:2d82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK asyncjs.php Show response
newads.rediff.com/rediffadserver/www/delivery/ Frame 1825 10 KB
4 KB 162ms
161ms Script
text/javascript 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncjs.php
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=158429&siteId=597963&adId=2510291&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.rediff.com%2F&inIframe=1&kadpageurl=https%3A%2F%2Fwww.rediff.com%2F&operId=3&sec=1&kltstamp=2023-10-9%208%3A6%3A31&timezone=2&screenResolution=1600x1200&ranreq=0.9251377633047626&pmUniAdId=0&adVisibility=1&adPosition=655x287.5&rmp=safeframe%3B&pm_uid_bc=BBE11EE5-5BC3-4DC8-9092-55FB78E3111B&gdpr=0&sua_br=%5B%5D&sua_mob=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 0a258d1f075fdf1f3195f30d5b09b6fefe79a0cd8387a85614c93f5bb83d242f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:32 GMT
Content-Encoding: gzip
Server: Apache
ETag: 4b71f4079fb345c8ac958d0e9f0b56dd
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, max-age=3600
Connection: Keep-Alive
Expire: Mon, 09 Oct 2023 07:06:32 GMT
Keep-Alive: timeout=5, max=83
Content-Length: 3542

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame 671D 0
91 B 162ms
39ms Document
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158429&siteId=597963&adId=2510291&imprId=900E653A-E0C6-4638-B7E5-744096A713A5&cksum=104DF6B2B3774D3D&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1696831591&indirectAdId=2263932&adServerOptimizerId=1&ranreq=0.9251377633047626&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=25&svr=ADSAMS001&adsver=_2043887087&adsabzcid=0&cls=ADS&i0=0x3100000000000000&ekefact=Z5gjZYAYDgBE4PThlXRdm6DUb6sHNnDMqQOCJZ8nKhEoDY1Q&ekaxefact=Z5gjZY0YDgAvbjZ0KNWRB9sDapz_D5bsSKXA4xsPkNEKNFaP&ekpbmtpfact=Z5gjZZkYDgA37j0uo5oEVcohoxth73NO3BpsGGR_UNdj5-oX&enpp=Z5gjZaUYDgB2Q8Kgm2TE105ELT5h3OnThh2nFErHxWdNRAAw&pfi=1&dc=AMS&crID=0&wAdType=3&campaignId=0&isRTB=0&ver=11&dateHr=2023100906&usrgen=0&usryob=0&oid=900E653A-E0C6-4638-B7E5-744096A713A5&cntryId=58&sec=1&pAuSt=3&wops=0&sURL=rediff.com&BrID=5
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=158429&siteId=597963&adId=2510291&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fwww.rediff.com%2F&inIframe=1&kadpageurl=https%3A%2F%2Fwww.rediff.com%2F&operId=3&sec=1&kltstamp=2023-10-9%208%3A6%3A31&timezone=2&screenResolution=1600x1200&ranreq=0.9251377633047626&pmUniAdId=0&adVisibility=1&adPosition=655x287.5&rmp=safeframe%3B&pm_uid_bc=BBE11EE5-5BC3-4DC8-9092-55FB78E3111B&gdpr=0&sua_br=%5B%5D&sua_mob=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 09 Oct 2023 06:06:30 GMT
expires: 0
pragma: no-cache

GET
DATA 200
OK truncated
/ Frame 1825 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae09991c815b827902bca0d58c889e22f392a427e51b30e4f965609ce90ea47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D340 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP9GvzStOdSEbhwwXPDkvzqOCIZ7Xa3mJYPt_X5RFpEa_q1oxrYT_lRz8YW26LeWr3iJji5WfNSaaWtF9qi3KHGLlcS5GOVFLUvEuIDiHOl7dmn6ODLTTC2tOX324GeVqa4OFVX9ZrCbc7ZNb46G_5ioMTZJV1nmXFezh9MiU&sai=AMfl-YQo4KJOgUbF1ydEJbcA7Ci5y4EngI8EBMOhD8nCxOaaNy3arYDO_ZJBIO8JNdZKP93Ub0o8hw672dsg_H6TrD6URlQOAWwQSm5EVzQzIHw1TWOFKmfi55KWW5k&sig=Cg0ArKJSzCswA_xzWLj_EAE&cid=CAQSOwDICaaNO838nySXifDupsNZqNI5Yu57Lj9yw35PFjfuSkbbOEYgKutmUHX9B4BtFxUzOyj5qGcq6fLRGAE&id=lidar2&mcvt=1000&p=360,287,610,587&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3822637794&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696831590806&rpt=206&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6E3 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=245559845854&version=m202309260101&ct=76&x=1&cor=8023144387744821000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D7FB 42 B
64 B 65ms
65ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOK1iTqePnCIcoNZ38UuDK4BmjXhmWsZ68JFJvDQXlIkx1RnRUxkfrexiUkSjIO-_tUdnXpo7acfk67RLDgGJYT_IsflcBVOICMyxJmWTccp7_CImpHjXhhEuMwrnwQkwYQFA2jQHZAgEa&sai=AMfl-YQ7vNsnTORrXDXor-bItSgonNr2MK4OzhkhReD7auqGCXVXW4E8GqXXX6YM5Y0jp7LR5vCIlw2GbftFXTU1jzrhb7G6GgaybPFddRD0lNEeay1hf1GzY6AjHvo&sig=Cg0ArKJSzBWSvtfXDImBEAE&cid=CAQSOwDICaaNaBPwdlIyNcjsCEbzrmjl9lG7P1g4m_F8dAdnQjRCy2zqLZ8WDSSWqhz4b7G9Q9IGf9grJ1njGAE&id=ampim&o=315,78&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=404&tls=1404&g=100&h=100&tt=1404&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rediff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A4 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1526043874834&version=m202309260101&ct=76&x=1&cor=15212241713647178000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1825 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzwsAZmoq_ykMF4cjXSLE1ThcVTZlhHL178_GaQw1O7p9D0r-4ghMjAMaCTznDr437zFe4n5y-vbLrM4QXNEch8iYaFxFLH29BzKn1-knNAJBUAiO0gSFEN4X3Goey0jjoYb74128YQvaf2NzYrAKkqBemBpTLYGkkKXOQUROK1CalS1t5iimyDZvxw8hXh_Dytr-E3dlcjHZKRMdZ7qGevdZ9IUdznyG6RODcgqhZDciNogDyeGUgXXeLtV7jxqc964BW-PSFCO3QJahpp4istXE2M_H8m5Q3Bs0hEBC99XGsBAW0fR2pIeF7oJQNfz_1TbXMPcJBdGvpwToC4kCTlqk3UegUkOLb&sai=AMfl-YT3Tg0im7tjzpJY3isfVDto_CIXzJWVyzDh8mNo0ytHJaTvfll1DUvet3dKaDN46g0AEZ4H3iZegpFvr414W5f8QEJkMFsGqb7KY63p7taNktqk5b1-VMWG2MGs4g&sig=Cg0ArKJSzOej2J5jq15GEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Oct 2023 06:06:32 GMT

GET
H/1.1 200
OK asyncspc.php Show response
newads.rediff.com/rediffadserver/www/delivery/ Frame 1825 1003 B
1 KB 166ms
166ms XHR
application/json 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncspc.php?zones=409&prefix=revive-0-&source=_blank&target=_blank&loc=https%3A%2F%2F7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&referer=https%3A%2F%2Fwww.rediff.com%2F
Requested by: Host: newads.rediff.com
URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 04cc169335aeaa1b34b8bef6adab3ecd03c92995068402195117edc420180acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=5, max=82
Content-Length: 557
Expires: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame 1825 231 KB
84 KB 22ms
21ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: newads.rediff.com
URL: https://newads.rediff.com/rediffadserver/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d33b9d69281a0e049f69af6e39ad98c7e7db554f5e5372a4dfa3ed2b67d69c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:32 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:34:44 GMT
etag: "17-Ohr2jKh/1vXBS3BUzk5PcrolHXw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: b0c7ec99cff5ed987456e6f21f6dfda7
timing-allow-origin: *, *
content-length: 85565
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK lg.php
newads.rediff.com/rediffadserver/www/delivery/ Frame 1825 43 B
463 B 164ms
163ms Image
image/gif 119.252.154.25
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newads.rediff.com/rediffadserver/www/delivery/lg.php?bannerid=885&campaignid=411&zoneid=409&source=_blank&loc=https%3A%2F%2F7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&referer=https%3A%2F%2Fwww.rediff.com%2F&cb=b4957e1a10
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 119.252.154.25 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: host-119-252-154-25.rediffdns.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:33 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=81
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK N2MzZWVmNmIyNmI5YTcyMGIyNDhkYjkyMzE1NTliZDkuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame 1825 16 B
464 B 377ms
377ms XHR
application/json 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/N2MzZWVmNmIyNmI5YTcyMGIyNDhkYjkyMzE1NTliZDkuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 09 Oct 2023 06:06:33 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 5862e3ba501f003a63ef81e41e8ae961
Content-Length: 16
Expires: Mon, 09 Oct 2023 18:06:33 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 1825 43 B
371 B 21ms
20ms Image
image/gif 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 06:06:33 GMT
date: Mon, 09 Oct 2023 06:06:33 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 400 get
mv.outbrain.com/Multivac/api/ Frame 1825 0
0 128ms
128ms Script
text/plain 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%253A%252F%252F7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-40%252Fhtml%252Fcontainer.html&idx=0&rand=80042&widgetJSId=AR_9&va=true&et=true&format=html&px=0&py=12&vpd=0&cw=300&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010477&sig=v68Tx9SR&apv=false&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww.rediff.com%2F&ogn=https%3A%2F%2F7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-lga21928-LGA, cache-fra-etou8220092-FRA
date: Mon, 09 Oct 2023 06:06:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1696831593.374833,VS0,VE100
x-cache: MISS, MISS
content-type: text/plain;charset=UTF-8
x-traceid: 73ba2514b82d4610efaa16377a5a94be
accept-ranges: bytes
content-length: 25
x-cache-hits: 0, 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3FM4PW27JR&gtm=45je3a40&_p=297538792&cid=195423686.1696831585&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1696831588&sct=1&seg=0&dl=https%3A%2F%2Fwww.rediff.com%2Fnews%2Freport%2Fcrooks-hack-payment-gateway-company-siphon-off-rs-16180-cr%2F20231008.htm&dt=Crooks%20hack%20payment%20gateway%20company%2C%20siphon%20off%20Rs%2016%2C180%20cr%20-%20Rediff.com%20India%20News&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3FM4PW27JR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rediff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rediff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame 1825 4 B
371 B 109ms
109ms XHR
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696831593409&sessionId=1ad5e242-cc4a-25a0-d563-837674c40044&url=7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=380
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Oct 2023 06:06:33 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 39ba941ae451f97a266397f6ee0bd694
Content-Length: 4
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1825 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfMsHjG11RSa9ZuW02HrSjeIK_661B36co6kjm8i-UVcpZC4HWkzs7ua6OmxhbiipxmLaFAZ59Ya1vnQP0VqQg5ui20hRMmM0IjXemTGsiigS8uUcmOhtNnc4d5Mgc&sig=Cg0ArKJSzFivb9p3-iYfEAE&id=lidar2&mcvt=1000&p=655,287,905,587&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2326695374&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696831591358&rpt=1445&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Oct 2023 06:06:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame F58B 0
260 B 112ms
32ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158429&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:06:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rediff.com/	1970-01-21 00:42:07	Name: __gads Value: ID=06deed25cae3450d:T=1696831584:RT=1696831584:S=ALNI_MbHWohMQfYE1zyOj-URY3_7BlYjOw
.rediff.com/	1970-01-21 00:42:07	Name: __gpi Value: UID=00000c92fa5f1a97:T=1696831584:RT=1696831584:S=ALNI_MacouBpkpCCxliWTF9yLLgjIfx-Vg
.doubleclick.net/	1970-01-20 15:20:35	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:42:07	Name: IDE Value: AHWqTUlvK4LxFaQjQX4iY2pZ_lLrJBqX_cf2xSzPHKiXDeLa6kcchGk3GKnFTYAnHAw
.googleadservices.com/	1970-01-20 17:30:07	Name: ar_debug Value: 1
newads.rediff.com/	1970-01-21 00:06:07	Name: OAID Value: e8a7421040b814d5789f403b35743506
.rediff.com/	1970-01-21 00:56:31	Name: _ga Value: GA1.2.195423686.1696831585
.rediff.com/	1970-01-20 15:21:57	Name: _gid Value: GA1.2.522669464.1696831588
.rediff.com/	1970-01-20 15:20:31	Name: _gat_gtag_UA_111630784_8 Value: 1
.rediff.com/	1970-01-21 00:56:31	Name: RuW Value: 2d2a54f7.60742641b99e7
www.rediff.com/	1969-12-31 23:59:59	Name: pbjs_debug Value: null
.rediff.com/	1970-01-21 00:06:07	Name: FCNEC Value: %5B%5B%22AKsRol8EoEaMs6jVQEUdsT-QsiUy3Q9YRm2V7P6Y0RcnEpxscoLYj7DSlEt1OliVtdA5cdGDbVRoff6qqm30qAxdpAGXM9oheA9KAoAcYqxsnYv2mV9wS7ShauLNVSjeTo7Ds_ov2DAXXmkrkBHqvsKI0PS4JMAuuQ%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22440%22%5D%5D%5D
.doubleclick.net/	1970-01-20 19:39:43	Name: APC Value: AfxxVi57PZ5uaEOkc8uw6GOhNxd3vPFpnoKjrjm9nwWmimIkQpknEw
.rediff.com/	1970-01-21 00:56:31	Name: _ga_3FM4PW27JR Value: GS1.1.1696831588.1.0.1696831591.0.0.0
.ads.pubmatic.com/	1970-01-20 15:21:57	Name: KCCH Value: YES
.pubmatic.com/	1970-01-21 00:06:07	Name: KADUSERCOOKIE Value: 2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5
.pubmatic.com/	1970-01-20 17:30:07	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 15:21:57	Name: pi Value: 158429:2
.pubmatic.com/	1970-01-20 17:30:07	Name: DPSync3 Value: 1698019200%3A245_241_235_201
.pubmatic.com/	1970-01-20 17:30:07	Name: SyncRTB3 Value: 1698019200%3A54_71_8_21_13_56_220_251%7C1698105600%3A35%7C1697414400%3A223
.pubmatic.com/	1970-01-20 17:30:07	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 17:30:07	Name: pp Value: 158429
.pubmatic.com/	1970-01-20 15:21:57	Name: PMDTSHR Value: cat:
.quantserve.com/	1970-01-20 17:30:07	Name: d Value: EPgBCwGSKvijAA
.quantserve.com/	1970-01-21 00:50:45	Name: mc Value: 65239867-e77f6-dc5a8-39a17
.weborama.fr/	1970-01-21 00:46:26	Name: AFFICHE_W Value: QG68cTbVIB1A99
.simpli.fi/	1970-01-21 00:07:33	Name: suid Value: 94268A15BA584D078DBC400AE461C94B
.adform.net/	1970-01-20 16:05:09	Name: C Value: 1
.adform.net/	1970-01-20 16:46:55	Name: uid Value: 8824644717817067780
.pubmatic.com/	1970-01-20 17:30:07	Name: KRTBCOOKIE_153 Value: 1923-G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea&KRTB&19420-G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea&KRTB&22979-G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea&KRTB&23403-G8VcWBTIWFwAlVlcS8ZDD07FD1MAw1cKHMfVQQea
.pubmatic.com/	1970-01-20 16:03:43	Name: PugT Value: 1696831592
.pubmatic.com/	1970-01-20 17:30:07	Name: KRTBCOOKIE_80 Value: 22987-CAESECEjmbY7ItTVbHXMQSpNgWY&KRTB&23025-CAESECEjmbY7ItTVbHXMQSpNgWY&KRTB&23386-CAESECEjmbY7ItTVbHXMQSpNgWY
.pubmatic.com/	1970-01-20 16:03:43	Name: KRTBCOOKIE_391 Value: 22924-8824644717817067780&KRTB&23263-8824644717817067780&KRTB&23481-8824644717817067780
.amazon-adsystem.com/	1970-01-20 21:43:33	Name: ad-id Value: A7tY6ftqFk9zrsg52w3ZvEc
.amazon-adsystem.com/	1970-01-21 00:56:31	Name: ad-privacy Value: 0
.audrte.com/	1970-01-20 15:42:07	Name: arcki2 Value: 4mfyQSNnu-JSZiifNxwV4XRSA!20220908!1696831592320!ip#217.114.218.22
.audrte.com/	1970-01-20 15:42:07	Name: arcki2_pubmatic Value: 2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5!20220908!1696831592323
.audrte.com/	1970-01-20 15:42:07	Name: arcki2_ddp2 Value: 4mfyQSNnu-JSZiifNxwV4XRSA!20220908!1696831592475
.audrte.com/	1970-01-20 15:42:07	Name: arcki2_adform Value: 8824644717817067780!20220908!1696831592624

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/8056895536743055360/index.html".
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2101ABA2-7E21-4B1A-82D8-4B6F3AE113B5&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mv.outbrain.com/Multivac/api/get?url=https%253A%252F%252F7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-40%252Fhtml%252Fcontainer.html&idx=0&rand=80042&widgetJSId=AR_9&va=true&et=true&format=html&px=0&py=12&vpd=0&cw=300&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010477&sig=v68Tx9SR&apv=false&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww.rediff.com%2F&ogn=https%3A%2F%2F7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c3eef6b26b9a720b248db9231559bd9.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
ads.pubmatic.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn4-hbs.affinitymatrix.com
cm.g.doubleclick.net
cms.quantserve.com
contentads.rediff.com
cr.frontend.weborama.fr
dis.criteo.com
dmp.adform.net
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbs.ph.affinity.com
idsync.frontend.weborama.fr
im.rediff.com
image2.pubmatic.com
image6.pubmatic.com
imworld.rediff.com
indmetric.rediff.com
log.outbrainimg.com
match.adsrvr.org
mv.outbrain.com
newads.rediff.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
recoprofile.rediff.com
region1.google-analytics.com
rock.defybrick.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sshowads.pubmatic.com
st.pubmatic.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
usmetric.rediff.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rediff.com
114.31.225.44
119.252.154.22
119.252.154.25
13.32.99.90
142.250.184.194
142.250.186.98
146.75.122.132
178.250.7.11
185.64.190.89
185.64.191.210
198.47.127.19
198.47.127.20
198.47.127.206
2.18.161.178
2001:4860:4802:34::36
202.137.238.20
216.58.212.162
23.32.185.60
23.35.236.201
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2016:ee00:1a:ba5c:3900:93a1
2606:4700::6810:5714
2607:fc48:bc4b::bc:238
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9d
2a02:26f0:480:d::210:f14b
2a02:26f0:480:d::210:f153
2a05:d018:d29:3602:92bc:acd1:fb60:2d82
3.33.220.150
3.75.62.37
34.111.129.221
34.111.131.239
34.117.1.141
35.204.158.49
37.157.3.26
52.95.126.160
54.197.99.246
54.77.82.203
64.202.112.223
00951c3b4f4c4bf46e409b6285647e6ae3995cfd262fd72858513c8a226a52a2
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04cc169335aeaa1b34b8bef6adab3ecd03c92995068402195117edc420180acf
0600afeccc4aef64ec5f16ebf9976b521a9da6bb74070b2d6223f0d6ab0984c5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09d69a08a5693ec24f2f87cc1dab4890f7b523011eab6a89e7f9440f920a6727
0a258d1f075fdf1f3195f30d5b09b6fefe79a0cd8387a85614c93f5bb83d242f
0aa77b87600f346371e78c8f44516a4721231eac555d391b27599c3f83e0be50
0b973a1fc6c2f5b494d0476015f47f5da42d1fd968310924e8c49f820a6c7eac
0ed3356eccecaf7ee997383573b72c9a75b4f18a63a561c2cd7e37b7bf7d3ef0
102aeb33a77e03fcf47d060dbaa2e9e7e05d31b8bb4b56fec289a67153d681e9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a02bbb6b0afe598fba70d2a61863ca3772ef9f6f27cb145f4bc7aa6f69a75d8
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
1ac53c3845a5de139b3a50f23e4ef5d0871565618884637aa9fef608954d405e
1e8e9a28adada53ea1a7cdf5aa39284133ed93deb3bb796a056d7c7c9c79bd03
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
22ffa09560779b92b0489edad160e2faaca4efa1764142faa05c286c7b3a4acb
265e911c9c48dbcba2283248e0583e9c851aa555c287272d48a96a927fe3f737
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d33b9d69281a0e049f69af6e39ad98c7e7db554f5e5372a4dfa3ed2b67d69c9
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3233293caf7989565743fb9a823a3ada0f121c509b68557e7e35b06b7202f99d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36c4421ecd66ea76951289635ed3b8d0cb57725e7d53ae460443a8be2f6fafbe
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a72648ebd89ba074e7d9c7f87a17c3f493a3b6874c910252958ac29858e7b2a
3aa7c1aa820d8582dd88d19e867ce0672552b76a280ef29e181e46b29b64c2b2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b2f9ae0192c7cc1dc55b9768623266681dc120f03a1552ef331df1abe7e1293
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1
3ea59f09878ba3854e6b0e9b319e81dfaa0cb411a41e8988132753bd2a3307bf
40b8fa86f905cc306d96539bb46bc9f7bb0ad808953e341818cca34c0d6c7869
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9e3a6f6597f00d484d2c96b7922c1eb151f0c16496f040ef855c8fc5f392a
446b80aef2b8c6411be2e0f3a1bd890efb5c400e9f993e30778149a69e51d5be
44bc31053f9d2df157797db845dc930b30b469a6e435db21d46b30c58f9046f2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477ac851653f64be40a6a7e8a94867faa4283c069bcf4515e41160b3f4535fd7
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e577c983073939b55605434bccf052adbf0c5bc5bc75d5d2b4d3951b1482018
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5784edcd3e8ee97446434d62db2d5f24307ee5b39f801b2f202119ea2f608126
5bdf41b8f3c102252431223070b9285e5e2ac195272a24520d9b8bd2b520aad5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e4bea37a2e5e6328039e3cf241894935b329d45dbfe273acc6b2fe99f58794c
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6279f3f78fbed75f97404d2df10470430c7b92d1621a67be3df3b420ff4d6dd4
629ad9108529758576b73bc1915dbfe37b875f60cfcf17678e7c3aa30b94e401
64f6b92d9b188787a35a7a12ae46e67ac016767cf72f1e05e9ad16252fc0e35f
650ae8f7c90ede05991a1fab60aaf04c8f04d82f9470c1b37f9e46af27793002
6956d2bcf831148b894f41749b6c1d6c2ce9a03aff163c7460429de1b4baf10b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c8c267112268517a37cd4e4cae9ea1717738ebaa1c7a8e1528300e776c2c060
6dde3a324cd5fe7039fb8bab6020cf15caa56ab11ab0a784122389c30faf37ef
707f82883cd0e1410f8b1cd71c6855db0be292db627847cd9b5c706f997c152f
70d0368bca7367312943b2020e0394e97f80dfe6c769e75d78cf0f733afe4a4b
719c4bb9e3f7f9b5368a3f8aacc980c62693d868367342f8627716ddddac9142
723110ba4c41600f554b5f5b70fd36d48c8397954a48b67109eb92aad5da9023
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7bfc7444d7ee08fbd52ef8d2d573b8ac6993c91a04a0977ca77445e93623497e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80e8746c8ea93fa38e50b2e15647b26a9c7324439afda55fe8b85c9dd3aa88ce
81aab37d8c9d95a568c57e163c65bbe40c0fd0a521f64fc04200ebf7c5074e49
8445891faa16c66d7ea18fbdbdd7755ac68eb0bbb3520fa341e138d3c7891b6c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
87c5ded805beb6febfd4ce264babf478d358b58dce76fa02238f1651e16d81ba
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90a9076fec149fab0a4f877838bafd194f45078138d906c626c308c8b155240c
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c
9437938ac45cb68a27c8dc9088b7393b02462270474340cf9a79c1fcfbe9af46
94d60bed59d1612c078119df55a50d94ff6198a108de1ce688f1746e9f76b054
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f444de7fa108725f957cc7e358e406375e80d14abae50360bf906a94c81f58
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3f55d52e9b2df0f21d26e6f32f8266eb5dd702f03f44e52127514d539abcf60
a40579d18f3acb5aebb4cf0976354a7baca4ebd40cb8e9b24d6e58dcb72f7510
a4dd60de1b2e32632bb395467006d7abd155f3824e70ae1146251fcaca8116fc
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
a5a97dc88b67ca5d72476736a7a1a56825bf265ed92ec173b41c1c43d4ef4c0e
a5f90f4f3797d6fac1a0bc20c9380cebae74231c403a248144c166509b2464a4
a7ba79676bd555e262ba4838ee3ce4652ed3ef16e55f734396aa5397261844d0
a9dae134698b0f47b86dad39e5539b63ef66e9ff1d7072111050edcf16ff24a1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0fb469043da74a5ca2a2fcb55df139932552ea6a0c25b00685adde0ef3a20f0
b16c643bfc888d647600ff99116a5a03548f029f74b471c8b7efe547d38ba2e9
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b69069ebdff74081eb5be82f9ba29901110a95dfc1884f3369a46d3da7ae4650
b7adfb3bf9f8daa4adee7cf8ef871c7631ed310f243e6383fc1de48dd12ba3fd
ba3fc1917bbb25bbab961d68d70c594f29e190711b0b370b7182c6c1c8838aca
bc4b10c977e3e9d710504fc765a0fc0a1a75605ae7829f7227d241819f0c2578
c01ed0c514492d496705420775f196209d076e6dd91940d1a4cee09c3973e311
c07417ffc3c3a0155112b45ecbd8d3799814a771cc68737f2d1e248a60dbf90a
c0cf9220a1a3781126fd9a78b81b27753612d1ce2cfc8a1d5e6e774e845ba4f7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c7ea0d52c9bc10e1bab7a982f4b55c5caf67cc7533f78888a66d6a882a609882
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
cd2f5e054c32283bdfa0b62f3ac43129fa9cb7b177f6f7e41eeec411c76d9a7c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf69d92170111172727ec80de5bbb02c0a8d0a06d6dd284db4e0927d5b0925a6
d12bc78f4982837e3a5aaa4fcf14c06064764c5bd8c3f7eb3307d8e1b5d39d07
d155c5953f9f1a8722ecadd4b104956697f7c04bbcd50c9ec386c680bee2fca1
d50a49c66a3693b3f71ac082bfa6e2313f738ad00f386d894064ac6b68ab5d60
d74d5adfbf0c05f948301d7d1f1b9613e234f58a61018858ce31ca919ba37de0
dab6301d8bb2f355f676bbd2755549d01bcc2d6fab04e5f8378738579119f535
dc037eb0f4a061b83c2ba40a7accd29bfc8960f910ebd3eeb5b81b900592abde
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea5408288eaeaeaa6e91afd0910a6f019012f1172f27d392397b6c25c7792b3
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0e06c6b7918fc0ca7b4d8c585529a801b3e327a5b985092bfad5ed5dab7bcc7
e0f1f0bc1475187cb7f4e04b1a41324aa4aa5a50041d2a9f51d0403ac1e1e443
e32a964945deb3bbbb1440d19be007cb960080a71d89bdabe94062b305dfd3d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b697fc8700c56a1360554939c7c22c8226ae28a9265bff2be874246b6fd30b
eae09991c815b827902bca0d58c889e22f392a427e51b30e4f965609ce90ea47
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebcb799adf679646bcdc30ba8cbb137cb9855f7c8b0d1d0d86ee99d41d71ad7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff851a52e06e8ac47e0cccbfbf5e97c15a0b088f59fceb0dafc19b990aabf9b
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f35316cd1c783e3cc84bb1c407d12cd7a54d0151a8a54142c3e7337a40d4093d
f44524f4c2c58bd1362b6d3447dfaa8085de8e6212f66c4c0a0cb3de7817d3dd
f529f70a13a14075f1c370b29c0e59374bdc4e7c59f2708f259c1277a88bab0e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69d8edd09550bc0c08970c85ed53f1cfcd6a5330faf9c6a7ecd349d295f2488
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9013248fe77b3f4263f2369b0bbffe2665e2d5c8e11aaf96778d256461fcdd6
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
fd24a6d32841a12f2b3299a3358234c57fd1e2a47dea5d0c49b46f4b077109d7
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.rediff.com Open in urlscan Pro 2a02:26f0:480:d::210:f153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

293 Requests

97 %HTTPS

46 %IPv6

31 Domains

61 Subdomains

51 IPs

9 Countries

5156 kBTransfer

9976 kBSize

39 Cookies

22 Outgoing links

Redirected requests

293 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rediff.com Open in urlscan Pro
2a02:26f0:480:d::210:f153 Public Scan

Screenshot
Live screenshot

Full Image

293
Requests

97 %
HTTPS

46 %
IPv6

31
Domains

61
Subdomains

51
IPs

9
Countries

5156 kB
Transfer

9976 kB
Size

39
Cookies

293 HTTP transactions
8 data transactions