urlscan.io logo urlscan.io
SecurityTrails logo

newsmarathi.mahanews18.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://newsmarathi.mahanews18.com/
Effective URL: https://newsmarathi.mahanews18.com/
Submission: On August 27 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 18 domains to perform 111 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsmarathi.mahanews18.com.
TLS certificate: Issued by GTS CA 1P5 on July 26th 2023. Valid for: 3 months.
This is the only time newsmarathi.mahanews18.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
15 2a06:98c1:312... 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
1 9 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:46::45 8075 (MICROSOFT...)
1 151.101.1.108 54113 (FASTLY)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 4 142.250.184.226 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 7 185.89.210.153 29990 (ASN-APPNEX)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
3 52.218.117.2 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
111 27
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
newsmarathi.mahanews18.com
15    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
newsmarathi.mahanews18.com
23    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
9    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
13    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a02:26f0:3500:1b::1724:a387 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
7    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
ams3-ib.adnxs.com
10    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
3    52.218.117.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
t2ocreaspalladium.s3-eu-west-1.amazonaws.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
36 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
480 KB
16 mahanews18.com
newsmarathi.mahanews18.com
653 KB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
121 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
303 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
359 KB
8 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1761
ib.adnxs.com — Cisco Umbrella Rank: 245
ams3-ib.adnxs.com — Cisco Umbrella Rank: 7114
32 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 62
12 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594
3 KB
3 amazonaws.com
t2ocreaspalladium.s3-eu-west-1.amazonaws.com — Cisco Umbrella Rank: 247672
56 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
170 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
www.googleadservices.com — Cisco Umbrella Rank: 150
605 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2753
pixel.wp.com — Cisco Umbrella Rank: 2673
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
86 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4680
34 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2412
261 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
75 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
999 B
111 18
Domain Requested by
23 pagead2.googlesyndication.com newsmarathi.mahanews18.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
16 newsmarathi.mahanews18.com 1 redirects newsmarathi.mahanews18.com
13 tpc.googlesyndication.com newsmarathi.mahanews18.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
10 s0.2mdn.net newsmarathi.mahanews18.com
s0.2mdn.net
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
newsmarathi.mahanews18.com
5 www.bing.com 2 redirects googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
googleads.g.doubleclick.net
4 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
newsmarathi.mahanews18.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 t2ocreaspalladium.s3-eu-west-1.amazonaws.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.googletagservices.com newsmarathi.mahanews18.com
googleads.g.doubleclick.net
2 www.googleadservices.com
2 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net newsmarathi.mahanews18.com
2 cdnjs.cloudflare.com newsmarathi.mahanews18.com
cdnjs.cloudflare.com
1 www.google.com tpc.googlesyndication.com
1 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 cdn.adnxs.com newsmarathi.mahanews18.com
1 adsdk.microsoft.com newsmarathi.mahanews18.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com newsmarathi.mahanews18.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.wp.com newsmarathi.mahanews18.com
1 www.googletagmanager.com newsmarathi.mahanews18.com
1 fonts.googleapis.com newsmarathi.mahanews18.com
111 28

This site contains links to these domains. Also see Links.

Domain
generatepress.com
chat.whatsapp.com
Subject Issuer Validity Valid
mahanews18.com
GTS CA 1P5		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-05-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://newsmarathi.mahanews18.com/
Frame ID: 932411C3A21DD5D427A58CF7B61E792D
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: D2DAAC81CD359B0FCA59931122F5ABC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&adk=1812271804&adf=3025194257&lmt=1693144672&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872183&bpp=3&bdt=156&idt=249&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4042588190084&frm=20&pv=2&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: 26546FA69D59F64BB117FF31ACBD146B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Frame ID: 7C130063BDAEFEF8C79A9304D48ADDBA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8C53079ADC535CAF3F45E4546D1501DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Frame ID: 269297849F703102BC76D780484AB5D5
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: CAFC91D4DDEB5BE1F23B50609D7E9B9A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXj8PQ4J2LhVUxcwYjTAroCE4msUL8becMChXz9OlorhRLLLneWlWVYU26v7XvlvorbULDZeiZJWeQG86n8Fk9iSfCuNfLWQlHiLW5-4P927jszmZ3Bay3ORyF2j_Gb7Yj_RHajO8yUoB9-U4q4UfHS57avBe5k6RR0Iti_lufLnN6GHJw
Frame ID: 6DF3744B1035F977E616ACBA8B96EF1B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 536A2EC54EF63BA8952959C193F80784
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7687A0034CE469BE19C40A1A54E90876
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
Frame ID: EC2C46FC88A56269123BBF7BD54D1939
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: D6B54E0A2C25E8B51B0AD1E456FDC736
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D3B57F84BF06693B90BACD60AB05606
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF7CA9160AE1D8CDE17CC7CDFFD57010
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: DC043FCA1FDE132D11493E2F069FC814
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

News Marathi - News Marathi

Page URL History Show full URLs

  1. http://newsmarathi.mahanews18.com/ HTTP 301
    https://newsmarathi.mahanews18.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

111
Requests

93 %
HTTPS

70 %
IPv6

18
Domains

28
Subdomains

27
IPs

4
Countries

2387 kB
Transfer

5126 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://newsmarathi.mahanews18.com/ HTTP 301
    https://newsmarathi.mahanews18.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e565bb2d-78f8-4217-8b31-e554db1dbe7c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=683b10d9-323e-4483-8418-dc38580defaf&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dfea03d47148a4230b836590b1f9abec9%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=8418028286713381649 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fea03d47148a4230b836590b1f9abec9&SNR=1&GV=2&med=10
Request Chain 49
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
Request Chain 50
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOtygWs8Jp3jEZCmCRFVcAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
Request Chain 51
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRmD77RE6liDAAPQZ0lD3I&google_cver=1
Request Chain 52
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDA1MTA1NjgyOTYwNDUwMQ%3D%3D
Request Chain 85
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CscPSgHLrZJS4I8Oko9kP7NuzSJeKlb9v_YPF1NkRn5ugtLAwEAEg9L2zemCV4pCCoAegAb_2zs4DyAEJqQIlUogW8RyyPqgDAcgDywSqBOcBT9CR1t19LhlvEzxoPb7Jbi4sBWvpgMC1Sp58k6_H9ZLhE3MZcF6bNaqx1T47PHl8RVSOSXIYp8n0HadW0NZK6WeDmXo2GWuCtPu3kPngT5zLXcHRFJdAz9ZWkUNtSxtUJNatZEuomiXfLXTezSngE2yqbZUTsH6otnkxmiUXFeMg21GrwB4DjxB70QILKFwOj0aKw4rn6qiWYfuGICEVfBH_SqlAqembf4ysaCU0gCmI_-zgpcmzxCi9ASnoli5_U3BqHTMGFHXXnVYGFlsRawIBtAO9GRqWxu2-qPMSV315CoDqqxZRwATzsK3B_QOIBai_y8pAkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB47wxzGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQn_YJ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJK2h0dHBzOi8vd3d3LmF1dG9tYXRpb24yNC5kZS9hbnRyaWVic3RlY2huaWuACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItOTIyNTI4NTY3ODUyMDI0MRgA&sigh=fJaIxfSfXt4&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWNFT4NVqoEUafPry3-ByyQvJSz62eahgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225498496121289636816%22,%22debug_reporting%22:true,%22destination%22:%22https://automation24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970177343%22],%224%22:[%2208-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22615847515717088497%22}&andc=true
Request Chain 108
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e565bb2d-78f8-4217-8b31-e554db1dbe7c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=683b10d9-323e-4483-8418-dc38580defaf&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dfea03d47148a4230b836590b1f9abec9%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=8418028286713381649 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fea03d47148a4230b836590b1f9abec9&tids=15000&med=10

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsmarathi.mahanews18.com/
Redirect Chain
  • http://newsmarathi.mahanews18.com/
  • https://newsmarathi.mahanews18.com/
178 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash
21c2a276abd333ef57922bbff4c7d34a5f32438d777a72c89a7ba6a07d96f46a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fd5833e8f49bbec-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 27 Aug 2023 15:57:52 GMT
link
<https://newsmarathi.mahanews18.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform
hostinger
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOplBQaL7wsSEMoUCO%2Fqea0Fycmis38YfubmxdNDBEzVNYrYNw%2FGcYl3pejavaoUJ3qz9kq9Cenkq49JuuCysHkAXorJhCUo4H3YY7dgQWAtJAC2EqWFcLVJ4yOSg1aHvaE1BowyR7%2FTKshIp%2F38Bv9IpG39DMUdcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/8.0.28
x-turbo-charged-by
LiteSpeed
x-ua-compatible
IE=edge

Redirect headers

CF-RAY
7fd5833e48e2bb5f-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 27 Aug 2023 15:57:51 GMT
Expires
Sun, 27 Aug 2023 16:57:51 GMT
Location
https://newsmarathi.mahanews18.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQkgHWvRVNBTvZFjL5p%2FkSMyaYNCJKerAbr86Dgm3cRxry8BSVv91s3UJ9HLwFSX%2BRh5bm65R3GHu1DXnb%2Bxyec7mFhagL9t2srRkOtuQuT8uslGTQZFhevtiKkdhLrMaVXgCTwbhTLmmWVG6mxH2DF8Nmqv60x%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9225285678520241
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f397c9587cae98335b3087ea15b0293fbf3725dbcac05b8ff979070d9b66b704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50882
x-xss-protection
0
server
cafe
etag
11944018155567230900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:52 GMT
style.min.css
newsmarathi.mahanews18.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
373574
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 06:36:08 GMT
server
cloudflare
etag
W/"19824-64d333d8-42a437495e2d89e0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HORwW0IVLFYI5%2BEuvJ23qRnRx%2Fonm0VOjcADTF6Pd%2BgHJ1AvpBLqf8BvG%2B%2FCQ7%2Bkguv67UYYL2ns2gZXpDitVN78EygMuWmEsT7MCetWtJrEhF%2FisZzkQDVCtn0eI68E6gerXE2tNfp1QbfeKK3us0%2BouF%2BvQS2qSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd583404a2dbbec-FRA
expires
Wed, 30 Aug 2023 08:11:38 GMT
view.css
newsmarathi.mahanews18.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 		602 B
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
180812
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 13:22:26 GMT
server
cloudflare
etag
W/"25a-64e8ab12-7f3fc6443506fea7;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAAtBY9PNq6q1d%2FO4B7TE0rZyEIsI0%2F3Godg88wfSAHT9%2FPJxzPnWAxaJKKFBcRp2ly7ZzT5B7iuGbEcPRVM398CcTdrpB1HL440uip9fIrqvFKrAiS%2FZL3iTWZXHMlqWcqkuHQMWVnkv11OZt96n0JUKeVKKxASWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd583405a35bbec-FRA
expires
Fri, 01 Sep 2023 13:44:20 GMT
mediaelementplayer-legacy.min.css
newsmarathi.mahanews18.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
180812
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 17:11:58 GMT
server
cloudflare
etag
W/"2bf8-64c2a55e-448bdb63d180773b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51%2BrCstk2pV2WBeB9UxA1sqlBP7kTRHkIKT6Z%2BEqOKDKF5cpuwjgHj1WjekquhXtbNfwJCNBA6Ca9dZzJOmDP5uTL1dm1JSJjXmN26FjQxVkG0IvmnooQKdTfoQZoPB4ziU89mqSZ4dSfPggeQrMMwxAGdY%2BiqpgMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd583405a38bbec-FRA
expires
Fri, 01 Sep 2023 13:44:20 GMT
wp-mediaelement.min.css
newsmarathi.mahanews18.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.3
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
180812
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 17:11:58 GMT
server
cloudflare
etag
W/"105a-64c2a55e-2e060df9c759c38;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCXJcaTawn8N2DMttU8j7XVdh8Jqzqqcp8C%2FupMttTASBc9xkJnR6kPKG2DBQi9ZhQdBnOzDtg7HtgtqxMYR5BbhoIVz0IQpasRxQNiIQMzXueItLVvpDYqKEvBBUIj9pZ11M7opiBkanQx4z4%2FB5rJKIKnFPW5dFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd583405a39bbec-FRA
expires
Fri, 01 Sep 2023 13:44:20 GMT
frontend.css
newsmarathi.mahanews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/legacy/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/legacy/frontend.css?v=1321b4a11e7642a0f35bd828b82c3a59&ver=6.3
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bc7b578ae3c5a2ee4c618cd3b1f241bda2800f71dd2c24c49cf1d2e063eae13
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339735
cf-polished
origSize=8259
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 09 Aug 2023 11:59:23 GMT
server
cloudflare
etag
W/"2043-64d37f9b-de96140916f1e3b8;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zkvXzywMG3Dp8U1NpaZYeJM41YL5WmQfsrblmWXmjeTMhoEI3QPSDUyexgwQLqLngeqQYdXb1UtqgRMuCdzOMy0VgKBcZG3EVZP%2BrdPkPKo7havy8EkIq8VToMusvU5FIgv94No%2Bxejj%2B88k4MT1nQYwlgJlzJFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd583405a3abbec-FRA
expires
Wed, 30 Aug 2023 17:35:37 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=6.3
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://newsmarathi.mahanews18.com/
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1609531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Thu, 22 Jun 2023 11:02:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ1Ol1XUuL%2FsRWY4QjfRb3%2BPpjyT2%2BzbhOvZ8aWK%2FQcqyl3nchux6Bhty8pl6A%2Bj1oXRTNJ9OWiTHzUFEvuCxl8ZJf%2BXphAutl6asPKFPK6AA2CSy%2F99rB3tIXpAwg3kOeDCBSHxVpFdvEYR22INycCq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fd583408e7a91de-FRA
expires
Fri, 16 Aug 2024 15:57:52 GMT
main.min.css
newsmarathi.mahanews18.com/wp-content/themes/generatepress/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
282786
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 20:24:28 GMT
server
cloudflare
etag
W/"4c6e-64c2d27c-888ede1d108d6f4b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQNrh5Yyy4VCOTFYfwhJeuyviVovy%2B4AS1MPXpIDqIZzbZdATIzk%2FjmDayg1cj1g6BXvbej%2BKmQm24dKEx5ocG3LgeND11J13VqTIAk3agJPuqIVxf8xA7gs0Pm7AER%2BfbpIPKfP4VEGCmT03d5JkZ%2FEOqhKwnqO%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd583405a3dbbec-FRA
expires
Thu, 31 Aug 2023 09:24:46 GMT
css
fonts.googleapis.com/ 		7 KB
999 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Mukta%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800&display=auto&ver=3.3.0
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6841b8b2347a0d7bf9eb7cf9f8128bc116dbfed1f1a91edde75f1c049a36d76c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 27 Aug 2023 15:57:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Aug 2023 15:57:52 GMT
jetpack.css
newsmarathi.mahanews18.com/wp-content/plugins/jetpack/css/ 		97 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.5
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e6b56e777518d56d35252b62065cfa748c0c290c7b54ace1314338cf97b6f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
180812
cf-polished
origSize=99886
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 13:22:26 GMT
server
cloudflare
etag
W/"1862e-64e8ab12-57c84a8d9192360b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4COsYN6njXfYbxLAWm9cTbUwh75I6UrTmU4%2Fk3galWYCx5LKztcNQ4sX0Jm2%2Ff3zw%2B8cWA0JyVO4lc%2F7az01Np1bVWq2D7MZfTexosmRmMSCRz9LdBhQEGUz%2BUDx%2F0nzNRH5wgfGxOB3jQ7geDTG7AZ7VJkSy0HTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd583405a3ebbec-FRA
expires
Fri, 01 Sep 2023 13:44:20 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-MJP36WL
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4dd1f3dec57d394ce0907993a06e6728af7070f886f10a209f7e3081779d34a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76727
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 27 Aug 2023 15:57:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9225285678520241&host=ca-host-pub-2644536267352236
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7644474de2387c71543ba53af52cdec557218fe726674dfa6dfca3c60dabcd7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50881
x-xss-protection
0
server
cafe
etag
8521851262210887110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:52 GMT
Add-a-heading-45.jpg
newsmarathi.mahanews18.com/wp-content/uploads/2023/08/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmarathi.mahanews18.com/wp-content/uploads/2023/08/Add-a-heading-45.jpg
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d32462f3b1f0885a9fae01467b78116983f5fc29cf42a2a0b17b7424c40ed4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
112067
last-modified
Sun, 27 Aug 2023 12:58:39 GMT
server
cloudflare
etag
"1b5c3-64eb487f-7384d3c05a917e30;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqPMmsOyjGGlBqQj6tzGqKb2ZQvIWqnMptMI%2BGX64EFZpZHXbPgY63hNrcPQ84ozxLxBrb2Ho6rrVRsAog1IoW5NrJZ2XuiZVTNp4eqrEgdyMeeyXI8P6oECBvm%2FFl8XNF92Z7rDIrTLHYSeqcp9q5qrdRJ8SelO6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7fd583405a40bbec-FRA
expires
Sun, 03 Sep 2023 15:57:52 GMT
Best-Loan-Scheme.jpg
newsmarathi.mahanews18.com/wp-content/uploads/2023/08/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmarathi.mahanews18.com/wp-content/uploads/2023/08/Best-Loan-Scheme.jpg
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1979a46cb871f955eeb2708d602a9d99d9f404416bfa0ce3cfdc9d1e36042a88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
154498
last-modified
Sat, 26 Aug 2023 14:31:13 GMT
server
cloudflare
etag
"25b82-64ea0cb1-d1c62b68107ec90d;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBpVdPDCBq4CCKavWkrE%2BG8lZ5B0qDMYOAhNI%2FhCDlMmtvooHaQTCPHAlFip8vJtOdh%2FTXaypUCluVhLrgYDJ83TFU97YK%2B%2BXJpAMiOqUQUM7OMgQ7j4qSdJY3fyVpLNiHl%2BYGGrGoOtzovLFxnUa%2FCcmdtqlegojA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7fd58340a8b5915f-FRA
expires
Sun, 03 Sep 2023 15:57:52 GMT
92dc89e2-2ba8-4282-924d-e500dc053dee
https://newsmarathi.mahanews18.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newsmarathi.mahanews18.com/92dc89e2-2ba8-4282-924d-e500dc053dee
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
iJWKBXyXfDDVXbnBrXw.woff2
fonts.gstatic.com/s/mukta/v14/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mukta/v14/iJWKBXyXfDDVXbnBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mukta%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800&display=auto&ver=3.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ed7103cf260025b17419c7e5b364f742d87430eff60e586a924cd3cfc1d528a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 07:26:01 GMT
x-content-type-options
nosniff
age
203511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20552
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:48:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 07:26:01 GMT
iJWHBXyXfDDVXbF6iGmd8WA.woff2
fonts.gstatic.com/s/mukta/v14/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mukta/v14/iJWHBXyXfDDVXbF6iGmd8WA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mukta%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800&display=auto&ver=3.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12cbb41de25227eefa9b187395bd3adf650671499098ac9b06b359d28647c046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 17:45:12 GMT
x-content-type-options
nosniff
age
425560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 17:45:12 GMT
iJWKBXyXfDDVXbnArXyi0A.woff2
fonts.gstatic.com/s/mukta/v14/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mukta/v14/iJWKBXyXfDDVXbnArXyi0A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mukta%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800&display=auto&ver=3.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e087e6004a9e8a1667c689c641814ca3bff189fa2a141dc4fb2739d76a60a140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 00:19:30 GMT
x-content-type-options
nosniff
age
142702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99304
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 00:19:30 GMT
iJWHBXyXfDDVXbF6iGmc8WDm7Q.woff2
fonts.gstatic.com/s/mukta/v14/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mukta/v14/iJWHBXyXfDDVXbF6iGmc8WDm7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mukta%3A200%2C300%2Cregular%2C500%2C600%2C700%2C800&display=auto&ver=3.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4646e40e3e509ff0423a797835758923586929af3aeb2ba174935782f02a881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 21:11:31 GMT
x-content-type-options
nosniff
age
153981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105028
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:07:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 21:11:31 GMT
RBI.jpg
newsmarathi.mahanews18.com/wp-content/uploads/2023/08/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmarathi.mahanews18.com/wp-content/uploads/2023/08/RBI.jpg
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46107a92a8e9e5d3dd1caf36318f31190df4ff5fd7a2e376a417e2266900720
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
123444
last-modified
Sat, 26 Aug 2023 14:11:36 GMT
server
cloudflare
etag
"1e234-64ea0818-76c29eeb74d30f5;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAlYWMFXS%2FvjdqmMoKKREL0P5HrP67tpvTM8ADRrLFnSUWC7mNMYiGFhDF%2Bp0bflz0MlpWheCa9eIhDWxZOF66zVHTqzfDjY1TqZDYmn8l3rcHB5udzAt%2BXQvISe1pjyS1NidFFF4qTn8zG%2FAebLFYqd0WnZYCISkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7fd58340e91c915f-FRA
expires
Sun, 03 Sep 2023 15:57:52 GMT
frontend.min.js
newsmarathi.mahanews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/legacy/ 		310 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-content/plugins/buttonizer-multifunctional-button/assets/legacy/frontend.min.js?v=1321b4a11e7642a0f35bd828b82c3a59&ver=6.3
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208c53e8ac495229437f6586207dd40bcfcd00a8f8167c0335d0bc965841d44c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
354438
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 11:59:23 GMT
server
cloudflare
etag
W/"4d71d-64d37f9b-610a981b79f80e46;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okguyWQQms5KoG61SOnKgZCITpvGmu%2FPKP2XNAahaGPsBbsqjxMNOs%2BBtzSczCL1ciDxBUpRdFaQPI9rSBMWPcxrENiEcwDx8uvz72hX8uMenT1Wen8FTQO%2Fwf5CYsFcoIZrBqKq8jP6kwy7y%2F4hdOhBEi7kLBrkeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd58340e91d915f-FRA
expires
Wed, 30 Aug 2023 13:30:34 GMT
menu.min.js
newsmarathi.mahanews18.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
430211
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 20:24:28 GMT
server
cloudflare
etag
W/"1b3f-64c2d27c-936788b4a875ff40;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6pTKBKyUld12jnnK9wRQ%2FfCXwgXNldINn%2BBovtsSDxZvH0Bpy1yN8kejeIS4GjNrdejJcE%2BhSMjaB9alHZYTiqZ%2BaNsWItWOSKLexasjtFvNB0LQjpudE19BszicDdijKAG97UB455QjF9FS%2BYd%2FdA5Dq5%2BSE1ehw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7fd58340e921915f-FRA
expires
Tue, 29 Aug 2023 16:27:41 GMT
e-202334.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202334.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684460848292.3706
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 18 Aug 2024 23:54:08 GMT
Horoscope-Today-6.jpg
newsmarathi.mahanews18.com/wp-content/uploads/2023/08/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsmarathi.mahanews18.com/wp-content/uploads/2023/08/Horoscope-Today-6.jpg
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14159f2320e6d83314ceb4696a863074e065eb8b5d0a9cfbb9c9b200cbe587b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50111
alt-svc
h3=":443"; ma=86400
content-length
109397
last-modified
Tue, 22 Aug 2023 12:38:48 GMT
server
cloudflare
etag
"1ab55-64e4ac58-9e8d539a6067570a;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bn2TCBi%2F0vi%2FywzxhLvjut9L1gjDeCPY94LgnqZ%2BWjCuBk550tteBmCkpTwpAoCvkeyNVYr8vh8DoDSOYE6PhTC4W0%2Bs2qqJlE4tbe24P6fQklGl79NMSvwmB0znxtx5HhRqLnAExOg3ReeIvTSpwRGX6iqUMBaEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7fd583410949915f-FRA
expires
Sun, 03 Sep 2023 02:02:41 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 		391 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9225285678520241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74e43bf9d11100116bb07aa5e2dc87b7449316a13b14d69dfb2495bab539c19b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134472
x-xss-protection
0
server
cafe
etag
8295265841706568767
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame D2DA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9225285678520241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16912
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 11:16:00 GMT
etag
9878862242593084568
expires
Sun, 10 Sep 2023 11:16:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K883BC70YY&gtm=45Pe38n0&_p=2065350545&gdid=dZTNiMT&cid=1922898651.1693151872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1693151872&sct=1&seg=0&dl=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&dt=News%20Marathi%20-%20News%20Marathi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MJP36WL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsmarathi.mahanews18.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?ver=6.3
Origin
https://newsmarathi.mahanews18.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5920208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10ErXWhjTUrcEhhxNtNmoFjIiiVD2s%2FADRnw7DW7pLx1WYxDzEb7tCs0kSAKWajtlag4cLBdgGFxjjFv7JRoyawbqASe%2Faefrdm6vCrW3lmwgAiKRkas6cylwHWSOTLmScws2TbidpSa9hSEsklBbM6h"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fd5834269b991de-FRA
expires
Fri, 16 Aug 2024 15:57:52 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=219230844&post=0&tz=5.5&srv=newsmarathi.mahanews18.com&j=1%3A12.5&host=newsmarathi.mahanews18.com&ref=&fcp=437&rand=0.6325289806609187
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 27 Aug 2023 15:57:52 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
wp-emoji-release.min.js
newsmarathi.mahanews18.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsmarathi.mahanews18.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
348116
alt-svc
h3=":443"; ma=86400
content-length
4605
last-modified
Thu, 27 Jul 2023 17:11:58 GMT
server
cloudflare
etag
"4904-64c2a55e-1ba8af442b2c1c95;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UudiV8LrVINFO1tkXiMca2KEmXOhbw3OpW4zTcynEqzo3ifPffXcfk56GUffNRl1hqGjfLBwug12c5Bwbx9uSTXNDhOrjDxK9POGkF7oeNKgDkKJl5cHrkUh84qWVWUnH9JqEK%2BhODsSKlfmWsvMn3fkqd%2F9GG%2BULA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7fd583427b9e915f-FRA
expires
Wed, 30 Aug 2023 15:15:56 GMT
cookie.js
partner.googleadservices.com/gampad/ 		395 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsmarathi.mahanews18.com&callback=_gfp_s_&client=ca-pub-9225285678520241
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d250505a9696c3c02d6549bbc002e1f51dec829b6a1d37d4b22b716702b701f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2654 		122 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&adk=1812271804&adf=3025194257&lmt=1693144672&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872183&bpp=3&bdt=156&idt=249&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4042588190084&frm=20&pv=2&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98fe9f5fa328e47817d703bef0314466c4ebd2b5c54ffe5e72dbb812b1244eb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
29203
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 15:57:53 GMT
expires
Sun, 27 Aug 2023 15:57:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7C13 		118 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac949473285b9093d4c2a63165163302403383e5eb71850de8469e9e34ff1996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40876
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 15:57:53 GMT
expires
Sun, 27 Aug 2023 15:57:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/reactive_library_fy2021.js?bust=31077349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
452de56dc9187357fea9aec773ac9752719ed52c77d96f59eaa4eb99a0919ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53635
x-xss-protection
0
server
cafe
etag
15771091922761561061
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 8C53 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 12:05:46 GMT
etag
9878862242593084568
expires
Sun, 10 Sep 2023 12:05:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/ Frame 2692 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 12:05:46 GMT
etag
9878862242593084568
expires
Sun, 10 Sep 2023 12:05:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame CAFC 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c271c5ee7279e7b494f83ad8e04623dee1d1dfe6bce4770cb711afb5b08e4694

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
br
last-modified
Tue, 22 Aug 2023 18:23:23 GMT
vary
Accept-Encoding
x-azure-ref
20230827T155753Z-3m8ey8nkvd087exf37d0h6vdzw000000024g00000000yxtt
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b5bdaea-c01e-00bb-650b-d639ed000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame CAFC 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Sun, 27 Aug 2023 15:57:53 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
4075293
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-fra-eddf8230075-FRA
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1693151873.305698,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
5, 902140
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame CAFC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 13:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
7707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 13:49:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame CAFC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
45747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 03:15:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAFC 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:53 GMT
c.gif
www.bing.com/aes/ Frame CAFC
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e565bb2d-78f8-4217-8b31-e554db1dbe7c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=683b10d9-323e-4483...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fea03d47148a4230b836590b1f9abec9&SNR=1&GV=2&med=10
0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fea03d47148a4230b836590b1f9abec9&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2a02:26f0:3500:1b::1724:a387 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A485439C7E9C475F8BD693EE7FAD386D Ref B: FRA31EDGE0111 Ref C: 2023-08-27T15:57:53Z
x-cdn-traceid
0.87a12417.1693151873.b29fcf7a
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 27 Aug 2023 15:57:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 67F4D41B661147E98A47B38F60AE59C3 Ref B: MIL30EDGE1209 Ref C: 2023-08-27T15:57:53Z
x-cdn-traceid
0.87a12417.1693151873.b29fcd9a
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fea03d47148a4230b836590b1f9abec9&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6DF3 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXj8PQ4J2LhVUxcwYjTAroCE4msUL8becMChXz9OlorhRLLLneWlWVYU26v7XvlvorbULDZeiZJWeQG86n8Fk9iSfCuNfLWQlHiLW5-4P927jszmZ3Bay3ORyF2j_Gb7Yj_RHajO8yUoB9-U4q4UfHS57avBe5k6RR0Iti_lufLnN6GHJw
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 15:57:53 GMT
expires
Sun, 27 Aug 2023 15:57:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 536A 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 536A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 13:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
7707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 13:49:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 536A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
45747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 03:15:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 536A 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 536A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BifCDIrx3aTItxOjE3m6lwguTxBCO-CPPsCOb4N__8U-HQHJLR4OznIjeCJAon9j4GPHExfhgYV_zLp3hdBAFSUNqqGImZGxlCjoATNVseTXfHMfw
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 536A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2127952854137535264&x=1&ct=76
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6DF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXj8PQ4J2LhVUxcwYjTAroCE4msUL8becMChXz9OlorhRLLLneWlWVYU26v7XvlvorbULDZeiZJWeQG86n8Fk9iSfCuNfLWQlHiLW5-4P927jszmZ3Bay3ORyF2j_Gb7Yj_RHajO8yUoB9-U4q4UfHS57avBe5k6RR0Iti_lufLnN6GHJw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Aug 2023 15:57:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6DF3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOtygWs8Jp3jEZCmCRFVcAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXj8PQ4J2LhVUxcwYjTAroCE4msUL8becMChXz9OlorhRLLLneWlWVYU26v7XvlvorbULDZeiZJWeQG86n8Fk9iSfCuNfLWQlHiLW5-4P927jszmZ3Bay3ORyF2j_Gb7Yj_RHajO8yUoB9-U4q4UfHS57avBe5k6RR0Iti_lufLnN6GHJw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Aug 2023 15:57:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELss0ruRATQs0RpWmK1tOJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6DF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRmD77RE6liDAAPQZ0lD3I&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELRmD77RE6liDAAPQZ0lD3I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXj8PQ4J2LhVUxcwYjTAroCE4msUL8becMChXz9OlorhRLLLneWlWVYU26v7XvlvorbULDZeiZJWeQG86n8Fk9iSfCuNfLWQlHiLW5-4P927jszmZ3Bay3ORyF2j_Gb7Yj_RHajO8yUoB9-U4q4UfHS57avBe5k6RR0Iti_lufLnN6GHJw
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
an-x-request-uuid
172125a0-ce78-484e-8fd2-adbdb355f823
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.75; 45.141.152.75; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELRmD77RE6liDAAPQZ0lD3I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6DF3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDA1MTA1NjgyOTYwNDUwMQ%3D%3D
170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDA1MTA1NjgyOTYwNDUwMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXj8PQ4J2LhVUxcwYjTAroCE4msUL8becMChXz9OlorhRLLLneWlWVYU26v7XvlvorbULDZeiZJWeQG86n8Fk9iSfCuNfLWQlHiLW5-4P927jszmZ3Bay3ORyF2j_Gb7Yj_RHajO8yUoB9-U4q4UfHS57avBe5k6RR0Iti_lufLnN6GHJw
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
an-x-request-uuid
0b2f3e68-0920-4505-a9e1-e1472e4d8394
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDA1MTA1NjgyOTYwNDUwMQ%3D%3D
x-proxy-origin
45.141.152.75; 45.141.152.75; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
th
www.bing.com/ Frame CAFC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7559526628203_1STMSMOROHJO58XBTJ&pid=21.2&c=16&roil=0.2392&roit=0&roir=0.7617&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a387 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4a74bc25e52e23d81ccea5a375c986c9bcd5d93e686deb2c3d26f2269c3acaac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:53 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.87a12417.1693151873.b29fcdc8
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
10903
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame CAFC 		0
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fnewsmarathi.mahanews18.com&e=wqT_3QLtA-jtAQAAAwDWAAUBCIDlracGEJGG99WEhLbpdBgAKjYJ2plu6PiHrD8RMj6UZtqsqz8ZAAAAgML18D8hMg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4-fQFgAEBigEDVVNEkgUG8EaYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vbmV3c21hcmF0aGkubWFoYQEQ8IYxOC5jb22AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFlprX873m-Jp3wAUAyQUAAAAAAADwP9IFCQkAAAABDXQA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_n0BdIHDQkRKAEmCNoHBgFegBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=be57245e6b11a6e7c8c272618d7724d19bcdf756&bdref=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230823%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271803%26client%3Dca-pub-9225285678520241%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26xpc%3DbmBrlGCGmP%26p%3Dhttps%253A%2F%2Fnewsmarathi.mahanews18.com,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230823%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
an-x-request-uuid
b9be9a1a-1035-4b88-bc29-1019cee9e45c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame CAFC 		0
671 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnewsmarathi.mahanews18.com&e=wqT_3QLxBuhxAwAAAwDWAAUBCIDlracGEJGG99WEhLbpdBgAKjYJ2plu6PiHrD8RMj6UZtqsqz8ZAAAAgML18D8hMg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4-fQFgAEBigEDVVNEkgUG8EaYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vbmV3c21hcmF0aGkubWFoYQEQbDE4LmNvbYADAIgDAZADAJgDCaADAaoDgwMKmQIROBx3d3cuYmluZwEq8GEvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjgzYjEwZDktMzIzZS00NDgzLTg0MTgtZGMzODU4MGRlZmFmJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANo5aADRydHlwZT1udXJsJnRhZwGQbDkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfBpZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg0MTgwMjgyODY3MTMzODE2NDkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNek5UY3hNekEzTWpNNE9UTWpNagEU8H1FMU5qVXpPVE14T1Rnd01RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFlprX873m-Jp3wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAFkq40-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_n0BdIHDQkRKAEmCNoHBgFegBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=6fd302b29dbc32e91d8debe6bb078593de492957&type=nv&nvt=5&jm=1003&sid=7277969301159418795&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
an-x-request-uuid
782dc09a-fb43-4a21-90af-7a0e82426b82
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 536A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4705273798737&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 536A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4705273798737&version=m202307240101&ct=76&x=1&cor=2127952854137535200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 536A 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct6tcr6rpeEp4k5x-SYG4eK4h-EBRteaQJkR5QHqQzWH5Bil0nIz7hj9tgDLEwnRIHtXs3KS8mUvKJWZ0TEGpWewQ3Yk3y5cWL9VKr6pGk2n-c2fsVP5mOFftosu-tc7r1aFt8I6Fd37Yb0nL7kqVM51VIdrU5tdBOXYkFpxx59p1vCcc&dbm_d=AKAmf-ArGDHowaAQyaFyuxZ8WEHlydwwIktKEVtTVRXSmLpR9br-Mb8JkfTzrMzrB6LSuEosdEBjjFiGnM3h6C3XnxE8ls4C0CUOCpZ0rCAvvCo11dsBa5jX9DVpPXcZWE-F9OeYqQIkBRv90BqhLroTgVPis4g-pMHXYFIZjuX4MIji7LkRuTMUebvhcDIhu5TuRr2gQLkxOu-fCTQ7QcXqV6XnTMvP7zZWToQFfptT_fs5hJ5Sq6sN301KYL4q51eU6quFVdsw9KIMMBJssUNOU855gR1DvviNh-OcNr8ChklmATRMZ29duvsoAYc4MXQ1WVWeYq6AKWe55vtIkeJmp65tl2uAu0qk0VPJImuZfMOwBvrJ6ASBna8n4vynhnw6r3jELvOtRmzMGe8M0LkVzsLfzqOYR4bC_ZKDsvlxfB3ViTd5PygNA_lWgNVdfIb2LN14_rsHSZiigbfLPjqjVcpCucZfou64cnhZCSwbeV-VWreSsa-fPuiEQaZJ0eIW7dvdyEiOkyVn78MBGUWKQGVGo2y8RHtmyWZt9SbPNweAkh1AOCWTWNKudqS46fSaW456TO9c6rQl1Cw5gh9WKdnFuLuM6NCPLDm4LS6MMzYsFQkNIfyg8xVaOC8XA9zRIdQ3X-MCaO9JQvND7_2pOwRNXMWS9pfGPx5Aj2Il-I0CrrTUYr3TO5oqB_iUuLjd8VZ58R0hVmfVWX8w8leN8WE8FzfiK6SfMZExxey9fPkbNHcxM-GaNbIM4JoIif2XnNJwA-zuJtWGZ9yicbGrxKUWTsYCnf8OuBsDESezRyQxiW3EeaeNNRQ7q06O8_3dpp62xLGVG3Wn5VW-3L-ZqPEsSgjIsutW-anC5mkdYtjmnkoosqobzaKCgDFSKCDWwBeqAwSlLUfhw6tXYFe0CiYTT9aF9W-_k25Vmmarbkx8Vk-13nGB0XL-Wvl-NMbw4EICwCUpwjfV-5jl04ApAYOu1ahhQgdoJrWEH6lx9vsvg3FXNpH36P7C-vHbGV3y_iUIDm3-Z7MmtDOuJ_zTWLmI77lo5eAdk5X0j4vE5GXwePLD1oB3g93aVrtPYtlFM-Fwvmr3gjWbxrEUHfNSrNEHoe9doyq-iD-RKN-BI63IA2yM_JSFVGFqcIcSGrTXd-MmA5R7daIJXJiqqJ8M1ZJ6fi6-wf-ojLuZ5GkFccPztZ-OH8FS1K51oXIKpn2e-n6dFqB_xqH3L7jsUGgf3-VNLqBajid-emq2pVGV9UE7ZIT2A1W9BnaZp0m5qsBa2QumCgOLw1OzaWlgF7_kgG1w8vDihsU1c-8vG-Np-oqEduNi4YGsVs0iPzFmg6AtcSEDKZ-l1dakRAg7oq4wmWYN15qDR3aKu98CE6lfaCOeFKRvCgQ9ywd1rlEEOY5jmFJHdckcEBRMDaV88nRRa_p1kXnIBQo1K1gCGIqBknZQ4p4utiO_lmkicECsxpYndleRwdn-abmUxtb1gMQhQ0milk8W7Biv9S5lynYXBKKeD4H0fWC1fwyoZKP_rwhsbvEnrIFvjKFrBSoYk2-MliUScS2wLCjsUlHaa3ULQVkJh8XS4IWTsyAJ9VzjdT9pgSRDI5QEMyr5886cDksYKrLulTaPA9pkFRO9-T9ydRrFtWfohtTwgta6WMe1MpP92MN-5L6Xt8M-yx3-Bl_PrDul7M6XjIo1ba_oXmK5_duZO3tZ732s2fSxV05-5juUc7bcQ8qhi8WeszLgssBKE6Opmq9p-r0U4ApKPprqlyyaVHLKN6S8uWE0flZwuf151KvfzS1oz3ie-_fIP7nnryhuAYRI1ui5vaVp6GtAglm2NsBdtlnlz_hqVw5ur3fI2nf2lew_GPj3g4CbQrwBA0gMTBj2n23D7Mtcy3qD4NdCp-mk63qhad8iR7dhV3pP90Rq7ipizWjiWX4pQcGUWpctgkQ8f8tR5KVe1umPDkzBOmuHkT-xwURUN-PfM0O5ZaVVc1saIp_c4CEu9RoqjvYYXovFijfxnIWloNdQ20A7tw615cl_4U8YI9NkKLSkkziYo3rIfqlWRNbEqUhoVp3QVFdq6SqWVfwlgBMufMah2NPjbHRfDwE9pA61jAs4MGHrYtUZzytBIKO5LTL72KLq8bOO81XLQ9drlvoDoqvVY8DcUdO1DCv7JY4VttUs4ZwEf1KnwzWa5g-LDxgN80l4eFEEETQxxUwu6nFlVyDNck-BlvARfxJx6OqvQUByLT5rSnxieF-Et43KCX-o50DCkgCIhcOFg4CO4vzirgzmLQCpQShmXqQw8dJ7b5psx1Z1ReAKX7RfDF2S4EAab7rqKmHrABrb9QQ9mWioAC3W92qhvV90-BLXc7nj-q0Zvo3i_2peXDg9YGPr_CAmOQyW-5jssz5FEWZSFYNzhSdpY20hUJ9vGf8Scfxm7oTVJ7fM11V3QZ_kWfe5B-upOr5G86lgt0VCjyfWz0wRWtStXkxwRDC1m5BZWSnGOTH75DkKC9Qj4UsHxhHFRRp13bMTJl9kCEVS92hLoplnKYYIv3iHQVVCmwjHisJ3tQbjR7m4lLZaoIoeWoDs1F3zVmDNU6nv8997CEMwZzXOZA6MDe8Yr9X-wG8pR3_T-z3JRbrsmYcSOOvkpGHmJnfS47nC9Rx7h6rFpvNuYeLhY5T_fvK3PNJSX6tFU98TNzhWv2JjJxdT7htXIm-KdQK5gQnJUUMS7Dr35TNcdADWuiWCX2k155L7phpEisdgENOM-NCV1_ZV76GqaHrhpF_Bsf2RzNosUXDIwfVMXq2afNyHaS-Ccrmwu7uS-6wE93Xofp-yI-9hZZPNR3-vFS6BFhipv6hGl7G84V4_PyRbb0J4IsxkLUFROUsIfLe5Von1wZFR1YgRClrSLhn5v73ExSe87vCFgjc3cV0xMKa12_dBbVgWLbF-5BYCjDHf-X8SUyyjTCwViAps2wdSSRkkl4DMQm-4uTktaVSgsRO4kEjSEZMIE_fx4XtyePTYqzrwRSxFgMHQEKWwvcO9xDQXlvnbcGFFF1XZPj9bBWpKGixiXb_pREGZWB7ngLUUq-ACUziyf9p_utpQl1YTHMtu8L7aabn-Z4N7Dd2anWEjNNijPqzx0os8kWXlOA5lUsXmPN8idsgclP6vamiTVMMUU16Au6_aEu4iRMkYyIhgSRywLKYmeN_T9oNp5lXZJOjJwsZI7f-u_5dGsnSgZCDryqw-NxewXF8SC_IR3ggyDoQvTgA60JyBOo9OBozxYgnZ6cQXTOgIsG-qB_kLljIiNX-CywnKIvA3SgGGJCH0RfjUuLhU44bNVZv91kyDr8Q-adhDzjm9L1AYiARc441pc9PE35yZ98HL1reAB4D3IUbzdG8uJAVBewCrauW1kLleodMFGBaQVtQ1K9ehz5R7kV49WfWToSmTSVNWaXKIeCy1ALQhztALbHOco1RDpH0iOkRajdjFx0UZG_XJUCVWGmTGpMW0eSiWX50h1sJjUaz0LL1dsfd_HDOfGAQmfKl2Y3oUE0bKSLnk7v56IgcpxS4BaSTQ9Lt4qCKlWYdKsh4Oq6Y0uLA_osnyXVU1UThY9hJKMQAj0F14tBPjRkj9QdqJPhKVGyRF-grHWKC72AzdmNLzzro6LfxAS5WSJBWJt0faBK8kNt5h4BvMc7v2JgI_7MyhCHs5GHiv3qjZetH9A0W8Vz_NipQV9r09QXUJkGSCssDTRIb2gJNEFrz4bYu3o55uvJaorzDkqnj-tTG64-gLEeLx5ZDxhEYO4gH2CkCAAzckqWRR7H1af5hjoJ5ohUvdDQ8RCXLdtoPy6ea5xEv_Zv3YW9P7BTabmPxEIeTo-0oBrTGQDLLulIxEvelLx7DoGYuUJGzawL47iu2CoY24X9t1IWp_Z_LyNTnxTzsdSAeE_8TiRrtr58uyXYscnmn-4LHPE-oRtkZlKPRZahgSQsMEV8HFzyic9w6mKABFc0jiqNHahD140MRR5opHIxlhOshge-_WIdEJQQ93HWNM2QPlOjTys3loweIoIVQo783QzmRWnJx7NLd4VhHPelkQEyCANcvWQLnKhDcyt4_smj8hBeZFvskdoRG3T8SLi_8g&cid=CAQSGwBpAlJW_GUL76AqOlnPhuD_NHdaCOJpyLTk3RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&ds=l&xdt=1&iif=1&cor=2127952854137535200&adk=1761367587&idt=177&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adde57aec4a92b115a1fd6bce30fc7bc1097a143330f490dc38029adac8a0903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38696
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 536A 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 05:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 05:22:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 536A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct6tcr6rpeEp4k5x-SYG4eK4h-EBRteaQJkR5QHqQzWH5Bil0nIz7hj9tgDLEwnRIHtXs3KS8mUvKJWZ0TEGpWewQ3Yk3y5cWL9VKr6pGk2n-c2fsVP5mOFftosu-tc7r1aFt8I6Fd37Yb0nL7kqVM51VIdrU5tdBOXYkFpxx59p1vCcc&dbm_d=AKAmf-ArGDHowaAQyaFyuxZ8WEHlydwwIktKEVtTVRXSmLpR9br-Mb8JkfTzrMzrB6LSuEosdEBjjFiGnM3h6C3XnxE8ls4C0CUOCpZ0rCAvvCo11dsBa5jX9DVpPXcZWE-F9OeYqQIkBRv90BqhLroTgVPis4g-pMHXYFIZjuX4MIji7LkRuTMUebvhcDIhu5TuRr2gQLkxOu-fCTQ7QcXqV6XnTMvP7zZWToQFfptT_fs5hJ5Sq6sN301KYL4q51eU6quFVdsw9KIMMBJssUNOU855gR1DvviNh-OcNr8ChklmATRMZ29duvsoAYc4MXQ1WVWeYq6AKWe55vtIkeJmp65tl2uAu0qk0VPJImuZfMOwBvrJ6ASBna8n4vynhnw6r3jELvOtRmzMGe8M0LkVzsLfzqOYR4bC_ZKDsvlxfB3ViTd5PygNA_lWgNVdfIb2LN14_rsHSZiigbfLPjqjVcpCucZfou64cnhZCSwbeV-VWreSsa-fPuiEQaZJ0eIW7dvdyEiOkyVn78MBGUWKQGVGo2y8RHtmyWZt9SbPNweAkh1AOCWTWNKudqS46fSaW456TO9c6rQl1Cw5gh9WKdnFuLuM6NCPLDm4LS6MMzYsFQkNIfyg8xVaOC8XA9zRIdQ3X-MCaO9JQvND7_2pOwRNXMWS9pfGPx5Aj2Il-I0CrrTUYr3TO5oqB_iUuLjd8VZ58R0hVmfVWX8w8leN8WE8FzfiK6SfMZExxey9fPkbNHcxM-GaNbIM4JoIif2XnNJwA-zuJtWGZ9yicbGrxKUWTsYCnf8OuBsDESezRyQxiW3EeaeNNRQ7q06O8_3dpp62xLGVG3Wn5VW-3L-ZqPEsSgjIsutW-anC5mkdYtjmnkoosqobzaKCgDFSKCDWwBeqAwSlLUfhw6tXYFe0CiYTT9aF9W-_k25Vmmarbkx8Vk-13nGB0XL-Wvl-NMbw4EICwCUpwjfV-5jl04ApAYOu1ahhQgdoJrWEH6lx9vsvg3FXNpH36P7C-vHbGV3y_iUIDm3-Z7MmtDOuJ_zTWLmI77lo5eAdk5X0j4vE5GXwePLD1oB3g93aVrtPYtlFM-Fwvmr3gjWbxrEUHfNSrNEHoe9doyq-iD-RKN-BI63IA2yM_JSFVGFqcIcSGrTXd-MmA5R7daIJXJiqqJ8M1ZJ6fi6-wf-ojLuZ5GkFccPztZ-OH8FS1K51oXIKpn2e-n6dFqB_xqH3L7jsUGgf3-VNLqBajid-emq2pVGV9UE7ZIT2A1W9BnaZp0m5qsBa2QumCgOLw1OzaWlgF7_kgG1w8vDihsU1c-8vG-Np-oqEduNi4YGsVs0iPzFmg6AtcSEDKZ-l1dakRAg7oq4wmWYN15qDR3aKu98CE6lfaCOeFKRvCgQ9ywd1rlEEOY5jmFJHdckcEBRMDaV88nRRa_p1kXnIBQo1K1gCGIqBknZQ4p4utiO_lmkicECsxpYndleRwdn-abmUxtb1gMQhQ0milk8W7Biv9S5lynYXBKKeD4H0fWC1fwyoZKP_rwhsbvEnrIFvjKFrBSoYk2-MliUScS2wLCjsUlHaa3ULQVkJh8XS4IWTsyAJ9VzjdT9pgSRDI5QEMyr5886cDksYKrLulTaPA9pkFRO9-T9ydRrFtWfohtTwgta6WMe1MpP92MN-5L6Xt8M-yx3-Bl_PrDul7M6XjIo1ba_oXmK5_duZO3tZ732s2fSxV05-5juUc7bcQ8qhi8WeszLgssBKE6Opmq9p-r0U4ApKPprqlyyaVHLKN6S8uWE0flZwuf151KvfzS1oz3ie-_fIP7nnryhuAYRI1ui5vaVp6GtAglm2NsBdtlnlz_hqVw5ur3fI2nf2lew_GPj3g4CbQrwBA0gMTBj2n23D7Mtcy3qD4NdCp-mk63qhad8iR7dhV3pP90Rq7ipizWjiWX4pQcGUWpctgkQ8f8tR5KVe1umPDkzBOmuHkT-xwURUN-PfM0O5ZaVVc1saIp_c4CEu9RoqjvYYXovFijfxnIWloNdQ20A7tw615cl_4U8YI9NkKLSkkziYo3rIfqlWRNbEqUhoVp3QVFdq6SqWVfwlgBMufMah2NPjbHRfDwE9pA61jAs4MGHrYtUZzytBIKO5LTL72KLq8bOO81XLQ9drlvoDoqvVY8DcUdO1DCv7JY4VttUs4ZwEf1KnwzWa5g-LDxgN80l4eFEEETQxxUwu6nFlVyDNck-BlvARfxJx6OqvQUByLT5rSnxieF-Et43KCX-o50DCkgCIhcOFg4CO4vzirgzmLQCpQShmXqQw8dJ7b5psx1Z1ReAKX7RfDF2S4EAab7rqKmHrABrb9QQ9mWioAC3W92qhvV90-BLXc7nj-q0Zvo3i_2peXDg9YGPr_CAmOQyW-5jssz5FEWZSFYNzhSdpY20hUJ9vGf8Scfxm7oTVJ7fM11V3QZ_kWfe5B-upOr5G86lgt0VCjyfWz0wRWtStXkxwRDC1m5BZWSnGOTH75DkKC9Qj4UsHxhHFRRp13bMTJl9kCEVS92hLoplnKYYIv3iHQVVCmwjHisJ3tQbjR7m4lLZaoIoeWoDs1F3zVmDNU6nv8997CEMwZzXOZA6MDe8Yr9X-wG8pR3_T-z3JRbrsmYcSOOvkpGHmJnfS47nC9Rx7h6rFpvNuYeLhY5T_fvK3PNJSX6tFU98TNzhWv2JjJxdT7htXIm-KdQK5gQnJUUMS7Dr35TNcdADWuiWCX2k155L7phpEisdgENOM-NCV1_ZV76GqaHrhpF_Bsf2RzNosUXDIwfVMXq2afNyHaS-Ccrmwu7uS-6wE93Xofp-yI-9hZZPNR3-vFS6BFhipv6hGl7G84V4_PyRbb0J4IsxkLUFROUsIfLe5Von1wZFR1YgRClrSLhn5v73ExSe87vCFgjc3cV0xMKa12_dBbVgWLbF-5BYCjDHf-X8SUyyjTCwViAps2wdSSRkkl4DMQm-4uTktaVSgsRO4kEjSEZMIE_fx4XtyePTYqzrwRSxFgMHQEKWwvcO9xDQXlvnbcGFFF1XZPj9bBWpKGixiXb_pREGZWB7ngLUUq-ACUziyf9p_utpQl1YTHMtu8L7aabn-Z4N7Dd2anWEjNNijPqzx0os8kWXlOA5lUsXmPN8idsgclP6vamiTVMMUU16Au6_aEu4iRMkYyIhgSRywLKYmeN_T9oNp5lXZJOjJwsZI7f-u_5dGsnSgZCDryqw-NxewXF8SC_IR3ggyDoQvTgA60JyBOo9OBozxYgnZ6cQXTOgIsG-qB_kLljIiNX-CywnKIvA3SgGGJCH0RfjUuLhU44bNVZv91kyDr8Q-adhDzjm9L1AYiARc441pc9PE35yZ98HL1reAB4D3IUbzdG8uJAVBewCrauW1kLleodMFGBaQVtQ1K9ehz5R7kV49WfWToSmTSVNWaXKIeCy1ALQhztALbHOco1RDpH0iOkRajdjFx0UZG_XJUCVWGmTGpMW0eSiWX50h1sJjUaz0LL1dsfd_HDOfGAQmfKl2Y3oUE0bKSLnk7v56IgcpxS4BaSTQ9Lt4qCKlWYdKsh4Oq6Y0uLA_osnyXVU1UThY9hJKMQAj0F14tBPjRkj9QdqJPhKVGyRF-grHWKC72AzdmNLzzro6LfxAS5WSJBWJt0faBK8kNt5h4BvMc7v2JgI_7MyhCHs5GHiv3qjZetH9A0W8Vz_NipQV9r09QXUJkGSCssDTRIb2gJNEFrz4bYu3o55uvJaorzDkqnj-tTG64-gLEeLx5ZDxhEYO4gH2CkCAAzckqWRR7H1af5hjoJ5ohUvdDQ8RCXLdtoPy6ea5xEv_Zv3YW9P7BTabmPxEIeTo-0oBrTGQDLLulIxEvelLx7DoGYuUJGzawL47iu2CoY24X9t1IWp_Z_LyNTnxTzsdSAeE_8TiRrtr58uyXYscnmn-4LHPE-oRtkZlKPRZahgSQsMEV8HFzyic9w6mKABFc0jiqNHahD140MRR5opHIxlhOshge-_WIdEJQQ93HWNM2QPlOjTys3loweIoIVQo783QzmRWnJx7NLd4VhHPelkQEyCANcvWQLnKhDcyt4_smj8hBeZFvskdoRG3T8SLi_8g&cid=CAQSGwBpAlJW_GUL76AqOlnPhuD_NHdaCOJpyLTk3RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&ds=l&xdt=1&iif=1&cor=2127952854137535200&adk=1761367587&idt=177&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 14:17:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
5999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 14:17:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 536A 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct6tcr6rpeEp4k5x-SYG4eK4h-EBRteaQJkR5QHqQzWH5Bil0nIz7hj9tgDLEwnRIHtXs3KS8mUvKJWZ0TEGpWewQ3Yk3y5cWL9VKr6pGk2n-c2fsVP5mOFftosu-tc7r1aFt8I6Fd37Yb0nL7kqVM51VIdrU5tdBOXYkFpxx59p1vCcc&dbm_d=AKAmf-ArGDHowaAQyaFyuxZ8WEHlydwwIktKEVtTVRXSmLpR9br-Mb8JkfTzrMzrB6LSuEosdEBjjFiGnM3h6C3XnxE8ls4C0CUOCpZ0rCAvvCo11dsBa5jX9DVpPXcZWE-F9OeYqQIkBRv90BqhLroTgVPis4g-pMHXYFIZjuX4MIji7LkRuTMUebvhcDIhu5TuRr2gQLkxOu-fCTQ7QcXqV6XnTMvP7zZWToQFfptT_fs5hJ5Sq6sN301KYL4q51eU6quFVdsw9KIMMBJssUNOU855gR1DvviNh-OcNr8ChklmATRMZ29duvsoAYc4MXQ1WVWeYq6AKWe55vtIkeJmp65tl2uAu0qk0VPJImuZfMOwBvrJ6ASBna8n4vynhnw6r3jELvOtRmzMGe8M0LkVzsLfzqOYR4bC_ZKDsvlxfB3ViTd5PygNA_lWgNVdfIb2LN14_rsHSZiigbfLPjqjVcpCucZfou64cnhZCSwbeV-VWreSsa-fPuiEQaZJ0eIW7dvdyEiOkyVn78MBGUWKQGVGo2y8RHtmyWZt9SbPNweAkh1AOCWTWNKudqS46fSaW456TO9c6rQl1Cw5gh9WKdnFuLuM6NCPLDm4LS6MMzYsFQkNIfyg8xVaOC8XA9zRIdQ3X-MCaO9JQvND7_2pOwRNXMWS9pfGPx5Aj2Il-I0CrrTUYr3TO5oqB_iUuLjd8VZ58R0hVmfVWX8w8leN8WE8FzfiK6SfMZExxey9fPkbNHcxM-GaNbIM4JoIif2XnNJwA-zuJtWGZ9yicbGrxKUWTsYCnf8OuBsDESezRyQxiW3EeaeNNRQ7q06O8_3dpp62xLGVG3Wn5VW-3L-ZqPEsSgjIsutW-anC5mkdYtjmnkoosqobzaKCgDFSKCDWwBeqAwSlLUfhw6tXYFe0CiYTT9aF9W-_k25Vmmarbkx8Vk-13nGB0XL-Wvl-NMbw4EICwCUpwjfV-5jl04ApAYOu1ahhQgdoJrWEH6lx9vsvg3FXNpH36P7C-vHbGV3y_iUIDm3-Z7MmtDOuJ_zTWLmI77lo5eAdk5X0j4vE5GXwePLD1oB3g93aVrtPYtlFM-Fwvmr3gjWbxrEUHfNSrNEHoe9doyq-iD-RKN-BI63IA2yM_JSFVGFqcIcSGrTXd-MmA5R7daIJXJiqqJ8M1ZJ6fi6-wf-ojLuZ5GkFccPztZ-OH8FS1K51oXIKpn2e-n6dFqB_xqH3L7jsUGgf3-VNLqBajid-emq2pVGV9UE7ZIT2A1W9BnaZp0m5qsBa2QumCgOLw1OzaWlgF7_kgG1w8vDihsU1c-8vG-Np-oqEduNi4YGsVs0iPzFmg6AtcSEDKZ-l1dakRAg7oq4wmWYN15qDR3aKu98CE6lfaCOeFKRvCgQ9ywd1rlEEOY5jmFJHdckcEBRMDaV88nRRa_p1kXnIBQo1K1gCGIqBknZQ4p4utiO_lmkicECsxpYndleRwdn-abmUxtb1gMQhQ0milk8W7Biv9S5lynYXBKKeD4H0fWC1fwyoZKP_rwhsbvEnrIFvjKFrBSoYk2-MliUScS2wLCjsUlHaa3ULQVkJh8XS4IWTsyAJ9VzjdT9pgSRDI5QEMyr5886cDksYKrLulTaPA9pkFRO9-T9ydRrFtWfohtTwgta6WMe1MpP92MN-5L6Xt8M-yx3-Bl_PrDul7M6XjIo1ba_oXmK5_duZO3tZ732s2fSxV05-5juUc7bcQ8qhi8WeszLgssBKE6Opmq9p-r0U4ApKPprqlyyaVHLKN6S8uWE0flZwuf151KvfzS1oz3ie-_fIP7nnryhuAYRI1ui5vaVp6GtAglm2NsBdtlnlz_hqVw5ur3fI2nf2lew_GPj3g4CbQrwBA0gMTBj2n23D7Mtcy3qD4NdCp-mk63qhad8iR7dhV3pP90Rq7ipizWjiWX4pQcGUWpctgkQ8f8tR5KVe1umPDkzBOmuHkT-xwURUN-PfM0O5ZaVVc1saIp_c4CEu9RoqjvYYXovFijfxnIWloNdQ20A7tw615cl_4U8YI9NkKLSkkziYo3rIfqlWRNbEqUhoVp3QVFdq6SqWVfwlgBMufMah2NPjbHRfDwE9pA61jAs4MGHrYtUZzytBIKO5LTL72KLq8bOO81XLQ9drlvoDoqvVY8DcUdO1DCv7JY4VttUs4ZwEf1KnwzWa5g-LDxgN80l4eFEEETQxxUwu6nFlVyDNck-BlvARfxJx6OqvQUByLT5rSnxieF-Et43KCX-o50DCkgCIhcOFg4CO4vzirgzmLQCpQShmXqQw8dJ7b5psx1Z1ReAKX7RfDF2S4EAab7rqKmHrABrb9QQ9mWioAC3W92qhvV90-BLXc7nj-q0Zvo3i_2peXDg9YGPr_CAmOQyW-5jssz5FEWZSFYNzhSdpY20hUJ9vGf8Scfxm7oTVJ7fM11V3QZ_kWfe5B-upOr5G86lgt0VCjyfWz0wRWtStXkxwRDC1m5BZWSnGOTH75DkKC9Qj4UsHxhHFRRp13bMTJl9kCEVS92hLoplnKYYIv3iHQVVCmwjHisJ3tQbjR7m4lLZaoIoeWoDs1F3zVmDNU6nv8997CEMwZzXOZA6MDe8Yr9X-wG8pR3_T-z3JRbrsmYcSOOvkpGHmJnfS47nC9Rx7h6rFpvNuYeLhY5T_fvK3PNJSX6tFU98TNzhWv2JjJxdT7htXIm-KdQK5gQnJUUMS7Dr35TNcdADWuiWCX2k155L7phpEisdgENOM-NCV1_ZV76GqaHrhpF_Bsf2RzNosUXDIwfVMXq2afNyHaS-Ccrmwu7uS-6wE93Xofp-yI-9hZZPNR3-vFS6BFhipv6hGl7G84V4_PyRbb0J4IsxkLUFROUsIfLe5Von1wZFR1YgRClrSLhn5v73ExSe87vCFgjc3cV0xMKa12_dBbVgWLbF-5BYCjDHf-X8SUyyjTCwViAps2wdSSRkkl4DMQm-4uTktaVSgsRO4kEjSEZMIE_fx4XtyePTYqzrwRSxFgMHQEKWwvcO9xDQXlvnbcGFFF1XZPj9bBWpKGixiXb_pREGZWB7ngLUUq-ACUziyf9p_utpQl1YTHMtu8L7aabn-Z4N7Dd2anWEjNNijPqzx0os8kWXlOA5lUsXmPN8idsgclP6vamiTVMMUU16Au6_aEu4iRMkYyIhgSRywLKYmeN_T9oNp5lXZJOjJwsZI7f-u_5dGsnSgZCDryqw-NxewXF8SC_IR3ggyDoQvTgA60JyBOo9OBozxYgnZ6cQXTOgIsG-qB_kLljIiNX-CywnKIvA3SgGGJCH0RfjUuLhU44bNVZv91kyDr8Q-adhDzjm9L1AYiARc441pc9PE35yZ98HL1reAB4D3IUbzdG8uJAVBewCrauW1kLleodMFGBaQVtQ1K9ehz5R7kV49WfWToSmTSVNWaXKIeCy1ALQhztALbHOco1RDpH0iOkRajdjFx0UZG_XJUCVWGmTGpMW0eSiWX50h1sJjUaz0LL1dsfd_HDOfGAQmfKl2Y3oUE0bKSLnk7v56IgcpxS4BaSTQ9Lt4qCKlWYdKsh4Oq6Y0uLA_osnyXVU1UThY9hJKMQAj0F14tBPjRkj9QdqJPhKVGyRF-grHWKC72AzdmNLzzro6LfxAS5WSJBWJt0faBK8kNt5h4BvMc7v2JgI_7MyhCHs5GHiv3qjZetH9A0W8Vz_NipQV9r09QXUJkGSCssDTRIb2gJNEFrz4bYu3o55uvJaorzDkqnj-tTG64-gLEeLx5ZDxhEYO4gH2CkCAAzckqWRR7H1af5hjoJ5ohUvdDQ8RCXLdtoPy6ea5xEv_Zv3YW9P7BTabmPxEIeTo-0oBrTGQDLLulIxEvelLx7DoGYuUJGzawL47iu2CoY24X9t1IWp_Z_LyNTnxTzsdSAeE_8TiRrtr58uyXYscnmn-4LHPE-oRtkZlKPRZahgSQsMEV8HFzyic9w6mKABFc0jiqNHahD140MRR5opHIxlhOshge-_WIdEJQQ93HWNM2QPlOjTys3loweIoIVQo783QzmRWnJx7NLd4VhHPelkQEyCANcvWQLnKhDcyt4_smj8hBeZFvskdoRG3T8SLi_8g&cid=CAQSGwBpAlJW_GUL76AqOlnPhuD_NHdaCOJpyLTk3RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&ds=l&xdt=1&iif=1&cor=2127952854137535200&adk=1761367587&idt=177&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 14:17:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
5999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 14:17:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 536A 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
130598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
truncated
/ Frame CAFC 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b5197dd18d7e86f52817ec83e363c0b6f0d61fa7d0a2f38db3283d669c7a825

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame CAFC 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cv0x4gHLrZNSZIpi_o9kPl6Gv8A3S4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MjI1Mjg1Njc4NTIwMjQxyAEJqAMByAMCqgTZAU_Qx2gyMbKZz1YPFp3JtxgXwIcr1K8hjrR_P27I3FKJzYRezwF2pJHpJ5r9Ak3rY8CA1ieSwmKOuc-H6NIfIA-yB56-c1SvYv3fNm0sPkIXOblZFTk-_8jM8SloUCeppoIGPAg4uTDZJOb-Mj_r_rVYRVNaIBuRIV5uyQm1c_uc0bz72okTfS7NqAtI8uuQ2dv3CdF9GRhWMZmRF12g83DHaDFxnjPNgNpxSf5CCAqenok3Sg9uCEp_0QloMw5NAy4I7Sqt8SIE2RWu5SQ3vuqdoMR75af3xsWABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTIyNTI4NTY3ODUyMDI0MRgA&sigh=Aehag_HkXLQ&uach_m=[UACH]&cid=CAQSGwBpAlJW_GUL76AqOlnPhuD_NHdaCOJpyLTk3RgB&cbvp=2&vis=1
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Aug 2023 15:57:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame CAFC 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fnewsmarathi.mahanews18.com&e=wqT_3QLxBuhxAwAAAwDWAAUBCIDlracGEJGG99WEhLbpdBgAKjYJ2plu6PiHrD8RMj6UZtqsqz8ZAAAAgML18D8hMg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4-fQFgAEBigEDVVNEkgUG8EaYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vbmV3c21hcmF0aGkubWFoYQEQbDE4LmNvbYADAIgDAZADAJgDCaADAaoDgwMKmQIROBx3d3cuYmluZwEq8GEvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjgzYjEwZDktMzIzZS00NDgzLTg0MTgtZGMzODU4MGRlZmFmJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANo5aADRydHlwZT1udXJsJnRhZwGQbDkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfBpZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg0MTgwMjgyODY3MTMzODE2NDkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNek5UY3hNekEzTWpNNE9UTWpNagEU8H1FMU5qVXpPVE14T1Rnd01RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFlprX873m-Jp3wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAFkq40-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_n0BdIHDQkRKAEmCNoHBgFegBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=6fd302b29dbc32e91d8debe6bb078593de492957&pp=ZOtygAAIjNQFKN-YAAvQl8WNeehZHr9PZ7WGPA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8PwVgHLrZNSZIpi_o9kPl6Gv8A3S4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MjI1Mjg1Njc4NTIwMjQxyAEJqAMByAMCqgTcAU_Qx2gyMbKZz1YPFp3JtxgXwIcr1K8hjrR_P27I3FKJzYRezwF2pJHpJ5r9Ak3rY8CA1ieSwmKOuc-H6NIfIA-yB56-c1SvYv3fNm0sPkIXOblZFTk-_8jM8SloUCeppoIGPAg4uTDZJOb-Mj_r_rVYRVNaIBuRIV5uyQm1c_uc0bz72okTfS7NqAtI8uuQ2dv3CdF9GRhWMZmRF12g83DHaDFxnjPNgNpxSf5CCAqenok3CA1PmojbK2T8yXr4nXeMWy6O-6YN9w13R6JuOlYdiuhjJSYVq1HY9NGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aDsm_iDuXgtcb1-VTAWBoj36V5g%26client%3Dca-pub-9225285678520241%26adurl%3D&cbvp=2
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:53 GMT
an-x-request-uuid
90d3a9ac-f259-4806-af6d-5ba27dcdaace
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 7C13 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:15:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
45745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 03:15:28 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 7C13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 13:49:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
7707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 13:49:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 7C13 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
45747
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Sep 2023 03:15:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C13 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692792373905140"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:53 GMT
e822d7071992e030a786d1a51b1f59a7.js
www.gstatic.com/mysidia/ Frame 7C13 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:15:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14926
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 18:25:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 03:15:29 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7687 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/15925919271109001216/ Frame EC2C 		4 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd143efb472626b2e41c425cf3033dd0bf803b7661e58b24c238de8ce82a93f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
959
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 15:57:53 GMT
expires
Mon, 26 Aug 2024 15:57:53 GMT
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 536A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsss3VQQMRL797pptGEOOBrUBeFofGpeJ4H4ZgpuyzAtiHovmRGyqqajsx66X1Q_n6Iy-KoP5ir8eAbZ5qkQb2f4K7UYuAzvRcpOJGbN1vvhAGxZTFT9j9Fi7yHUm4xRkKhIieDG4SUpbjeV4QhsLcKoo8GKPXZkmaALA2Fwb4dQfqJb0Vnjtcky_PJ3SH1OmtVSWxyU8SEMvXbAg-7PqanLxC4v0LhdKRgO98OQOaAWivKkpWReskopg6kWQ32oYj0lLykjgRUDBTYG5V34A0-sEIVtSxw4C_xhoAwMrsQRqXpqlJsuko2Vb7toCnixPjxRl2Vf8yrUbNlS8Y3D2_5AZ4zkCFjmb1lX6Wjxvjc4HKlYg_ybhXprYuTH4TxRzsCE5HPRIBzDirIWZhKOdOTE4WDI_F1OnugzePwCC10LCo3DK8KIWjrRqRap471chekakvyS7_n3xEVGRsI0so1u-40898gIN8_7QxvVW3ye6lwuNFD2BGFHhsdYjpc1UfxqmxnsaLp-sOWb-T_YD5sUmV65KGgFsznzbeZXoaVasA1o3E-TzF-QYKO39jKXVJ37mk3HPSXeJrWM3J1mkVQO4WWGa4MJcrRxqlMOCTGViOqtUq-yknyTJJQkcdaL7CztZwUSntTkHQ0rXUmgKCwm6KNmuflbSskiniyjrj3zcX_P33-9TTod1RdU21YAoHU8ijlFayd1vBSDH4Mf6ICB0ByHVwnBKn8fnvLS2cJq60aSidqKJzdx76sottfE7Yojm9i_NV9KDF1G7B2WUm3SBxSidF91fZgNzlujN7qblIgMllzAIVxk6Tr5lw7_xlwbmy0EBoO6gwhtRbzfu2CAeMxdtkmki541Kfay2GFM3FG4jXBZqEPMuyq87LIbTp4bs3PEvhsSduOsYorovH6TQFcJOC-ngDVjNqsPs1C-t65thzUm4TlU5uKs1ZtRJiH1nvCvJQYvmrj6uAyCt7YB_MAxSkneFH00vVYpJoTJSXuxWkJwWGcgXlSbaZV9g3MQpija1xySXnmemUYcop3yx0iBgeKgG3tURzFnTt-H9pOLXSxuVsPWNL_EWnCgZCdC1047dhqtorhOA2KAtcd6eN55FmINbNo4aVDwYHJr36HRRB1DPWOAMTk-tVmDmNeP8UzRDz2aPcuqPzVTiOpmuol7IQ3f9211cT1vupp1jFf5fEAWMKQCj1r4k-l6J3Kgk2r3SQ1m0LY0gnpIssrdCmSLx9KNwbyaqe4yns-zrODBNDZqD8dq6HqMqqmdI7IGbUg-XPMhCcTwmnYktgp3&sai=AMfl-YRo1d4X_ERnPIsXpMBIKjT4btYfY8KK8iisdoHgWvMswhvmJRnTGGAQL01EUfDM79lq1yA529XkMR_uN3ewi_9kuXztgw6QpACsMn-cA3L1XBVLksnIdurkuQd_0lYYUrXJDH114bsEx4c7Ygu3N8HLdagiGF2q0Cw0LyByqYbjjwvGnx0&sig=Cg0ArKJSzNp2QQOVNa8oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=112&cbvp=1&cstd=102&cisv=r20230823.52982&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Aug 2023 15:57:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 27 Aug 2023 15:57:53 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 7C13 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSojMg83e8-2te4lQUlxhhhNz-LjY5xtl7Vr3bkw8jpr_Y_Dep5wxc3DjAR-g&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fc16a66412bae2d5bc8d6715b4e89be2cc05fb04d57b28144b8135ee989db98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 22:11:20 GMT
x-content-type-options
nosniff
age
495993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17675
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 04:48:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 20 Aug 2024 22:11:20 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 7C13 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRASnkfyuvDVpaw32tokP1QkvRFDlW6OpHoxSxHFfF5Yr2zaLAeUuo_DYNvxXU&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b89e2361f48dc93534e905d9ab960ed80287a0ceebf6c2a7b224f27ed88df00d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 20:37:23 GMT
x-content-type-options
nosniff
age
415230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17509
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 09:03:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 21 Aug 2024 20:37:23 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 7C13 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQgYvkGCmv9VYptGD8-btsIRbT8UbEWqIgeDE5QlW_YnPC9LrrS&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111de0d21f1b2484d273088f955127e611fd2338451b5b89b8863d5adb4abf26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 12:43:23 GMT
x-content-type-options
nosniff
age
270870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47589
x-xss-protection
0
last-modified
Tue, 28 Jan 2020 14:55:47 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 23 Aug 2024 12:43:23 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7C13 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 07:15:13 GMT
x-content-type-options
nosniff
age
117760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 07:15:13 GMT
truncated
/ Frame 7C13 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd0f70c1580e9ee04f6f1e7258ca8f8b0d96742e0a049e987927ac5e8f60c76c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
styles.min.css
s0.2mdn.net/sadbundle/15925919271109001216/css/ Frame EC2C 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26f776ca399eda2533efb3f9a1ca37202720955134c1ad219e5b175d4cd066e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 10:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277228
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2202
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 10:57:25 GMT
script.min.js
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame EC2C 		2 KB
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/js/script.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
658
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Aug 2024 14:17:32 GMT
global.min.js
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame EC2C 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/js/global.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 10:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2173
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 10:57:26 GMT
main.min.js
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame EC2C 		5 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/js/main.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4843f0ad8f0ec9243501986b7edce08d88daf5cb2512dd2843a5ccfa68b1a79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136606
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
829
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 02:01:07 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame EC2C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=T0qKrSKIXQ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Aug 2023 04:01:10 GMT
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame 7687 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 10:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
18585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 10:48:08 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7C13
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CscPSgHLrZJS4I8Oko9kP7NuzSJeKlb9v_YPF1NkRn5ugtLAwEAEg9L2zemCV4pCCoAegAb_2zs4DyAEJqQIlUogW8RyyPqgDAcgDywSqBOcBT9CR1t19LhlvEzxoPb7Jbi4sBWvpgMC1Sp5...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225498496121289636816%22,%22debug_reporting%22:true,%22destination%22:%22https://automation24.de%22,%22event_report_window%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225498496121289636816%22,%22debug_reporting%22:true,%22destination%22:%22https://automation24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970177343%22],%224%22:[%2208-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22615847515717088497%22}&andc=true
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:54 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5498496121289636816","debug_reporting":true,"destination":"https://automation24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970177343"],"4":["08-27"],"6":["true"]},"priority":"500","source_event_id":"615847515717088497"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 27 Aug 2023 15:57:54 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Aug 2023 15:57:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5498496121289636816","debug_reporting":true,"destination":"https://automation24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970177343"],"4":["08-27"],"6":["true"]},"priority":"500","source_event_id":"615847515717088497"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame D6B5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225285678520241&output=html&h=600&slotname=1377505432&adk=1443758607&adf=3127169844&pi=t.ma~as.1377505432&w=280&fwrn=4&fwrnh=100&lmt=1693144672&rafmt=1&format=280x600&url=https%3A%2F%2Fnewsmarathi.mahanews18.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693151872207&bpp=1&bdt=179&idt=288&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4042588190084&frm=20&pv=1&ga_vid=1922898651.1693151872&ga_sid=1693151872&ga_hid=2065350545&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076838%2C44785293%2C44795921%2C31077349&oid=2&pvsid=3235953020035056&tmod=769959241&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FD3lp97A3H&p=https%3A//newsmarathi.mahanews18.com&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 10:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
18585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 10:48:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 536A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsss3VQQMRL797pptGEOOBrUBeFofGpeJ4H4ZgpuyzAtiHovmRGyqqajsx66X1Q_n6Iy-KoP5ir8eAbZ5qkQb2f4K7UYuAzvRcpOJGbN1vvhAGxZTFT9j9Fi7yHUm4xRkKhIieDG4SUpbjeV4QhsLcKoo8GKPXZkmaALA2Fwb4dQfqJb0Vnjtcky_PJ3SH1OmtVSWxyU8SEMvXbAg-7PqanLxC4v0LhdKRgO98OQOaAWivKkpWReskopg6kWQ32oYj0lLykjgRUDBTYG5V34A0-sEIVtSxw4C_xhoAwMrsQRqXpqlJsuko2Vb7toCnixPjxRl2Vf8yrUbNlS8Y3D2_5AZ4zkCFjmb1lX6Wjxvjc4HKlYg_ybhXprYuTH4TxRzsCE5HPRIBzDirIWZhKOdOTE4WDI_F1OnugzePwCC10LCo3DK8KIWjrRqRap471chekakvyS7_n3xEVGRsI0so1u-40898gIN8_7QxvVW3ye6lwuNFD2BGFHhsdYjpc1UfxqmxnsaLp-sOWb-T_YD5sUmV65KGgFsznzbeZXoaVasA1o3E-TzF-QYKO39jKXVJ37mk3HPSXeJrWM3J1mkVQO4WWGa4MJcrRxqlMOCTGViOqtUq-yknyTJJQkcdaL7CztZwUSntTkHQ0rXUmgKCwm6KNmuflbSskiniyjrj3zcX_P33-9TTod1RdU21YAoHU8ijlFayd1vBSDH4Mf6ICB0ByHVwnBKn8fnvLS2cJq60aSidqKJzdx76sottfE7Yojm9i_NV9KDF1G7B2WUm3SBxSidF91fZgNzlujN7qblIgMllzAIVxk6Tr5lw7_xlwbmy0EBoO6gwhtRbzfu2CAeMxdtkmki541Kfay2GFM3FG4jXBZqEPMuyq87LIbTp4bs3PEvhsSduOsYorovH6TQFcJOC-ngDVjNqsPs1C-t65thzUm4TlU5uKs1ZtRJiH1nvCvJQYvmrj6uAyCt7YB_MAxSkneFH00vVYpJoTJSXuxWkJwWGcgXlSbaZV9g3MQpija1xySXnmemUYcop3yx0iBgeKgG3tURzFnTt-H9pOLXSxuVsPWNL_EWnCgZCdC1047dhqtorhOA2KAtcd6eN55FmINbNo4aVDwYHJr36HRRB1DPWOAMTk-tVmDmNeP8UzRDz2aPcuqPzVTiOpmuol7IQ3f9211cT1vupp1jFf5fEAWMKQCj1r4k-l6J3Kgk2r3SQ1m0LY0gnpIssrdCmSLx9KNwbyaqe4yns-zrODBNDZqD8dq6HqMqqmdI7IGbUg-XPMhCcTwmnYktgp3&sai=AMfl-YRo1d4X_ERnPIsXpMBIKjT4btYfY8KK8iisdoHgWvMswhvmJRnTGGAQL01EUfDM79lq1yA529XkMR_uN3ewi_9kuXztgw6QpACsMn-cA3L1XBVLksnIdurkuQd_0lYYUrXJDH114bsEx4c7Ygu3N8HLdagiGF2q0Cw0LyByqYbjjwvGnx0&sig=Cg0ArKJSzNp2QQOVNa8oEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=339&vt=11&dtpt=227&dett=3&cstd=102&cisv=r20230823.52982&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: newsmarathi.mahanews18.com
URL: https://newsmarathi.mahanews18.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 27 Aug 2023 15:57:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d8a68267a1f6d81867b032907a8fe41dc392f46bdc1c0ff6a579939f647e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11681
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225498496121289636816%22,%22debug_reporting%22:true,%22destination%22:%22https://automation24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970177343%22],%224%22:[%2208-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22615847515717088497%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 27 Aug 2023 15:57:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 536A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
006c18b4010f1441bc941c35379ca1862f2142017a7776fd213205a72e332555

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
UIBH_SUMMER-AWON_160x600.jpg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame EC2C 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/UIBH_SUMMER-AWON_160x600.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.117.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b60446db91da357515f68dd0b38dcb8c5a453c0c0a72603dfa1f088caf7a5e0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 15:57:55 GMT
Last-Modified
Fri, 19 May 2023 10:15:08 GMT
Server
AmazonS3
x-amz-request-id
PBQEDDXQ314XSAQW
ETag
"348b07411d321b68db04494adb8fc1ce"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
23495
x-amz-id-2
fgr6ZiN53havPoJSBpmOv9QT08Ng3t+ngmkSpVu5k7ZZHC27Mg/DmCCDfvs1CJ1TTFVMKPdLioA=
HelveticaNeueLTStd-BlkCn.otf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame EC2C 		29 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/HelveticaNeueLTStd-BlkCn.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 15:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175458
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21019
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 15:13:35 GMT
RobotoCondensed-Bold.ttf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame EC2C 		165 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/RobotoCondensed-Bold.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 10:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89788
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 10:57:26 GMT
RobotoCondensed-Regular.ttf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame EC2C 		166 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/RobotoCondensed-Regular.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 10:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89507
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 10:43:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 10:57:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EC2C 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc09e43bbf4d35a28415cb78879e521f44d1f0ff95ceb0b4bdb8a4d54c7b1dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5570
x-xss-protection
0
logo_ushuaia_blanco.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame EC2C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_blanco.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.117.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 15:57:55 GMT
Last-Modified
Tue, 24 Jan 2023 16:43:05 GMT
Server
AmazonS3
x-amz-request-id
PBQ7R3NTM0QP1ZPJ
ETag
"e915bfb094df409135d1b25c9becfb88"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
16030
x-amz-id-2
zWEuJcHLDijQz/EUT6L8QIuYb2R7PRuB3MwHoMgElIpw4Sqh6XqSBe73dHQkR8YIb+ppHEEFreg=
logo_ushuaia_rojo.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame EC2C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_rojo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.117.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 15:57:55 GMT
Last-Modified
Tue, 24 Jan 2023 16:43:06 GMT
Server
AmazonS3
x-amz-request-id
PBQB11C4PQ74K7RK
ETag
"b0c04b645a75b4acf16eddd9b9c9e8d1"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
17084
x-amz-id-2
1bmF3DIJdLwexqTqjSqHAs0QG0TIM6DomXLiCcoDIihk6bTOJTDgP8998GNu2zETcAEIdxz3JuA=
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9225285678520241&plah=newsmarathi.mahanews18.com&bust=31077349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 15:57:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D3B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsmarathi.mahanews18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 13:49:26 GMT
expires
Mon, 26 Aug 2024 13:49:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DF7C 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7760d9c4b54f6a9f461d540493e630554424982021f4ef9b6a235e3d1bdd477d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9G3Ujk8Lw0zp3AplGkCR4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsmarathi.mahanews18.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-9G3Ujk8Lw0zp3AplGkCR4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 15:57:54 GMT
expires
Sun, 27 Aug 2023 15:57:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EC2C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 15:57:54 GMT
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame 8D3B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 10:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
18586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 10:48:08 GMT
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame DC04 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 10:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
18586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 10:48:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7687 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC4krgXLrZIbHIae79u8Pj6mNmAMAAAAAOAHgBAI&bg=!VValVhnNAAYkVgHwBFY7ADQBe5WfODIwhroKxznQCBmYfZKcB1CeDQZjBJJLwrdn_4NduUgruK1RLNjETuAqVQym0epDAgAAARlSAAAACGgBBwoASSf2MA5XGnOxxQVdsXcNBTkmW42u0_lekYn4S9XOxxMPnyuF-Xoo_N-pz6h4Hae5U-FM02iuhLFjFX9s5ty65HeRFpArhrsdOqGZAw5QI9G-hIc4vgP2vMNgULlMOm0pVYCGciRlSNCQEXxuLEU3ps4XU04fFEHCncrBKxHf6whDMQocXn4IneQtx_E2dxRJc_jLJ6qxrONIlNE2fl3YNE0Bpr1t3pEq99rtLvGzo1UbWEgq5kdyz6YM1y2dW43aI9HwiE9q-r7lJCYeK73lro4EEnf_qFwhtd8FMMhHgFwHccL-qFsVFWhjLPAlGRBoMPKiANWUcuh-OBMuwQjEPu67j9LLGzlniZaNVT501V2vglQew1A-vyVPicDlBjSPjLYO0O0U_H21hfdFC6ZW0NeGlq9egYg_vVrDXABRUKizDjZz_ibtwo51Ht65U4piYOWBRXz5myeiqpCa_EDLsgW3V8BziMtbn69ousxxTZlSU2yA1Nb4w4r3myjBoUySZePrBLTipqVnE8buQF163A3NJgsSE8WYvJztx1Jn1R7sKpObt3pyqpK7vsWysb_VkTu0YOfKh758suhdor9ja-cbqCpftdVQ5Ff-hpKzXlwpQQgfSL95RuH8cz7dUdEl90gp8gVqcBtJI8D2Gq-GUz4xwsZobLTHhqVCy40lqVKJLIPRqwmIOdG-FnBDeNqz06ZxYTVoZlO4W0zngMxSmo51VqzrzIcsnZcmotJ5JvSXjxZZftXrljUB2-TGtPkL1W5okj_xj41Q9WYXPyRAxugOwzC1mIpbyDlosnuQQgqf1jSXEpWoSJfOoCkVrH9Ne7-DjqGTD1Lf4wv43v5r8eOO4zWS7ZxWecpAajC1j1f-M4OLlfgFTAh-UabhOEch5nbtTm26a-2led36eurwVLHC0bMQWMCJ_AG3fqsvwg8ypn45frPIE2Py8LS4GS2fkpyzBm226GVYTeD_94fBibjuQidXYxUQSLON9op0uNrkMtZpjBZcqUy8WZBZF0-vIQ6qscunW0uiGoSl37C6oAweZKlANLYm5a3o_Z_AfyUHi4YLQc-lVBCXyePeM6Ukbhfcd0nHV2A8nXfl5yhgpdutsxCA5R4H_ApZQ_4uHK2AWFYzKo-Sy8AQeQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DF7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=3235953020035056&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8D3B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?r20bPQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 15:57:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vevent
ams3-ib.adnxs.com/ Frame CAFC 		0
671 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnewsmarathi.mahanews18.com&e=wqT_3QLxBuhxAwAAAwDWAAUBCIDlracGEJGG99WEhLbpdBgAKjYJ2plu6PiHrD8RMj6UZtqsqz8ZAAAAgML18D8hMg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4-fQFgAEBigEDVVNEkgUG8EaYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCImh0dHBzOi8vbmV3c21hcmF0aGkubWFoYQEQbDE4LmNvbYADAIgDAZADAJgDCaADAaoDgwMKmQIROBx3d3cuYmluZwEq8GEvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NjgzYjEwZDktMzIzZS00NDgzLTg0MTgtZGMzODU4MGRlZmFmJmNtRXhwSWQ9TFYzJm9BZC5FAFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANo5aADRydHlwZT1udXJsJnRhZwGQbDkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGfBpZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg0MTgwMjgyODY3MTMzODE2NDkiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNek5UY3hNekEzTWpNNE9UTWpNagEU8H1FMU5qVXpPVE14T1Rnd01RPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFlprX873m-Jp3wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAFkq40-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_n0BdIHDQkRKAEmCNoHBgFegBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=6fd302b29dbc32e91d8debe6bb078593de492957&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=7277969301159418795&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:54 GMT
an-x-request-uuid
36914aae-b3b0-4ae8-af42-1d5440453e87
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame CAFC
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e565bb2d-78f8-4217-8b31-e554db1dbe7c&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=683b10d9-323e-4483...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fea03d47148a4230b836590b1f9abec9&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fea03d47148a4230b836590b1f9abec9&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:3500:1b::1724:a387 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 62AF0BABB0E9491E89BAC6DE2FE64961 Ref B: FRA31EDGE0813 Ref C: 2023-08-27T15:57:54Z
x-cdn-traceid
0.87a12417.1693151874.b29fe17b
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sun, 27 Aug 2023 15:57:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6802122077D04DB09315E702EE974DC4 Ref B: MIL30EDGE1121 Ref C: 2023-08-27T15:57:54Z
x-cdn-traceid
0.87a12417.1693151874.b29fe00b
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fea03d47148a4230b836590b1f9abec9&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
activeview
pagead2.googlesyndication.com/pcs/ Frame CAFC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv67XhxbFiUD642OQ7wcAGeJHUSzC-LL3K0ks4iHBr0I7dabbnjXHOB17lgeEXdu40i2N_nmwzS5uKUnM6jtFybJ_maHXxX9lZFwXp6&sig=Cg0ArKJSzKbWilnhWEgHEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693151873253&rpt=348&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=3235953020035056&bg=!19Sl1JvNAAYkVgHwBFY7ADQBe5WfOMuUbCZjROCm4DItvaUc5KFHXnNM-Redq1aAlL51h9zQdFh369lv2b72KaXKndsqAgAAAIhSAAAACmgBBwoATGbA3xQ4ujOdki2P-ZAvMVyI1yhl3-1eVZ0y_Hexd03IA5bn5ABVhz99ljzSxJtCdMq_Q_3nMfOe2GlCLT3rCzLM5P5fSJp3S7g9oQ2ZAsmxmSE911BVICwo9bqt68rGmZQCu0nHKibb8lorNJQlyaghXjUBxmrM63xPaa0BRflErutbQcwTxXnB-4YyFnjQsRLKjyXonf5V-Kit0Cy_ZmA_zfQnpDqOVXX_aeVRBBQqqllWRJ3S4f83iMV-t0FoIr--OaCe_MEFrNC3guPaGjqIASZi-XDdiEZOBZJHb6MGPvhU445MQuszbFWRAtu877Vjme-fQ56As3fPCxc0KsuNycVFIO91JVDQpq1z_RqTIQ613ZdkpVRkfkHq6cJgPXdsatK2euryVRBDSzRk1T59mlc6aR5FlrhYuyqlT0EKod8xdCE8G-tbNFW3sf7yQeqnsnBcBOWGzx85dLIEoG0p4izkZjnFO2PFzel1mw2IHk23_ddbX8K0py3rmfYUPkpb8veWL_DQa3xcFeJL6ENv4pBNajFpH3N3lpTlbF4I5GZ60ycvIH9dEGbybMrsYP9EalvTHlHtIxCZhWTDmltWRJwvmhq4GatLbOunpdl4a25fRPhbnQkABFmD8qnRrS_rNHMFZVjlhKoHfYNd4YyP_zOIGXjZe5_YiVnQYEEq-31NP1mjnEfS1oyBTSdxe9YgrI-Ip5xlnmR3XXoAcp4lpoe9fkh7a-4CKhQOVcJwwQjBnNVtgtc84yZ1R6FV4IH-u_3qSPdTavPwqOHuAioDJk90grbfslrONjPJZLofxLPpwN4bp5FJRVYNoUnzw2lZkeucBOSEQdTUmrRe_ymCXFzkSp_BFHC_FOr4frudh5yej-KLBQDfUkzzbWerQ3Pryk3mNJymh3eBY12hWXqmEi5hZY6pY36ZEdrwnfed2EtUEaclIAH4GYCfjA7wiyKBU9QQR1ZKs7jrKyWMMPgnlcBWAcwXhjHuQLKlA7DDtH_4aCjHb6rhIZgv3tNNic68yPVQhObsOgMe3AG1lRKWtlW84EFX_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsmarathi.mahanews18.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 536A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4705273798737&version=m202307240101&ct=76&x=1&cor=2127952854137535200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 536A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLFSR-Fv7_55ZzioECXGshgRZ0j243bdMlRA806-tjLYzEyJGXyM8gkC66eKL-S3QfeD8_fZS2IiEt1P22cdzyipZ5V5cMARH71jmpeVVMFEWnli2uwYzAZZ1OfUpdOTPeMeRd40FumdM2&sai=AMfl-YS1vR_qj1xR8SHnXJicjxPJeRvqUJkoOaJ7y1x-jotNRTUB_amRq3PqLR2Btxd0xqQLkWZHLC7Vonq8&sig=Cg0ArKJSzOBtJvyMrhAvEAE&cid=CAQSGwBpAlJW_GUL76AqOlnPhuD_NHdaCOJpyLTk3RgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693151873291&rpt=360&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 15:57:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| _wpemojiSettings function| gtag object| dataLayer object| adsbygoogle object| buttonizer_data object| buttonizer_ajax object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager number| 2f1acc6c3a606b082e5eef5e54414ffb object| Buttonizer object| gaGlobal object| generatepressMenu object| _stq function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| B function| D function| V function| ea function| fa function| P function| W function| X function| da function| la function| m function| ca function| ha function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element boolean| ai_process_elements_active function| MobileDetect function| ai_process_lists boolean| ai_js_code function| st_go function| linktracker_init object| wpcom object| twemoji object| wp function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.mahanews18.com/ Name: _ga_K883BC70YY
Value: GS1.1.1693151872.1.0.1693151872.0.0.0
.mahanews18.com/ Name: _ga
Value: GA1.1.1922898651.1693151872
.mahanews18.com/ Name: __gads
Value: ID=dd722b7e4efa302e-221576d45ede004b:T=1693151872:RT=1693151872:S=ALNI_MbF5kcrNktHtII4x79PHwf3EjfdlQ
.mahanews18.com/ Name: __gpi
Value: UID=00000c696f70eaa9:T=1693151872:RT=1693151872:S=ALNI_MbeHqvBlDggdcSgPpPVrqgkqaQmSA
.doubleclick.net/ Name: IDE
Value: AHWqTUlNa8OIEGzSpLe3N36a68uxi9njNvj5JQE5aE_sq9e5Nfotg7E5K_IZyzhP
.casalemedia.com/ Name: CMID
Value: ZOtygWs8Jp3jEZCmCRFVcAAA
.casalemedia.com/ Name: CMPS
Value: 1143
.casalemedia.com/ Name: CMPRO
Value: 1143
.adnxs.com/ Name: uuid2
Value: 4804051056829604501
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaPqPr7_!@wnfH8K6pQK`!5=E<*L5?%K/1.hKs7RU(*0j%(c3i(3r.RQMV?p[`JlC!/e%nugO%v4VB%nm]*)l?Xy
.bing.com/ Name: MUID
Value: 1D05726DDCAE6CCA2D536117DD736D79
.doubleclick.net/ Name: APC
Value: AfxxVi6cNjaiYPa-2MiUD9L7cUfTIgguIbMsisC6-jifg2ZzGfePXA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.googleadservices.com/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
cdn.adnxs.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
newsmarathi.mahanews18.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
region1.google-analytics.com
s0.2mdn.net
stats.wp.com
t2ocreaspalladium.s3-eu-west-1.amazonaws.com
tpc.googlesyndication.com
www.bing.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.186.130
151.101.1.108
172.217.18.2
185.80.39.216
185.89.210.153
192.0.76.3
2001:4860:4802:34::36
2606:4700::6811:180e
2620:1ec:46::45
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:806::200e
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2006
2a02:26f0:3500:1b::1724:a387
2a06:98c1:3120::3
2a06:98c1:3121::3
52.218.117.2
006c18b4010f1441bc941c35379ca1862f2142017a7776fd213205a72e332555
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc7b578ae3c5a2ee4c618cd3b1f241bda2800f71dd2c24c49cf1d2e063eae13
0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997
111de0d21f1b2484d273088f955127e611fd2338451b5b89b8863d5adb4abf26
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12cbb41de25227eefa9b187395bd3adf650671499098ac9b06b359d28647c046
14159f2320e6d83314ceb4696a863074e065eb8b5d0a9cfbb9c9b200cbe587b9
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1979a46cb871f955eeb2708d602a9d99d9f404416bfa0ce3cfdc9d1e36042a88
1bd143efb472626b2e41c425cf3033dd0bf803b7661e58b24c238de8ce82a93f
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
208c53e8ac495229437f6586207dd40bcfcd00a8f8167c0335d0bc965841d44c
21c2a276abd333ef57922bbff4c7d34a5f32438d777a72c89a7ba6a07d96f46a
22e6b56e777518d56d35252b62065cfa748c0c290c7b54ace1314338cf97b6f3
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39d32462f3b1f0885a9fae01467b78116983f5fc29cf42a2a0b17b7424c40ed4
452de56dc9187357fea9aec773ac9752719ed52c77d96f59eaa4eb99a0919ee3
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4843f0ad8f0ec9243501986b7edce08d88daf5cb2512dd2843a5ccfa68b1a79f
4a74bc25e52e23d81ccea5a375c986c9bcd5d93e686deb2c3d26f2269c3acaac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4dd1f3dec57d394ce0907993a06e6728af7070f886f10a209f7e3081779d34a9
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6841b8b2347a0d7bf9eb7cf9f8128bc116dbfed1f1a91edde75f1c049a36d76c
72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55
74e43bf9d11100116bb07aa5e2dc87b7449316a13b14d69dfb2495bab539c19b
7644474de2387c71543ba53af52cdec557218fe726674dfa6dfca3c60dabcd7e
7760d9c4b54f6a9f461d540493e630554424982021f4ef9b6a235e3d1bdd477d
7b5197dd18d7e86f52817ec83e363c0b6f0d61fa7d0a2f38db3283d669c7a825
7d250505a9696c3c02d6549bbc002e1f51dec829b6a1d37d4b22b716702b701f
7ed7103cf260025b17419c7e5b364f742d87430eff60e586a924cd3cfc1d528a
8fc16a66412bae2d5bc8d6715b4e89be2cc05fb04d57b28144b8135ee989db98
905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696
98fe9f5fa328e47817d703bef0314466c4ebd2b5c54ffe5e72dbb812b1244eb3
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a26f776ca399eda2533efb3f9a1ca37202720955134c1ad219e5b175d4cd066e
a4d8a68267a1f6d81867b032907a8fe41dc392f46bdc1c0ff6a579939f647e07
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ac949473285b9093d4c2a63165163302403383e5eb71850de8469e9e34ff1996
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adde57aec4a92b115a1fd6bce30fc7bc1097a143330f490dc38029adac8a0903
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f
b60446db91da357515f68dd0b38dcb8c5a453c0c0a72603dfa1f088caf7a5e0a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b89e2361f48dc93534e905d9ab960ed80287a0ceebf6c2a7b224f27ed88df00d
c271c5ee7279e7b494f83ad8e04623dee1d1dfe6bce4770cb711afb5b08e4694
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cd0f70c1580e9ee04f6f1e7258ca8f8b0d96742e0a049e987927ac5e8f60c76c
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39
e087e6004a9e8a1667c689c641814ca3bff189fa2a141dc4fb2739d76a60a140
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb
f397c9587cae98335b3087ea15b0293fbf3725dbcac05b8ff979070d9b66b704
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f46107a92a8e9e5d3dd1caf36318f31190df4ff5fd7a2e376a417e2266900720
f4646e40e3e509ff0423a797835758923586929af3aeb2ba174935782f02a881
fc09e43bbf4d35a28415cb78879e521f44d1f0ff95ceb0b4bdb8a4d54c7b1dd8