indianexpress.com Open in urlscan Pro
23.79.141.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/8AczCbu0Tv
Effective URL:
https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberatta...
Submission: On November 22 via api (November 22nd 2021, 1:58:26 pm UTC) from US — Scanned from DE

Summary HTTP 309 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 25 domains to perform 309 HTTP transactions. The main IP is 23.79.141.164, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is indianexpress.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 14th 2021. Valid for: a year.

This is the only time indianexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 1	54.148.61.62 54.148.61.62	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
74	23.79.141.164 23.79.141.164	16625 (AKAMAI-AS) (AKAMAI-AS)
13	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:215... 2600:9000:2156:7200:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 4	143.204.98.125 143.204.98.125	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	50.16.218.57 50.16.218.57	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:215... 2600:9000:2156:a200:1e:3056:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:2600:a:5b2c:b080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:d400:3:6e47:11c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:215... 2600:9000:2156:e00:f:b7c0:a340:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:401... 2a00:1450:4017:80d::2003	15169 (GOOGLE) (GOOGLE)
3	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:1a::8	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:f::9	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:215... 2600:9000:2156:5200:18:757a:bc40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	143.204.98.119 143.204.98.119	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:a600:19:be69:b800:93a1	16509 (AMAZON-02) (AMAZON-02)
309	46

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.61.62 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-61-62.us-west-2.compute.amazonaws.com

dlvr.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 23.79.141.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-141-164.deploy.static.akamaitechnologies.com

indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ua.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:7200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.218.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-218-57.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:a200:1e:3056:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2600:a:5b2c:b080:93a1 (United States)

ASN16509 (AMAZON-02, US)

pubs.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:d400:3:6e47:11c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

impulse.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:e00:f:b7c0:a340:93a1 (United States)

ASN16509 (AMAZON-02, US)

dac.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4017:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:1a::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5edndz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:f::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edn6y.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5200:18:757a:bc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api-cengine.forkcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net

delivery.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:a600:19:be69:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)

audience.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cengine.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	570 KB
74	indianexpress.com indianexpress.com images.indianexpress.com accounts.indianexpress.com ua.indianexpress.com	377 KB
34	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net bid.g.doubleclick.net	287 KB
29	gstatic.com fonts.gstatic.com csi.gstatic.com	318 KB
13	criteo.net static.criteo.net pix.eu.criteo.net csm.eu.criteo.net	211 KB
12	2mdn.net 3 redirects s0.2mdn.net gcdn.2mdn.net r3---sn-4g5edndz.c.2mdn.net r4---sn-4g5edn6y.c.2mdn.net	6 MB
12	googleapis.com fonts.googleapis.com imasdk.googleapis.com	384 KB
10	contextads.live pubs.contextads.live impulse.contextads.live dac.contextads.live delivery.contextads.live audience.contextads.live cengine.contextads.live	37 KB
10	google.com www.google.com adservice.google.com	3 KB
6	googletagservices.com www.googletagservices.com	218 KB
3	criteo.com rtb.nl.eu.criteo.com ads.eu.criteo.com cat.nl.eu.criteo.com	47 KB
3	google.de adservice.google.de www.google.de	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	24 KB
3	izooto.com cdn.izooto.com	64 KB
3	wp.com s1.wp.com stats.wp.com pixel.wp.com	3 KB
2	wzrkt.com wzrkt.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	forkcdn.com api-cengine.forkcdn.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	googleadservices.com partner.googleadservices.com	278 B
1	chartbeat.net ping.chartbeat.net	201 B
1	cloudfront.net d2r1yp2w7bby2u.cloudfront.net	15 KB
1	dlvr.it 1 redirects dlvr.it	755 B
1	t.co t.co	683 B
309	25

	Domain	Requested by
40	pagead2.googlesyndication.com	securepubads.g.doubleclick.net t.co e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
36	images.indianexpress.com	indianexpress.com
31	tpc.googlesyndication.com	securepubads.g.doubleclick.net e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com t.co tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
30	indianexpress.com	www.google.com indianexpress.com
21	fonts.gstatic.com	indianexpress.com fonts.googleapis.com
12	securepubads.g.doubleclick.net	indianexpress.com securepubads.g.doubleclick.net t.co www.googletagservices.com e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
11	googleads.g.doubleclick.net	e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com pagead2.googlesyndication.com
8	csi.gstatic.com	imasdk.googleapis.com
8	e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	www.google.com	t.co indianexpress.com e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com tpc.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
7	googleads4.g.doubleclick.net	t.co
7	ua.indianexpress.com	indianexpress.com ua.indianexpress.com
6	ade.googlesyndication.com
6	imasdk.googleapis.com	e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
6	www.googletagservices.com	securepubads.g.doubleclick.net e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
6	fonts.googleapis.com	indianexpress.com e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com cdnjs.cloudflare.com
5	pix.eu.criteo.net	ads.eu.criteo.com
4	r3---sn-4g5edndz.c.2mdn.net	e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
3	delivery.contextads.live	impulse.contextads.live delivery.contextads.live
3	gcdn.2mdn.net	3 redirects
3	bid.g.doubleclick.net	imasdk.googleapis.com
3	s0.2mdn.net	e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com t.co
3	sb.scorecardresearch.com	1 redirects indianexpress.com
3	cdn.izooto.com	indianexpress.com cdn.izooto.com
2	r4---sn-4g5edn6y.c.2mdn.net	e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
2	dac.contextads.live	impulse.contextads.live dac.contextads.live
2	impulse.contextads.live	pubs.contextads.live impulse.contextads.live
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
2	www.google-analytics.com	indianexpress.com www.google-analytics.com
2	static.chartbeat.com	indianexpress.com
1	cengine.contextads.live	dac.contextads.live
1	audience.contextads.live	dac.contextads.live
1	api-cengine.forkcdn.com	dac.contextads.live
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ads.eu.criteo.com	e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	t.co
1	pubs.contextads.live	t.co
1	www.google.de	indianexpress.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ping.chartbeat.net	indianexpress.com
1	mab.chartbeat.com	static.chartbeat.com
1	pixel.wp.com	indianexpress.com
1	d2r1yp2w7bby2u.cloudfront.net	indianexpress.com
1	accounts.indianexpress.com	indianexpress.com
1	stats.wp.com	indianexpress.com
1	s1.wp.com	indianexpress.com
1	dlvr.it	1 redirects
1	t.co
309	54

This site contains links to these domains. Also see Links.

Domain
tamil.indianexpress.com
bengali.indianexpress.com
malayalam.indianexpress.com
www.jansatta.com
www.loksatta.com
www.facebook.com
twitter.com
www.reddit.com
images.indianexpress.com
t.me
indianexpress.page.link
zoom.us
www.financialexpress.com
eureka.indianexpress.com
www.linkedin.com
www.instagram.com
play.google.com
itunes.apple.com
www.inuth.com
expressgroup.indianexpress.com
www.myinsuranceclub.com
rngfoundation.com
www.lighthousejournalism.com
subscribe.indianexpress.com
vip.wordpress.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
indianexpress.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
wzrkt.com Amazon	`2021-04-21` - `2022-05-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
delivery.contextads.live Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-12` - `2021-12-10`	3 months	crt.sh
*.forkcdn.com Amazon	`2021-08-22` - `2022-09-20`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-02` - `2022-01-11`	2 months	crt.sh
contextads.live Amazon	`2021-06-29` - `2022-07-28`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Frame ID: C7617D69F22369C9D12F267EF1E2ABD6
Requests: 125 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9204D097E14B4CD8C091793ABADFE4B5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: 21F922CD713F603D56F69095DAE7C84F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_Y61rV9uiNKIYKXV67BlLYlbKuchP2t3JezRdh5Pduc_1QI9VapsGsaHe6OLZOokIhgpd1Sy5YWbRLn8pN-0ZzN3l00xqYZ9I1ESYwonoXzFe0ZZLtlQXxW231uvIWkKqi7ls-8iR6AgowvIRIqtqCo6vAJrgjCM_-CKv5OCxZH91Rq9unG8wWMLBh0TqFF0kQrMukR64m1WRsi6AThyxOuDZkMRSD2OKa1osh2AgGmHzEKpMZPfnqned9T1Q68p9CTHLELsJydsIsytX9ywvPJuDbCQejFBQz2CWJAYpWbViu7nQ-1osqs5PrT-TexpPuoj3KDqoPTzN7jJn4deAqtAD3tY0ofTRQqtU&sai=AMfl-YT6vQ5nBxFmtL5Loryto-HiXZNA0H1-PZSOtCBk0QoiOupGtzjPRhmdaxHggorLXq66l1jL2XTVU1VV-PVmlxitMSC-DniffvxyEAOc_TX_UmO64PP5LN9AvF47-lA&sig=Cg0ArKJSzFELLZVfvC6HEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8549A1ECD02436BF561EA75D866D6249
Requests: 4 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 214640E51CEBD15C9FE9128A0A5D957B
Requests: 13 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AAB93E5EC35BC4389E9B23A684D4F24D
Requests: 36 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 131AFED17C1C559E2A0237553BFC8328
Requests: 17 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3AF88EE2F852AEBC23E8CDC1F535CDAC
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN8cYdEXZKV-lQi9Ns_HlBJPjtDFX7BWuqmEA_DgsbzhWigsEq-0ofL_37dfHyBfGHjGPqfP_ywiKDXNhQPdTeex7KjBBxylYvWUHnFbAJtQ9rCPEVdZ7VyhFad6HLYL3qu9ayIy210VUxpEbfsFSBRCTK2UZBaPmT8SKwREy7hOj-zBrELYK3Q6MNMe5rIqA0MthsUvV36-QBR5zDbShtd_X0QZ87ttH9rRctn-fkk6Yj2UZbQxls4-d-hciKB816v1K6WTnjUxKOJbFvSTvuGWrjMgPL1LZ0EOovTMa3s5pN8TJ0gndTY_5lKZENIXx4td9xsmYYF19zzkt615pg_jNURtmgAQiyIQq7eWI&sai=AMfl-YRUdnplKXkIUKBhQioGvEnR32fO3Y-d0GGGgjMKvIzQMxFVgXAC4Lz_h_811SS_1GzJqOVOR0noqI-RBeM6rGj3EHFpwf8hXXDhUj-4XaYV0xz2xiJw_PTa8_-H2A8&sig=Cg0ArKJSzAeSfvrGcJ8eEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6102C908553CCEFCFC313533D0961EBA
Requests: 12 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84416E2984E81175E8467DD2292F0518
Requests: 14 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC4A3EED1E348C78CE108BB41DD5CAEE
Requests: 14 HTTP requests in this frame

Frame: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 30265481491131B553090372C8DFB72D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhiY_pK7ATAB&v=APEucNUgfjqOdXSZ3AkDlVR22SLtk9NhHpAG-Le5QRvmJf2Zu0dpciFdH-QsNFrLqF0Cf4Bw2W5thFUGz7Up8ZFdWhOHYEx_Hg
Frame ID: 53AE755D025C07D5AB08D90D3A799CA3
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Frame ID: 94A8A0D34E7DC8C943B98DC79E0D8CA6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjzupK7ATAB&v=APEucNV1J2_Kmlv-vXRsYOl-5jkoYh3amS1E6CnmRiLoMVFLhOnlcqRW3SV3VHtojBoKzO8n_D5Hd0hXc8YUZbx7WC8eTUT6WQ
Frame ID: 2FE9C26EC10DD2996A53C7C7F44D59A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjzupK7ATAB&v=APEucNWbLgkppbfDBqO945MrbW-gHpKZ4HiACY7aeHYjp6tZT5ny7itg4M9k-Jr_Ao5NtkZlsEHroxFpVHgblX_8yZVYQbRcsA
Frame ID: 65C1C8D8CB41BFB6DB24B23F083331D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 3CB8FF13A29F58AEEB8EF237FF449FAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7270E59222244651F9004BDDD2043771
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A57A79892D42799A0FAD1810A27DE418
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7E4427DC61DDB9E9A1C5EB3B41C466D9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D232C3CF1AC3E89568854B3A80C977A6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046725&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637589495513&bpp=5&bdt=191&idt=254&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&cookie=ID%3D2318900854c20a86-2212f1c5eccb00bf%3AT%3D1637589494%3AS%3DALNI_MZq1Q23M9Pt5UbPeusiQrJa39EUtg&correlator=4382389988991&frm=23&ife=4&pv=2&ga_vid=945062858.1637589495&ga_sid=1637589496&ga_hid=1027256617&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=985&ady=6753&biw=1600&bih=1200&isw=300&ish=250&ifk=2331721683&scr_x=0&scr_y=0&eid=31060566%2C31063246%2C44748553&oid=2&pvsid=896682008534951&pem=938&tmod=1078950880&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.tiwphhkcm30v&btvi=1&fsb=1&dtd=268
Frame ID: 6E439AD51C8A673D9D2A905CBE1B1FDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B9D970B58D4854948945587EBFE2E5B4
Requests: 3 HTTP requests in this frame

Frame: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&amp=false
Frame ID: 88611B6D632065AB0E03A61D29786867
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 08AA65EE619D72036160EF53EA0E908F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0DDA6D9472EE5BF15391ECB4360CB820
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 895DA646C93548B676E61270691ACE0F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DD8AAE9D6CFD0872C4EB178C462A7EF9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F86D9BC3A6E8F233253F2AF27656532C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Every 4 out of 5 Indian gamers lost Rs 7,894 to cyberattacks

Page URL History Show full URLs

https://t.co/8AczCbu0Tv Page URL
http://dlvr.it/SCc56r HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2F... Page URL
https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-exp... Page URL

Page Statistics

309
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

54
Subdomains

46
IPs

5
Countries

8572 kB
Transfer

12365 kB
Size

25
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://tamil.indianexpress.com/
Title: தமிழ்Tamil

Search URL Search Domain Scan URL

URL: https://bengali.indianexpress.com/
Title: বাংলাBangla

Search URL Search Domain Scan URL

URL: https://malayalam.indianexpress.com/
Title: മലയാളംMalayalam

Search URL Search Domain Scan URL

URL: https://www.jansatta.com/
Title: हिंदीHindi

Search URL Search Domain Scan URL

URL: https://www.loksatta.com/
Title: मराठीMarathi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/indianexpress

Search URL Search Domain Scan URL

URL: https://twitter.com/indianexpress

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&text=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks%20this%20year%3A%20Norton%20Special%20Report&via=IndianExpress

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&title=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks%20this%20year%3A%20Norton%20Special%20Report

Search URL Search Domain Scan URL

URL: https://images.indianexpress.com/2020/08/1x1.png
Title: https://images.indianexpress.com/2020/08/1x1.png

Search URL Search Domain Scan URL

URL: https://t.me/indianexpress
Title: here to join our channel (@indianexpress)

Search URL Search Domain Scan URL

URL: https://indianexpress.page.link/aeiu
Title: Indian Express App.

Search URL Search Domain Scan URL

URL: https://zoom.us/webinar/register/WN_imImGvFnRzS86Synq8VfVg

Search URL Search Domain Scan URL

URL: https://www.financialexpress.com/brand-solutions/lets-talk-sustainability-refinitiv

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/video/art-craft/
Title: Art & Craft Classes for Kids

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/video/fitness/
Title: Fitness Classes for Kids

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/video/dance/
Title: Dance Classes for Kids

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/indian-express/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/indianexpress/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.indianexpress.android&hl=en

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/the-indian-express/id506351833?mt=8

Search URL Search Domain Scan URL

URL: https://www.financialexpress.com/
Title: The Financial Express

Search URL Search Domain Scan URL

URL: https://www.inuth.com/
Title: inUth

Search URL Search Domain Scan URL

URL: https://expressgroup.indianexpress.com/
Title: The ExpressGroup

Search URL Search Domain Scan URL

URL: https://www.myinsuranceclub.com/
Title: MyInsuranceClub

Search URL Search Domain Scan URL

URL: https://rngfoundation.com/awards/
Title: Ramnath Goenka Excellence in Journalism Awards

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/
Title: Online Classes for Kids

Search URL Search Domain Scan URL

URL: https://www.lighthousejournalism.com/
Title: Light House Journalism

Search URL Search Domain Scan URL

URL: https://expressgroup.indianexpress.com/advertise.html
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: http://subscribe.indianexpress.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=indianexpress.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/8AczCbu0Tv Page URL
http://dlvr.it/SCc56r HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ct=ga&cd=CAIyGmQ3ZTRiYTlhMDllNTg5MzI6Y29tOmVuOlVT&usg=AFQjCNGwfbiFuHtwyVt-PsadGGiBHLMW7w&utm_source=dlvr.it&utm_medium=twitter Page URL
https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://dlvr.it/SCc56r HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ct=ga&cd=CAIyGmQ3ZTRiYTlhMDllNTg5MzI6Y29tOmVuOlVT&usg=AFQjCNGwfbiFuHtwyVt-PsadGGiBHLMW7w&utm_source=dlvr.it&utm_medium=twitter

Request Chain 99

https://sb.scorecardresearch.com/b?c1=2&c2=8738137&ns__t=1637589494632&ns_c=UTF-8&cv=3.5&c8=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&c9=https%3A%2F%2Fwww.google.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8738137&ns__t=1637589494632&ns_c=UTF-8&cv=3.5&c8=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&c9=https%3A%2F%2Fwww.google.com%2F

Request Chain 234

https://gcdn.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/16AE30F5FEB911DDFB0EC1D6C3C2C0450D050B01.9C477DEAA108A0991C90CF0DD76CFF6C65D72366/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C2E46E87183BE5914675CDE3CBD7B9C564FF37A.178EA604079972A5F79676D56F16D4B3C3652E21/key/cms1/cms_redirect/yes/mh/tm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edndz/ms/onc/mt/1637589217/mv/u/mvi/3/pl/48/file/file.mp4

Request Chain 236

https://gcdn.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/16AE30F5FEB911DDFB0EC1D6C3C2C0450D050B01.9C477DEAA108A0991C90CF0DD76CFF6C65D72366/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DA42105E9F1E2E14A8022E768F838D0FF656A38.6A7BB4376087D0CDD40A5A4070D5D68964DA76C1/key/cms1/cms_redirect/yes/mh/tm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edndz/ms/onc/mt/1637589217/mv/u/mvi/3/pl/48/file/file.mp4

Request Chain 244

https://gcdn.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/46D2BBB8FEAEEA7183A5BFF9B1C3E0993E136301.29D0BD31991B24328F5439BD053B56DD9D3E1440/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2543C6590B9D9F9B31170107B1ECAA80EDD53028.5C702B0E8FF25901B4F73F407BF2F1F0F9735629/key/cms1/cms_redirect/yes/mh/Vm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1637589217/mv/u/mvi/4/pl/48/file/file.mp4

309 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 8AczCbu0Tv Show response
t.co/ 257 B
683 B 136ms
120ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/8AczCbu0Tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

6f094491b1b273637401174042d10ee30e5717d1041e28863df97db3450ec80d

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 22 Nov 2021 13:58:13 GMT
vary: Origin
server: tsa_o
expires: Mon, 22 Nov 2021 14:03:13 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 193
referrer-policy: unsafe-url
content-encoding: gzip
x-xss-protection: 0
content-security-policy: referrer always;
strict-transport-security: max-age=0
x-response-time: 114
x-connection-hash: 86e7a3dc9a8655df736b2291d8ba85c1c00e86dd094ac45d35dde0bf74d57d5a

GET
H2

200

url Show response
www.google.com/
Redirect Chain

http://dlvr.it/SCc56r
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-r...

1 KB
1001 B

61ms
39ms

Document
text/html

2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ct=ga&cd=CAIyGmQ3ZTRiYTlhMDllNTg5MzI6Y29tOmVuOlVT&usg=AFQjCNGwfbiFuHtwyVt-PsadGGiBHLMW7w&utm_source=dlvr.it&utm_medium=twitter

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1361f53aec79b71880b6965f4bb5ac3edeca39e173736ebcebe5e1282f1781f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/8AczCbu0Tv

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Date: Mon, 22 Nov 2021 13:58:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Location: https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ct=ga&cd=CAIyGmQ3ZTRiYTlhMDllNTg5MzI6Y29tOmVuOlVT&usg=AFQjCNGwfbiFuHtwyVt-PsadGGiBHLMW7w&utm_source=dlvr.it&utm_medium=twitter
Cache-Control: private; max-age=90
X-Backend-Server: web01.web

GET
H2 200 Primary Request / Show response
indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/ 106 KB
24 KB 57ms
31ms Document
text/html 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Requested by: Host: www.google.com
URL: https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ct=ga&cd=CAIyGmQ3ZTRiYTlhMDllNTg5MzI6Y29tOmVuOlVT&usg=AFQjCNGwfbiFuHtwyVt-PsadGGiBHLMW7w&utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: 5be9fa274bd6ff4d7f74dd01c37ea07eccfe55f5d1b1391a7e06ad4a5196e225

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/

Response headers

server: nginx
content-type: text/html; charset=UTF-8
content-length: 23942
x-mobile-class: desktop
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://indianexpress.com/wp-json/>; rel="https://api.w.org/" <https://indianexpress.com/?p=7625715>; rel=shortlink
x-rq: hhn1 0 2 9980
content-encoding: gzip
accept-ranges: bytes
cache-control: must-revalidate, max-age=300
date: Mon, 22 Nov 2021 13:58:14 GMT
vary: Accept-Encoding

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 52ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1051 / 868 of 1000 / last-modified: 1637582729"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26883
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 13:58:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 39ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Condensed:400,700|Droid+Serif:400,700&display=swap

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

857f2bc19c0e2b74db1a86cf75ae39e2f1bbdbaf4247b51c1a9c2a0d1ab0430b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 13:36:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 13:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 13:58:14 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v13/ 22 KB
22 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 07:55:00 GMT
x-content-type-options: nosniff
age: 540194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22492
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 07:55:00 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 25 KB
26 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:11:31 GMT
x-content-type-options: nosniff
age: 470803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25984
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 03:11:31 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19-7DQk6YvNkeg.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 10 KB
10 KB 41ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19-7DQk6YvNkeg.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da5bcd12ad3a05776199adb2edd408b409e316810f9787b456ab6657c9cf2441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:07 GMT
x-content-type-options: nosniff
age: 260347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10556
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:07 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DQk6YvNkeg.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 7 KB
7 KB 44ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DQk6YvNkeg.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f48eb72fe38135c113ed66a6aff33e72113d34310ece2a12c16202990258ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:48:53 GMT
x-content-type-options: nosniff
age: 259761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6712
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:41 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:48:53 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-1967DQk6YvNkeg.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 796 B
913 B 43ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-1967DQk6YvNkeg.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c41cf7e3b9a26e23a5cadbca346cec8ca102891359d1df6b0123401f69d51e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:54:51 GMT
x-content-type-options: nosniff
age: 507803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 796
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 16:54:51 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DQk6YvNkeg.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 5 KB
5 KB 44ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DQk6YvNkeg.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06196fadd1d067e62636f730631319a131e06c8c65625d455e27f6dd50753c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:42:50 GMT
x-content-type-options: nosniff
age: 260124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5020
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:42:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DQk6YvNkeg.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 3 KB
4 KB 45ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DQk6YvNkeg.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af19c3a82e5f292ef463eb58b880ebce62145fa12f0d0e4b2fffd0d105175b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 07:56:12 GMT
x-content-type-options: nosniff
age: 540122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3580
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 07:56:12 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 11 KB
11 KB 45ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:07:14 GMT
x-content-type-options: nosniff
age: 294660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10968
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 04:07:14 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCkYb9lecyVC4A.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 10 KB
10 KB 45ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCkYb9lecyVC4A.woff2

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79bfecda7a16e1b51b6c0095a7bf5cfc3aec6073c1b87ca202fe56175f9d4362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:37:18 GMT
x-content-type-options: nosniff
age: 577256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10524
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 21:37:18 GMT

GET
H2 200 /
indianexpress.com/_static/ 2 KB
1008 B 8ms
7ms Stylesheet
text/css 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/_static/??/wp-content/themes/indianexpress/style/evolok/ev-em.min.css,/wp-content/themes/indianexpress/style/share.css?m=1637577836
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d86a6065ecd6bfa453211689af94579b5f93bf0c6bf8761045c4d13b688ef4ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 10:43:56 GMT
server: nginx
date: Mon, 22 Nov 2021 13:58:14 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=297
accept-ranges: bytes
content-length: 840

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5df7f6f64b314fdf6b880f4af5882d8b276c9272dbb03757dcb2598046e33b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 13:44:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 13:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 13:58:14 GMT

GET
H2 200 /
indianexpress.com/_static/ 286 KB
54 KB 16ms
15ms Stylesheet
text/css 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9d86160a354c9cb0fea4f44ea4d25c6285ce784cb6bd15519e1d9159c7bcc8bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 05:23:43 GMT
server: nginx
date: Mon, 22 Nov 2021 13:58:14 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
content-length: 55442

GET
H2 200 jquery.min.js Show response
indianexpress.com/wp-includes/js/jquery/ 87 KB
31 KB 10ms
9ms Script
application/javascript 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 19:21:21 GMT
server: nginx
etag: W/"617c49b1-15db1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2197654
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 31148
expires: Sat, 18 Dec 2021 00:25:48 GMT

GET
H2 200 jquery-migrate.min.js Show response
indianexpress.com/wp-includes/js/jquery/ 11 KB
4 KB 12ms
12ms Script
application/javascript 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 19:21:21 GMT
server: nginx
etag: W/"617c49b1-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2197654
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 4176
expires: Sat, 18 Dec 2021 00:25:48 GMT

GET
H2 200 slick.min.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/vendor/ 39 KB
10 KB 15ms
14ms Script
application/javascript 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/vendor/slick.min.js?ver=17092019.1
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9027c08fab8b14e38e1b2148efc47da27cef607a11109c07c2f8ed583ae853a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 12:34:01 GMT
server: nginx
etag: W/"61813039-9cd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2174444
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 9818
expires: Fri, 17 Dec 2021 17:58:58 GMT

GET
H2 200 fb-followus.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 1 KB
681 B 34ms
26ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/fb-followus.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 1c3fffe143ad0ce81d60e95e6f6c72b8799587e0211c49e6c4b7efb25ba6c016

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: mad1 0 2 9980
content-encoding: br
last-modified: Mon, 09 Aug 2021 12:04:57 GMT
server: Akamai Resource Optimizer
etag: W/"6110e708-41d"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 474
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 twitter-followus.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 2 KB
923 B 61ms
54ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/twitter-followus.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 49919cdd76bb75af97102773b75d9b766922863883afcc28ad868b31d4beb6ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Mon, 12 Jul 2021 03:35:00 GMT
server: Akamai Resource Optimizer
etag: W/"5e722478-641"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 716
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 indian-express-logo-n.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 8 KB
2 KB 82ms
75ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/indian-express-logo-n.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 4984a12a4e2268fb4e8104ec4b208d4ceb597fa6ebc3529924eed8602a29ba49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: bom1 118 184 3244
content-encoding: br
last-modified: Thu, 17 Jun 2021 15:56:41 GMT
server: Akamai Resource Optimizer
etag: W/"607372ba-1f52"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 2206
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 theindianexpress-logo-n.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 7 KB
2 KB 92ms
84ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/theindianexpress-logo-n.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: acf8c914a144367e2406a598cf26b14ba5f556c7ea28fb38d5fe4cff6f140759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hkg1 0 2 9980
content-encoding: br
last-modified: Tue, 10 Aug 2021 04:14:09 GMT
server: Akamai Resource Optimizer
etag: W/"6110e708-1b89"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 1805
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 facebook.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 949 B
694 B 107ms
100ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/facebook.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 67247b5cc3929dc20447c5740d39df6d8d3947a51d0f0fd9ada6ff3a6aa0c227

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: nrt1 0 2 9980
content-encoding: br
last-modified: Tue, 20 Jul 2021 12:05:06 GMT
server: Akamai Resource Optimizer
etag: W/"5f00d2fc-3b5"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 487
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 twitter.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 1 KB
964 B 128ms
120ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/twitter.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: ff305d664ec6c12ad16d8f10b6f57f90274c619d902ca293d7ca12c8e40dde15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: bur7 0 2 9980
content-encoding: br
last-modified: Sat, 14 Aug 2021 04:23:07 GMT
server: Akamai Resource Optimizer
etag: W/"6111117f-5ec"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 757
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 reddit.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 2 KB
1020 B 156ms
149ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/reddit.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: b30132c70cb4020f3d9a78e99f3612dfed77573407108d8c8784adde1c642bf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Thu, 19 Aug 2021 04:45:21 GMT
server: Akamai Resource Optimizer
etag: W/"611a2be4-749"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 813
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 1x1.trans.gif
indianexpress.com/wp-content/plugins/lazy-load/images/ 42 B
224 B 200ms
193ms Image
image/gif 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 114 11 3110
last-modified: Sun, 27 Dec 2020 20:02:36 GMT
server: nginx
etag: "5fe8e85c-2a"
content-type: image/gif
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 42
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 newsguard-check.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 556 B
535 B 266ms
259ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/newsguard-check.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: be7a0d43b9d11f65be9372ff5106512f9bdce581ae2b224a9b89123b20a44882

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Fri, 06 Aug 2021 08:31:29 GMT
server: Akamai Resource Optimizer
etag: W/"61080b8f-22c"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 328
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 newsGuard_logo.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 3 KB
1 KB 328ms
321ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/newsGuard_logo.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 3dee579082b075f323ebd0d5309ac8aa86df82118da75c8b27296acef81229b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: atl3 0 2 9980
content-encoding: br
last-modified: Fri, 06 Aug 2021 11:08:59 GMT
server: Akamai Resource Optimizer
etag: W/"61092aa0-b57"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 1327
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 GE-300x100-creative-1.jpg
images.indianexpress.com/2021/08/ 7 KB
7 KB 626ms
590ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/GE-300x100-creative-1.jpg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: c0102b5dad30615171cb27dcafeb7c4c3eddec38fee9cdd7637f14572f35c97b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 45
x-image-server-store-time: 1637225016
etag: "a6e9a94f0994e1c1"
x-image-server-cost-real: 18217
x-image-server-cpu-estimate: 24
x-image-server-response: request-6693087-83216595-cd0bea5
x-image-server-cost-estimate: 15213
content-length: 6805
x-image-server-product: AIC
last-modified: Thu, 18 Nov 2021 08:43:03 GMT
server: Akamai Image Server
x-image-server-cpu-real: 14
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 300
x-im-original-width: 300
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 25862
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 27
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 GE-300x100-1a.jpg
images.indianexpress.com/2021/08/ 5 KB
6 KB 630ms
594ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/GE-300x100-1a.jpg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 0c41ff30d6ca6f3c5df722c3cb820075ecb0892b8d340c0bd623044677086acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 26
x-image-server-store-time: 1637231275
etag: "2aecd45f404440e2"
x-image-server-cost-real: 14840
x-image-server-cpu-estimate: 22
x-image-server-response: request-802509-39749956-cee08f1
x-image-server-cost-estimate: 14840
content-length: 5344
x-image-server-product: AIC
last-modified: Thu, 18 Nov 2021 10:26:44 GMT
server: Akamai Image Server
x-image-server-cpu-real: 20
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 300
x-im-original-width: 300
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 15334
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 33
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 01-graphic-300x100-1-1.jpg
images.indianexpress.com/2021/08/ 7 KB
8 KB 652ms
616ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/01-graphic-300x100-1-1.jpg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 53d41f58a5a0769bd8745675ccfdeee69d83658fd3fa20a9f809e6522282db74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 54
x-image-server-store-time: 1637154913
etag: "6131baed16a68b9d"
x-image-server-cost-real: 24026
x-image-server-cpu-estimate: 20
x-image-server-response: request-817683-04870841-a800bfc
x-image-server-cost-estimate: 24026
content-length: 7450
x-image-server-product: AIC
last-modified: Wed, 17 Nov 2021 13:14:20 GMT
server: Akamai Image Server
x-image-server-cpu-real: 22
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 300
x-im-original-width: 300
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 35720
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 165
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 300x100-4.jpg
images.indianexpress.com/2021/08/ 8 KB
8 KB 653ms
618ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/300x100-4.jpg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 70e6089b5b9dca69eef035f82b211576e5e6d6489ca2e7ab78a07ae7db747466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 22
x-image-server-store-time: 1636358162
etag: "0222238851c36cf8"
x-image-server-cost-real: 15426
x-image-server-cpu-estimate: 18
x-image-server-response: request-2958477-30822369-960eef4
x-image-server-cost-estimate: 14043
content-length: 7943
x-image-server-product: AIC
last-modified: Mon, 08 Nov 2021 07:38:57 GMT
server: Akamai Image Server
x-image-server-cpu-real: 25
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 300
x-im-original-width: 300
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 49853
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 18
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 refinitiv-300x100-1.jpg
images.indianexpress.com/2021/08/ 9 KB
9 KB 633ms
598ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/refinitiv-300x100-1.jpg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 3b085dc0997098eb528dacd4f7c64cfa6d13aeffcb9025c5687e96a3c8615626

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 14
x-image-server-store-time: 1636374859
etag: "e764c4f70a6435ce"
x-image-server-cost-real: 13368
x-image-server-cpu-estimate: 32
x-image-server-response: request-250215-02608275-13129cfd
x-image-server-cost-estimate: 13368
content-length: 9180
x-image-server-product: AIC
last-modified: Mon, 08 Nov 2021 12:33:35 GMT
server: Akamai Image Server
x-image-server-cpu-real: 16
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 300
x-im-original-width: 300
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 41423
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 29
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 TC-C825-review-1.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 646ms
611ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/TC-C825-review-1.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 3adb5f1b6b7fa9bbb2566416ee54c605783d4f9041d09b29fe0dd26e7c633191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 44
x-image-server-store-time: 1637573578
etag: "0aa3d3a89fc86c1a"
x-image-server-cost-real: 17476
x-image-server-cpu-estimate: 16
x-image-server-response: request-2987073-07422338-8626283
x-image-server-cost-estimate: 13390
content-length: 3487
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 09:32:57 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 3487
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 21
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Airtel-Express-Photo.jpg
images.indianexpress.com/2021/11/ 3 KB
3 KB 587ms
587ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Airtel-Express-Photo.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: d20ecc3c9e73b01450272f39afe0228dc737ccf9c21d5aa5b643c057da2f8ab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 85
x-image-server-store-time: 1637555207
etag: "60034c6dc7ce6d3f"
x-image-server-cost-real: 29727
x-image-server-cpu-estimate: 16
x-image-server-response: request-3151531-75627182-5a32c14
x-image-server-cost-estimate: 14165
content-length: 2920
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 04:26:46 GMT
server: Akamai Image Server
x-image-server-cpu-real: 14
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4683
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 21
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 iphone-12-2.jpg
images.indianexpress.com/2021/11/ 3 KB
3 KB 28ms
27ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/iphone-12-2.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 4bd883ad0cff79a693c47400802ec7e5787596d0b303d6822e2a7c162b91ff11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 14
x-image-server-store-time: 1637566431
etag: "062390c55913fd2f"
x-image-server-cost-real: 14236
x-image-server-cpu-estimate: 25
x-image-server-response: request-2986311-55793586-a619dcf
x-image-server-cost-estimate: 14236
content-length: 2729
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 07:33:25 GMT
server: Akamai Image Server
x-image-server-cpu-real: 18
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4568
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 19
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Facebook_Instagram_AP_1.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 25ms
25ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Facebook_Instagram_AP_1.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 2e81779d04f48c0b0a38ffa0aab2cfd228f5cbe81e6d12c55c6458930eac937e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 16
x-image-server-store-time: 1637566431
etag: "f39acf09d92e0c71"
x-image-server-cost-real: 15108
x-image-server-cpu-estimate: 25
x-image-server-response: request-2991582-47021062-bdd51d9
x-image-server-cost-estimate: 15108
content-length: 3209
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 07:33:25 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3218
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 25
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 WhatsApp-Image-2021-09-08-at-12.14.02-PM.jpeg
images.indianexpress.com/2021/09/ 8 KB
8 KB 13ms
13ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/09/WhatsApp-Image-2021-09-08-at-12.14.02-PM.jpeg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: c97ccb301c4f17329a72cca32c49b7cfa9a4015d3a108f27c954808b18fbf2ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 16
x-image-server-store-time: 1631085119
etag: "3fa9e2c45c2e7979"
x-image-server-cost-real: 15105
x-image-server-cpu-estimate: 16
x-image-server-response: request-4938446-65576916-ae5ea05
x-image-server-cost-estimate: 15105
content-length: 7688
x-image-server-product: AIC
last-modified: Wed, 08 Sep 2021 07:10:48 GMT
server: Akamai Image Server
x-image-server-cpu-real: 27
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 7688
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 30
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 9fbb10bc-be28-4695-bdd7-2c5f66b2d30c.jpg
images.indianexpress.com/2021/09/ 11 KB
12 KB 12ms
11ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/09/9fbb10bc-be28-4695-bdd7-2c5f66b2d30c.jpg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 6a1f7a22635852e7bc951f63969f071ef13e43a63ce63466844e8dc46a0525e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 60
x-image-server-store-time: 1630740204
etag: "fa5d7e16d966597e"
x-image-server-cost-real: 26312
x-image-server-cpu-estimate: 32
x-image-server-response: request-2064446-68562245-1347eb0d
x-image-server-cost-estimate: 18454
content-length: 11354
x-image-server-product: AIC
last-modified: Sat, 4 Sep 2021 07:23:23 GMT
server: Akamai Image Server
x-image-server-cpu-real: 26
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 11354
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 25
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 samsung-galaxy-featured.jpeg
images.indianexpress.com/2021/08/ 18 KB
18 KB 12ms
11ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/samsung-galaxy-featured.jpeg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 742dbc7d27a84eed3e863ede50b9c805e8dd100de0bca8350aa19e0b7ae6c469

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 39
x-image-server-store-time: 1629475832
etag: "120f90a8af181f3d"
x-image-server-cost-real: 38381
x-image-server-cpu-estimate: 52
x-image-server-response: request-720181-16020584-28a2e159
x-image-server-cost-estimate: 38381
content-length: 18119
x-image-server-product: AIC
last-modified: Fri, 20 Aug 2021 16:09:54 GMT
server: Akamai Image Server
x-image-server-cpu-real: 56
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: no-transform, max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 20973
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 74
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 93805306-5c05-4e14-ae10-c295d584ee70.jpg
images.indianexpress.com/2021/08/ 4 KB
5 KB 11ms
11ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/93805306-5c05-4e14-ae10-c295d584ee70.jpg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 7aac0d9430e944f82379fba6fb642aec2e7e7ae2595c112d48037b1215c749a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 20
x-image-server-store-time: 1629195222
etag: "accc27b32a6ec914"
x-image-server-cost-real: 24784
x-image-server-cpu-estimate: 50
x-image-server-response: request-4475376-68346693-21c4eddc
x-image-server-cost-estimate: 24784
content-length: 4545
x-image-server-product: AIC
last-modified: Tue, 17 Aug 2021 10:10:31 GMT
server: Akamai Image Server
x-image-server-cpu-real: 24
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: no-transform, max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 4545
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 45
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 366320ba-a75c-4aa7-91d0-2b0bfa31d883.jpg
images.indianexpress.com/2021/08/ 11 KB
11 KB 10ms
9ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/366320ba-a75c-4aa7-91d0-2b0bfa31d883.jpg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 135821744dedd4cf0c6443a53e58d9dabb01de0a6de308643f9957c43f7dfdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 113
x-image-server-store-time: 1628855311
etag: "e2aac07166419f4d"
x-image-server-cost-real: 49285
x-image-server-cpu-estimate: 30
x-image-server-response: request-2950702-11860862-366342ef
x-image-server-cost-estimate: 24096
content-length: 10818
x-image-server-product: AIC
last-modified: Fri, 13 Aug 2021 11:48:30 GMT
server: Akamai Image Server
x-image-server-cpu-real: 34
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: no-transform, max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 10818
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 47
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 nawab-malik-1-1-1-1.jpeg
images.indianexpress.com/2021/10/ 3 KB
4 KB 10ms
10ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/10/nawab-malik-1-1-1-1.jpeg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 0d09bcb8e0086007da2e0957db48a7861313fb2ad491c55a5aa8a2bc05351461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 21
x-image-server-store-time: 1637586080
etag: "d458258b10b1c477"
x-image-server-cost-real: 18418
x-image-server-cpu-estimate: 25
x-image-server-response: request-3202882-72672718-7e40f19
x-image-server-cost-estimate: 18418
content-length: 3397
x-image-server-product: AIC
last-modified: Sun, 07 Nov 2021 22:13:36 GMT
server: Akamai Image Server
x-image-server-cpu-real: 19
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3417
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 32
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 N-V-Ramana-2-1-1.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 10ms
10ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/N-V-Ramana-2-1-1.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 0f569d185f0f4544923e8fb9a3738dfb89641e5b09efa261e4212d7506a1c351

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 143
x-image-server-store-time: 1637587211
etag: "567aca66b88edd65"
x-image-server-cost-real: 48601
x-image-server-cpu-estimate: 25
x-image-server-response: request-3021466-23405887-6e35bdb
x-image-server-cost-estimate: 16599
content-length: 3191
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 13:20:10 GMT
server: Akamai Image Server
x-image-server-cpu-real: 20
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3200
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 21
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Annaatthe-box-office-1200-2.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 8ms
8ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Annaatthe-box-office-1200-2.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: fce3f2edfcbc1f8f2a481b0c51eef3422baed06801b5842257b742249b34b82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 16
x-image-server-store-time: 1637550445
etag: "7a5b4af6b0de4b06"
x-image-server-cost-real: 13044
x-image-server-cpu-estimate: 16
x-image-server-response: request-2810255-18450324-b82699e
x-image-server-cost-estimate: 13044
content-length: 3644
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 03:06:53 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4103
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 15
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 madhavi-gogate-1200-2.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 8ms
8ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/madhavi-gogate-1200-2.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: d720fa104347e74458680a4c87a74570bbbd1afa137d8d941de8dde98484aa0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 87
x-image-server-store-time: 1637571824
etag: "668483a205288d9f"
x-image-server-cost-real: 30097
x-image-server-cpu-estimate: 24
x-image-server-response: request-91849-39706291-8b874ab
x-image-server-cost-estimate: 15158
content-length: 3664
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 09:03:43 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 11234
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 23
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Tiger-crosses-road-in-Khammam-district-of-Telangana.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 9ms
9ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Tiger-crosses-road-in-Khammam-district-of-Telangana.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 9c48b9e8a644e6b176799b8e1b14377dbaf3b1acfaebdedde869a7887c78e688

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 45
x-image-server-store-time: 1637578374
etag: "4dd81d4c93a7460c"
x-image-server-cost-real: 17586
x-image-server-cpu-estimate: 20
x-image-server-response: request-3022877-14872532-8d3352f
x-image-server-cost-estimate: 11523
content-length: 3799
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 10:52:19 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 9305
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 24
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Police-officer-rescues-stranded-priest-during-Andhra-Pradesh-floods.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 13ms
13ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Police-officer-rescues-stranded-priest-during-Andhra-Pradesh-floods.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 0cf2414a30c24da458e2f3f20b7fb2ff4e6c37dac6ab93fe4466bd82b24c7fbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 17
x-image-server-store-time: 1637578436
etag: "33afc77ffc8cb780"
x-image-server-cost-real: 14687
x-image-server-cpu-estimate: 17
x-image-server-response: request-2918887-07948214-aa6c2c2
x-image-server-cost-estimate: 14687
content-length: 3376
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 10:53:14 GMT
server: Akamai Image Server
x-image-server-cpu-real: 16
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 10911
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 18
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 kerala-blasters.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 12ms
12ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/kerala-blasters.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 3d24fe79c706829a5a574b236e8d413bc16d2e902586e5028de98701f72940c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 19
x-image-server-store-time: 1637575730
etag: "138e86dcb49d6cbb"
x-image-server-cost-real: 15949
x-image-server-cpu-estimate: 25
x-image-server-response: request-1568796-84696099-9f8782b
x-image-server-cost-estimate: 15949
content-length: 4067
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 10:08:38 GMT
server: Akamai Image Server
x-image-server-cpu-real: 20
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4945
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 26
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Tamil-Nadu.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 16ms
16ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Tamil-Nadu.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 83ccce4670bd42c28b2dd26a61ea5ce8493280109140a2f6b3075b82da66ac41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 55
x-image-server-store-time: 1637582654
etag: "ffbb4a933269a307"
x-image-server-cost-real: 21634
x-image-server-cpu-estimate: 26
x-image-server-response: request-2998172-59171627-6f0fdd1
x-image-server-cost-estimate: 12547
content-length: 3938
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 12:04:13 GMT
server: Akamai Image Server
x-image-server-cpu-real: 15
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4466
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 23
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Opinion-1-2021-11-22T101706.424.jpg
images.indianexpress.com/2021/11/ 4 KB
5 KB 17ms
17ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Opinion-1-2021-11-22T101706.424.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: f36146cad5142a6dd0e90e1da20fb52f11fae5150dca8ec5c41bb9e98d730239

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 51
x-image-server-store-time: 1637556950
etag: "c3e310f1729a91c5"
x-image-server-cost-real: 19123
x-image-server-cpu-estimate: 21
x-image-server-response: request-3198942-79916881-7c12673
x-image-server-cost-estimate: 11928
content-length: 4314
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 04:55:49 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 10820
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 13
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Sensex-1.jpg
images.indianexpress.com/2021/11/ 2 KB
3 KB 16ms
16ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Sensex-1.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 4ab429c88eb98edc8bdd668e6ce93c1d38d2bb8965a7e98e8480f2130bcf5fe3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 36
x-image-server-store-time: 1637570522
etag: "7a65bafbea05b870"
x-image-server-cost-real: 14881
x-image-server-cpu-estimate: 16
x-image-server-response: request-2870823-78824500-1475e1db
x-image-server-cost-estimate: 12850
content-length: 2150
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 08:41:33 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 2150
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 17
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 cardi-b-4.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 14ms
13ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/cardi-b-4.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 93bdf6d56dd85d97f055218e25cb243456d21f053d0f1e5720f2e2c49371d717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 26
x-image-server-store-time: 1637577058
etag: "89f94070992cb228"
x-image-server-cost-real: 14958
x-image-server-cpu-estimate: 22
x-image-server-response: request-3224879-49019514-c15eef6
x-image-server-cost-estimate: 14958
content-length: 3340
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 10:30:49 GMT
server: Akamai Image Server
x-image-server-cpu-real: 18
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 6876
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 19
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 SRK-1.jpg
images.indianexpress.com/2021/11/ 2 KB
3 KB 9ms
9ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/SRK-1.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 9dddc27fdd4fca56fa0a6307a3e2a77189e6eec543a188730aad40c34f635f72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 51
x-image-server-store-time: 1637579561
etag: "4c3e09ba2a8cb35f"
x-image-server-cost-real: 21587
x-image-server-cpu-estimate: 17
x-image-server-response: request-3093533-67565728-829f91a
x-image-server-cost-estimate: 14338
content-length: 2159
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 11:12:40 GMT
server: Akamai Image Server
x-image-server-cpu-real: 19
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 2417
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 17
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 rahul-dravid-rohit-sharma.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 9ms
9ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/rahul-dravid-rohit-sharma.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 5b6d850dfe36b361b3256f9f9fb74f306a470e097da8ac774290657b8486b513

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 80
x-image-server-store-time: 1637539992
etag: "94b4f7c195edca7c"
x-image-server-cost-real: 27625
x-image-server-cpu-estimate: 21
x-image-server-response: request-3126224-48290629-9cf7bd7
x-image-server-cost-estimate: 18483
content-length: 3229
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 00:13:11 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 6918
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 33
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 zverev-atp-finals.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 7ms
7ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/zverev-atp-finals.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: fcf976924376619b1e9c09d4cc47206161f9feafcd7db383aeb6f6a46ce75a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 93
x-image-server-store-time: 1637539992
etag: "7119d56a029c4454"
x-image-server-cost-real: 33410
x-image-server-cpu-estimate: 46
x-image-server-response: request-7169654-98867077-7e283b8
x-image-server-cost-estimate: 17682
content-length: 3323
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 00:13:11 GMT
server: Akamai Image Server
x-image-server-cpu-real: 18
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 7207
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 29
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 india-vs-new-zealand-10.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 13ms
9ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/india-vs-new-zealand-10.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 419429610cf4f4baa6c8270440e0ee7eea0ffacb7d3ec84d683610ca911470a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 28
x-image-server-store-time: 1637518362
etag: "76999d3025438014"
x-image-server-cost-real: 18151
x-image-server-cpu-estimate: 18
x-image-server-response: request-1837722-69252386-6a39238
x-image-server-cost-estimate: 18151
content-length: 3387
x-image-server-product: AIC
last-modified: Sun, 21 Nov 2021 18:12:27 GMT
server: Akamai Image Server
x-image-server-cpu-real: 16
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 7563
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 24
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 FEuoqUOVIAQXQFH.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 14ms
10ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/FEuoqUOVIAQXQFH.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: e97e116402211cff15d03df9b4fd35416ad562c5084d83b6297fdb947a344e8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 13
x-image-server-store-time: 1637539992
etag: "4e502e19aa23dd1d"
x-image-server-cost-real: 13477
x-image-server-cpu-estimate: 22
x-image-server-response: request-3348446-67960782-cb4ae9f
x-image-server-cost-estimate: 13477
content-length: 3940
x-image-server-product: AIC
last-modified: Sun, 21 Nov 2021 23:41:08 GMT
server: Akamai Image Server
x-image-server-cpu-real: 11
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 8454
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 24
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 63f51bc9-b49d-4b9e-a72c-9b9067be8d6e.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 15ms
12ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/63f51bc9-b49d-4b9e-a72c-9b9067be8d6e.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 703b80e3a3a93b91a303a27c4476029afa1b1e0c374792daa6e72eebd0984b82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 62
x-image-server-store-time: 1637529247
etag: "27a29dcd489e0272"
x-image-server-cost-real: 23772
x-image-server-cpu-estimate: 24
x-image-server-response: request-1626938-13495947-650c04f
x-image-server-cost-estimate: 22437
content-length: 3734
x-image-server-product: AIC
last-modified: Sun, 21 Nov 2021 21:14:06 GMT
server: Akamai Image Server
x-image-server-cpu-real: 16
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 7833
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 43
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 unmukt-chand.jpg
images.indianexpress.com/2021/11/ 4 KB
4 KB 13ms
13ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/unmukt-chand.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: fd3d736519aabe42b50b6e82fa4dcf0ff56e91e6b86a5277c1f059a3b8ac5dc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 72
x-image-server-store-time: 1637539992
etag: "b47f4d1556d75a88"
x-image-server-cost-real: 24772
x-image-server-cpu-estimate: 17
x-image-server-response: request-1504180-56771605-11d14f2b
x-image-server-cost-estimate: 11943
content-length: 3707
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 00:13:11 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3714
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 55
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 lewis-hamilton-qatar-gp.jpg
images.indianexpress.com/2021/11/ 3 KB
3 KB 14ms
14ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/lewis-hamilton-qatar-gp.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 4b3c8ba49573c192f1aba9a15e97ae789781a183b725e9a86b3fd966678a3f3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 27
x-image-server-store-time: 1637539992
etag: "f5044a4881fd7faa"
x-image-server-cost-real: 15540
x-image-server-cpu-estimate: 20
x-image-server-response: request-1573532-15824466-16bdbec
x-image-server-cost-estimate: 15540
content-length: 2789
x-image-server-product: AIC
last-modified: Mon, 22 Nov 2021 00:13:03 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 5832
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 50
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 jail-break.jpg
images.indianexpress.com/2021/11/ 2 KB
3 KB 15ms
14ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/jail-break.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 357a6b78648baa6c8a3007ecdde9c3fbbecb294a01cfea516f85f157380bcebd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 112
x-image-server-store-time: 1637518288
etag: "6f95e6b45863352c"
x-image-server-cost-real: 80559
x-image-server-cpu-estimate: 30
x-image-server-response: request-2630703-64414426-942527c
x-image-server-cost-estimate: 34984
content-length: 2432
x-image-server-product: AIC
last-modified: Sun, 21 Nov 2021 18:11:27 GMT
server: Akamai Image Server
x-image-server-cpu-real: 37
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 2585
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 62
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 Pankaja-Munde.jpg
images.indianexpress.com/2021/11/ 3 KB
3 KB 8ms
8ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/Pankaja-Munde.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 7b0c3a8aff9e900e3591ff092e0b0b58c17b659bda9792094e9c3683bdf2c73e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 88
x-image-server-store-time: 1637520732
etag: "561434076a3fdcdd"
x-image-server-cost-real: 36211
x-image-server-cpu-estimate: 39
x-image-server-response: request-8973715-21995173-114dc2ee
x-image-server-cost-estimate: 24684
content-length: 2921
x-image-server-product: AIC
last-modified: Sun, 21 Nov 2021 18:52:11 GMT
server: Akamai Image Server
x-image-server-cpu-real: 28
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 2930
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 49
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 police-2.jpg
images.indianexpress.com/2021/11/ 3 KB
4 KB 8ms
8ms Image
image/jpeg 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/11/police-2.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: d288d182b1e0e96c17ebe31148058175e2a64aee99dcea5e5ca2c0439b9c690b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-image-server-fetch-real: 81
x-image-server-store-time: 1637518278
etag: "0d3522a061997cb1"
x-image-server-cost-real: 28496
x-image-server-cpu-estimate: 15
x-image-server-response: request-2928833-58481858-12cd49f2
x-image-server-cost-estimate: 13305
content-length: 3540
x-image-server-product: AIC
last-modified: Sun, 21 Nov 2021 18:11:17 GMT
server: Akamai Image Server
x-image-server-cpu-real: 14
date: Mon, 22 Nov 2021 13:58:15 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3700
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 16
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 icon-facebook.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 757 B
598 B 389ms
386ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-facebook.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 9b0ac7450c1b5a96493c9a1e8a5aa0901a65bddb920971a47048f0c898d8dfbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hkg1 0 2 9980
content-encoding: br
last-modified: Thu, 05 Aug 2021 08:39:47 GMT
server: Akamai Resource Optimizer
etag: W/"610783a6-2f5"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 391
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 icon-twitter.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
782 B 435ms
432ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-twitter.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 67dd353d1a77cd00fcb937ba3ad7a6b4f9095547c35682ce4fde80ed6332fa4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: ams7 0 2 9980
content-encoding: br
last-modified: Fri, 16 Jul 2021 18:24:29 GMT
server: Akamai Resource Optimizer
etag: W/"5f888673-4b4"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 574
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 icon-linkedin.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
852 B 481ms
479ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-linkedin.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a8ba66d5e0cc38107ffab4352e68d139570aad3d1aa7eeb8457c0518ba52cb2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hkg1 0 2 9980
content-encoding: br
last-modified: Fri, 06 Aug 2021 20:01:33 GMT
server: Akamai Resource Optimizer
etag: W/"61092aa0-54f"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 645
expires: Tue, 22 Nov 2022 13:58:14 GMT

GET
H2 200 icon-instagram.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
812 B 521ms
518ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-instagram.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: f002a1169985148fa2dadff4fda87dbc16de1390417fa2cf7dfa166d955c1b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Thu, 19 Aug 2021 11:26:39 GMT
server: Akamai Resource Optimizer
etag: W/"611a2e55-592"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:15 GMT
accept-ranges: bytes
content-length: 605
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 icon-android.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
712 B 552ms
549ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-android.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 040f199e2a426e829e7dc4d557ead78c86d4de8514d6ab7b1e97af7193d52d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: br
last-modified: Tue, 10 Aug 2021 07:26:54 GMT
server: Akamai Resource Optimizer
etag: W/"6110e708-550"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:15 GMT
accept-ranges: bytes
content-length: 505
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 icon-apple.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
816 B 588ms
586ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-apple.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: b6d791a798646b7ca067a07062142454cf67b0b0d1b1ed9743632a4c45660702

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: arn1 0 2 9980
content-encoding: br
last-modified: Fri, 13 Aug 2021 12:32:09 GMT
server: Akamai Resource Optimizer
etag: W/"61121fb1-526"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:15 GMT
accept-ranges: bytes
content-length: 610
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 newsguard-logo-w.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 3 KB
2 KB 608ms
605ms Image
image/svg+xml 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/newsguard-logo-w.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 54b1f1a011f102d2c6581b702a4351f9baf8f32d9925c5b8f89359da728790f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Mon, 16 Aug 2021 06:45:31 GMT
server: Akamai Resource Optimizer
etag: W/"61124e51-c09"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:15 GMT
accept-ranges: bytes
content-length: 1344
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 404 vip-powered-dark-small.png
s1.wp.com/wp-content/themes/vip/plugins/vip-do-not-include-on-wpcom/vip-powered-wpcom/images/ 0
0 38ms
6ms Image
text/html 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.wp.com/wp-content/themes/vip/plugins/vip-do-not-include-on-wpcom/vip-powered-wpcom/images/vip-powered-dark-small.png?m=1401974073h
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 page-ad-codes.js Show response
indianexpress.com/wp-content/plugins/express-ad-code-manager/js/ 3 KB
1 KB 7ms
7ms Script
application/javascript 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/plugins/express-ad-code-manager/js/page-ad-codes.js?ver=18082021.0
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4264bee32a14c5019bb345c12fdf8c8e96e7405ae794b15d3ccbf52130106ef0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 09:10:02 GMT
server: nginx
etag: W/"616d39ea-b9e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2197654
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 1016
expires: Sat, 18 Dec 2021 00:25:48 GMT

GET
H2 200 common-wap-optimize-code.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/min/ 2 KB
977 B 15ms
9ms Script
application/javascript 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/min/common-wap-optimize-code.js?ver=13112020.42
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9811cb648fb8e9b68df670e6f974d718925254f68b126f43561c808551a6d9f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 11:04:55 GMT
server: nginx
etag: W/"61939057-9ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2383507
date: Mon, 22 Nov 2021 13:58:14 GMT
accept-ranges: bytes
content-length: 765
expires: Mon, 20 Dec 2021 04:03:21 GMT

GET
H2 200 6bff223c6454901a4414857a7304f43fa28f5e67.js Show response
cdn.izooto.com/scripts/ 3 KB
2 KB 78ms
34ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/6bff223c6454901a4414857a7304f43fa28f5e67.js

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5a2be1a091470b4f620516ef1633bc6ecd554a6ce1b5f3bc8075d767158b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2441594
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Sep 2021 12:56:15 GMT
server: cloudflare
etag: W/"6138b2ef-c28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
expires: Thu, 23 Dec 2021 13:58:14 GMT
cache-control: public, max-age=2678400
cf-ray: 6b22abe4fc1f4abc-FRA
cf-bgj: minify

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 55ms
8ms Script
application/x-javascript 2600:9000:2156:7200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js?ver=5.8.2
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:22:40 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:17:06 GMT
server: nginx
age: 5734
etag: W/"6179ec02-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dTJaUClz01_SoJP-VI3VlSMKh64cSq6C1A86z1fZP8Ohv6zfCv8Utw==
expires: Mon, 22 Nov 2021 14:22:40 GMT

GET
H2 200 e-202147.js Show response
stats.wp.com/ 9 KB
3 KB 36ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202147.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: br
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 13 Nov 2022 23:22:45 GMT

GET
DATA 200
OK truncated
/ 93 B
93 B Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f01981d8f1a5bd929956aa43132045d327af6cd0ec09ac50d824a668d272f39b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3427
date: Mon, 22 Nov 2021 13:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 15:01:07 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 48ms
10ms Script
application/javascript 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:26:27 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 118496
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: NpMl06oubLho3JFOhkqHqUCo4esfwG7IvxFR1xWLcHkMWmGdq61Wgw==

GET
H2 200 nav-icon-sprite.png
indianexpress.com/wp-content/themes/indianexpress/images/ 2 KB
2 KB 606ms
606ms Image
image/png 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/nav-icon-sprite.png
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 630f0440ea30df602859f4ef93f16a21705cecc8a5bf6b30ce5344ad727baf52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: vie1 119 76 3254
last-modified: Sun, 27 Dec 2020 20:05:09 GMT
server: nginx
etag: "5fe8e8f5-84c"
content-type: image/png
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:15 GMT
accept-ranges: bytes
content-length: 2124
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Condensed:400,700|Droid+Serif:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 417715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 17:56:19 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60168a9a6548e561e2509e1ff25a920cc184e2a9915965d3f14f5cf1a6ec8850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:16:23 GMT
x-content-type-options: nosniff
age: 261711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23816
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:16:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Condensed:400,700|Droid+Serif:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 260306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 404 fontawesome-webfont.woff2
indianexpress.com/wp-content/themes/indianexpress/style/fonts/ 0
0 614ms
611ms Font
text/html 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/style/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash

Request headers

Referer: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn1 0 2 9980
content-encoding: gzip
server: nginx
x-powered-by: WordPress VIP <https://wpvip.com>
x-mobile-class: desktop
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
date: Mon, 22 Nov 2021 13:58:15 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://indianexpress.com/wp-json/>; rel="https://api.w.org/"
content-length: 11895

GET
H2 200 arrow-link.png
indianexpress.com/wp-content/themes/indianexpress/images/ 226 B
409 B 608ms
608ms Image
image/png 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/arrow-link.png
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 81d6892362bf208376ee5ef6cd873a2400833da59db548b8614ae52fe16dc6fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-rq: hhn1 119 104 3109
last-modified: Tue, 12 Jan 2021 08:20:35 GMT
server: nginx
etag: "5ffd5bd3-e2"
content-type: image/png
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:15 GMT
accept-ranges: bytes
content-length: 226
expires: Tue, 22 Nov 2022 13:58:15 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Condensed:400,700|Droid+Serif:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 590573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 17:55:21 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Condensed:400,700|Droid+Serif:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 517220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 14:17:54 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 34ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 13:58:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 578 B
253 B 31ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=indianexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d49658df7a0ddfd8a19de471e610091740340ba09d16d4c6e7eb9053b7c2d4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
expires: Mon, 22 Nov 2021 13:58:14 GMT

GET
H2 200 sdk.js Show response
accounts.indianexpress.com/swagger-js/v2.0.0/ 94 KB
20 KB 572ms
549ms Script
application/javascript 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.indianexpress.com/swagger-js/v2.0.0/sdk.js?v=11082021.1

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

2068fc47a0550c8de2fa4fabbc1a2b9b54b1e5ec4aeb554db6864152d9055fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
access-control-max-age: 86400
strict-transport-security: max-age=600 ; includeSubDomains
content-length: 20285
x-xss-protection: 1
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Aug 2021 10:50:56 GMT
x-frame-options: SAMEORIGIN
etag: "6113ab90-17723"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=22628484
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Content-Type, Accept, Authorization, X-Api-Key, *
expires: Thu, 11 Aug 2022 11:39:39 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 45 KB
15 KB 35ms
8ms Script
application/javascript 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a29e2c9f534f6ed0577c77d6a1e3fd531c1f427d22bee84fe71673cf25dfa2a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:53:28 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 06:55:12 GMT
Server: AmazonS3
Age: 809
ETag: W/"a9d471acc19fde42e365fb970bdc3d9e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: bdGcDM5lDIenLa0NJIPZnA2C1Y3eyt73tUzPTrjB8xcvCFix1_gWag==

GET
H2 200 personlization-sdk.min.js Show response
ua.indianexpress.com/ 49 KB
20 KB 571ms
549ms Script
application/javascript 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/personlization-sdk.min.js

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

1782a40f72f41c83cc7e7da54f6d0b01f9011e44bfde4b2e0494c64d3b94ec56

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Sep 2021 11:19:20 GMT
access-control-allow-headers: X-API-KEY
etag: W/"61432838-c263"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=600 ; includeSubDomains
vary: Accept-Encoding
content-length: 19949
x-xss-protection: 1
expires: Mon, 22 Nov 2021 14:28:15 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 9ms
9ms Script
application/x-javascript 2600:9000:2156:7200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 12:47:45 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 4229
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TCw77dvbL317xHpaKmhBlN5GdebcG2TwRXfRY7FRZFSPEMZ7OjBf0w==
expires: Mon, 22 Nov 2021 14:47:45 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 7ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=150893645&post=7625715&tz=5.5&srv=indianexpress.com&host=indianexpress.com&ref=https%3A%2F%2Fwww.google.com%2F&fcp=167&rand=0.02042171132942605
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 13:58:14 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1423768605&t=pageview&_s=1&dl=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1944056223&gjid=2132145327&cid=945062858.1637589495&tid=UA-1403607-3&_gid=1649566495.1637589495&_r=1&_slc=1&cd1=Tech%20Desk&cd2=Tech%20news%20technology&cd4=November%2016%2C%202021%206%3A32%20PM&cd5=Regular%20Article&cd6=392&cd7=November%2016%2C%202021%206%3A32%20PM&cd8=7625715&z=1262603446

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://indianexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 253 KB
61 KB 23ms
23ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/6bff223c6454901a4414857a7304f43fa28f5e67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0256402d7a187ebb546573bca940234ed150bbb59eb845a39fc9d0f45f67e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 353485
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 11:45:46 GMT
server: cloudflare
etag: W/"61963cea-3f287"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
expires: Thu, 23 Dec 2021 13:58:14 GMT
cache-control: public, max-age=2678400
cf-ray: 6b22abe57d144abc-FRA
cf-bgj: minify

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 298 B
563 B 138ms
109ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=indianexpress.com&domain=indianexpress.com&path=%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js?ver=5.8.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b81d3b6160d1c509c6e74c2e592823035ead5edbe18a982defe378c66002db63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 209
x-served-by: cache-fra19174-FRA
access-control-allow-origin: *
x-timer: S1637589495.663545,VS0,VE101
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 20 Nov 2021 13:58:14 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8738137&ns__t=1637589494632&ns_c=UTF-8&cv=3.5&c8=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&c7=https%3A%2F%2Find...
https://sb.scorecardresearch.com/b2?c1=2&c2=8738137&ns__t=1637589494632&ns_c=UTF-8&cv=3.5&c8=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&c7=https%3A%2F%2Fin...

64 B
329 B

12ms
11ms

Image
image/gif

143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8738137&ns__t=1637589494632&ns_c=UTF-8&cv=3.5&c8=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&c9=https%3A%2F%2Fwww.google.com%2F
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: I_x4dlHYEtQO0I_ifsQI0p9IIWcsBUuqzq2rDomf9WHn8EQoj1C9Sg==

Redirect headers

date: Mon, 22 Nov 2021 13:58:14 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8738137&ns__t=1637589494632&ns_c=UTF-8&cv=3.5&c8=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&c9=https%3A%2F%2Fwww.google.com%2F
content-length: 409
x-amz-cf-id: -4Ia9ki-dCoqlfnsayF8OJPW1i6grvCx_vH_y4gpmb9tqzgcSKW0ZQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 281ms
91ms Image
image/gif 50.16.218.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=indianexpress.com&p=%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&u=lSkhNQi968DkZhIj&d=indianexpress.com&g=65545&g0=Tech%2C%20Technology&g1=Tech%20Desk&n=1&f=00001&c=0&x=0&m=0&y=5977&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fwww.google.com%2F&b=267&t=ByfxfPCJCh0ZCYMxdWCJlShLDVsNqc&V=129&i=Every%204%20out%20of%205%20Indian%20gamers%20lost%20Rs%207%2C894%20to%20cyberattacks&tz=0&sn=1&sv=ByxBIC4oPogKWI5aDuSdb7Bty-ju&sr=https%3A%2F%2Fwww.google.com%2F&sd=1&im=067b0fff&_
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.218.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-218-57.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:14 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK a Show response
wzrkt.com/ 290 B
820 B 77ms
34ms Script
text/javascript 2600:9000:2156:a200:1e:3056:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIABwAWEQFoASgC1p4gJzyArNJAEoAcwQBGLkAAA&optOut=false&rn=1&i=1637589494&sn=0&useIP=false&r=1637589494659

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a200:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a47d344f0655b3b13a442080cd49616fa3f17f63ff64b9ba90f33b0e5bee6316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:58:14 GMT
Via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA50-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: hYHWaFJ52biA8h8DEPxaiANuo9NE4Q2UcL-30F1BU0I3IF_FjL6tCw==
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 433 KB
93 KB 547ms
546ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=239235206265264&correlator=148146215376263&output=ldjh&impl=fifs&eid=31063813%2C31060033&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=1050432%2Cwww.indianexpress.com%2CIE_ROS_TECH_AS_ATF_1x1%2CIE_ROS_TECH_AS_ATF_728X90%2CIE_ROS_TECH_AS_ATF_300X250%2CIE_ROS_TECH_AS_MID_300X250%2CIE_ROS_TECH_AS_BTF_300X250%2CIE_ROS_TECH_AS_BTF1_300X250%2CIE_ROS_TECH_AS_OOP_INNOV1%2CIE_ROS_TECH_AS_OOP_INNOV2%2CIE_ROS_TECH_AS_SKIN_LHS%2CIE_ROS_TECH_AS_SKIN_RHS%2CIE_add_size_video_gpt_desktop%2CIE_Promotional_Slug_220x70&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13&prev_iu_szs=1x1%2C970x250%7C970x90%7C970x200%7C728x90%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%7C300x600%2C1x1%2C1x1%2C120x600%7C160x600%2C120x600%7C160x600%2C320x50%7C300x250%7C640x360%2C220x70&fluid=0%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2Cheight%2C0&ists=48&cookie_enabled=1&bc=31&abxe=1&lmt=1637589494&dt=1637589494706&dlt=1637589494442&idt=230&frm=20&biw=1600&bih=1200&oid=2&adxs=0%2C315%2C985%2C985%2C985%2C985%2C0%2C0%2C170%2C1310%2C315%2C1360&adys=5977%2C187%2C834%2C1477%2C4187%2C5325%2C5977%2C5977%2C182%2C182%2C1860%2C43&adks=2251526292%2C4134857687%2C4148745706%2C2546336223%2C360954248%2C233481504%2C1375478841%2C287408384%2C2713915709%2C2006046257%2C2442178151%2C2343617545&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ref=https%3A%2F%2Fwww.google.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5977%7C990x-1%7C300x20%7C300x20%7C300x20%7C300x20%7C1600x5977%7C1600x5977%7C120x-1%7C120x-1%7C640x0%7C220x0&msz=1600x0%7C990x-1%7C300x0%7C300x0%7C300x0%7C300x0%7C1600x0%7C1600x0%7C120x-1%7C120x-1%7C640x0%7C220x0&ga_vid=945062858.1637589495&ga_sid=1637589495&ga_hid=1423768605&ga_fc=true&fws=0%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C516%2C516%2C4%2C4&ohw=0%2C990%2C990%2C990%2C990%2C990%2C0%2C0%2C1600%2C1600%2C640%2C1600&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C0%7C0%7C7%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d366c6ddcb5c1fbe15b0fdc1258bc9bc0577a3649410939c3ff33ed6f80ea6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94904
x-xss-protection: 0
google-lineitem-id: 5557369645,-1,-1,-1,-1,5218008420,-2,-2,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333640792,-1,-1,-1,-1,138316211688,-2,-2,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9204 6 KB
4 KB 79ms
16ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 44ms
15ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1403607-3&cid=945062858.1637589495&jid=1944056223&gjid=2132145327&_gid=1649566495.1637589495&_u=YEBAAEAAAAAAAC~&z=1478033577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://indianexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 13:58:14 GMT
content-type: text/plain
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 21F9 2 KB
883 B 21ms
21ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
content-type: text/html
last-modified: Tue, 11 Feb 2020 13:01:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
cache-control: public, max-age=2678400
cf-cache-status: HIT
age: 1671123
expires: Thu, 23 Dec 2021 13:58:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b22abe62e744abc-FRA
content-encoding: br

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 48ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1403607-3&cid=945062858.1637589495&jid=1944056223&_u=YEBAAEAAAAAAAC~&z=2138328240

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 51ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1403607-3&cid=945062858.1637589495&jid=1944056223&_u=YEBAAEAAAAAAAC~&z=2138328240

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a Show response
wzrkt.com/ 278 B
825 B 34ms
33ms Script
text/javascript 2600:9000:2156:a200:1e:3056:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=page&d=N4IgTgpgZhaWIBcIDuaB0BzA9tzAbCdAY2wFsQAaEASwBMkQAOAFhYFoAlALW%2FYE5%2BAVm5UQAB0xIAjNWKTGACwAuy8QGdEAei00AdnRoBDPRAAe4yOvUlyWo2GU1ihLcojFFe7PjwBPNw9FdlMUdXZ3T29fTACIADdYP3YAZnZsAFdldKh2DkwjMlhw%2FXZ9QyN2c3FYGgg9Ygg6dkriPwAjWCNVI2IAaxDsR2w9dnUa4mN8dkhxIeyAdgA2ACYhBekhLTEAdW5OAGkAfQBhAEEAWQAFJFAUMnEkAAZqZXxiJABtAF0AX1%2BgAAA%3D&rn=2&i=1637589494&sn=0&gc=ebe4435186a0461f95a4d72ce691114a&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHUA5AawFMBBASQCkAhAcxpMxABMIAXAZzgAYsbABb8sANzgBGLJF7xgAAgC%2BrbG3wAOACxaAtACUECXQE4TAVgSsyXOQJAAnW1IBsAZgDs5jSa2%2BlQA&useIP=false&r=1637589494777

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a200:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0e3f3c55f00fcaff956bc996a2cb353ee127734901fa4c43cd1d12c2af8577a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 13:58:14 GMT
Via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA50-C1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: Hc6K0UN-9f2SfJojJxR1mqjCeTnu9bTNolG6I_yZGyN4UJeQ-wOZjA==
Expires: 0

GET
H2 404 fontawesome-webfont.woff
indianexpress.com/wp-content/themes/indianexpress/style/fonts/ 0
0 28ms
28ms Font
text/html 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/style/fonts/fontawesome-webfont.woff?v=4.5.0
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash

Request headers

Referer: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn1 0 2 9980
content-encoding: gzip
server: nginx
x-powered-by: WordPress VIP <https://wpvip.com>
x-mobile-class: desktop
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
date: Mon, 22 Nov 2021 13:58:15 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://indianexpress.com/wp-json/>; rel="https://api.w.org/"
content-length: 11894

GET
H2 404 fontawesome-webfont.ttf
indianexpress.com/wp-content/themes/indianexpress/style/fonts/ 0
0 34ms
33ms Font
text/html 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/style/fonts/fontawesome-webfont.ttf?v=4.5.0
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-141-164.deploy.static.akamaitechnologies.com
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash

Request headers

Referer: https://indianexpress.com/_static/??-eJylkd1KxEAMhV/I6ViLrTfio8gwPW6jmR+alNq3N7uKrCDY4mWS852QE79WF0tWZPU6IUE85ZFCxnudIeJFN4ZXxIngJoQRcxNFbvw+MKyQknAE+VziMtYjlGiZtyPAS2Eu63NYdCo7T0oU5yKkNrjrXdv6eHZjim/uov+vyzdPOfIymuDV5DAYbEZmeF1UDpvlxDiFuDWJ8t+4za7rH9CuyIr+8v60uMrLibIthNZgcbS3TXe566txZp7SY9t3w/0wPHT9B96g7ho=
Origin: https://indianexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn1 0 2 9980
content-encoding: gzip
server: nginx
x-powered-by: WordPress VIP <https://wpvip.com>
x-mobile-class: desktop
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=31536000
date: Mon, 22 Nov 2021 13:58:15 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://indianexpress.com/wp-json/>; rel="https://api.w.org/"
content-length: 11893
expires: Tue, 22 Nov 2022 13:58:15 GMT

OPTIONS
H2 200 resolve
ua.indianexpress.com/api/geoip/ Frame 0
0 145ms
128ms Preflight
application/json 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/geoip/resolve

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://indianexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
access-control-allow-origin: https://indianexpress.com
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token,x-forwarded-for X-API-KEY
content-encoding: gzip
date: Mon, 22 Nov 2021 13:58:15 GMT
content-length: 214
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=600 ; includeSubDomains

GET
H2 200 resolve Show response
ua.indianexpress.com/api/geoip/ 311 B
637 B 132ms
132ms Fetch
application/json 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/geoip/resolve

Requested by

Host: ua.indianexpress.com
URL: https://ua.indianexpress.com/personlization-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1237ab3cb334bcbdb5912f6e7568118d8c54cdf456ee7502c9688fa993337fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://indianexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token,x-forwarded-for, X-API-KEY
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
content-type: application/json
access-control-allow-origin: https://indianexpress.com
access-control-allow-credentials: true
strict-transport-security: max-age=600 ; includeSubDomains
vary: Accept-Encoding
content-length: 214
x-xss-protection: 1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 60ms
23ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23eac2aabf15dc04b584e94b9d76a9d57fc9d5f7d4313773c74c06e3a111e9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9172
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8549 0
0 47ms
47ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_Y61rV9uiNKIYKXV67BlLYlbKuchP2t3JezRdh5Pduc_1QI9VapsGsaHe6OLZOokIhgpd1Sy5YWbRLn8pN-0ZzN3l00xqYZ9I1ESYwonoXzFe0ZZLtlQXxW231uvIWkKqi7ls-8iR6AgowvIRIqtqCo6vAJrgjCM_-CKv5OCxZH91Rq9unG8wWMLBh0TqFF0kQrMukR64m1WRsi6AThyxOuDZkMRSD2OKa1osh2AgGmHzEKpMZPfnqned9T1Q68p9CTHLELsJydsIsytX9ywvPJuDbCQejFBQz2CWJAYpWbViu7nQ-1osqs5PrT-TexpPuoj3KDqoPTzN7jJn4deAqtAD3tY0ofTRQqtU&sai=AMfl-YT6vQ5nBxFmtL5Loryto-HiXZNA0H1-PZSOtCBk0QoiOupGtzjPRhmdaxHggorLXq66l1jL2XTVU1VV-PVmlxitMSC-DniffvxyEAOc_TX_UmO64PP5LN9AvF47-lA&sig=Cg0ArKJSzFELLZVfvC6HEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H2 200 generic.js Show response
pubs.contextads.live/indianexpress/indianexpress/ 4 KB
2 KB 53ms
9ms Script
application/javascript 2600:9000:2156:2600:a:5b2c:b080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pubs.contextads.live/indianexpress/indianexpress/generic.js
Requested by: Host: t.co
URL: https://t.co/8AczCbu0Tv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2600:a:5b2c:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1660c7b9da05dbd944426f37f56de2c3a8fdfc23ea8bc6b62c7421c2a42b8887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:02:09 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 10:25:38 GMT
server: AmazonS3
age: 36436
etag: W/"98a967c0faa96df2069bcf5535e6af73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: NpiWHmgjVga771d3wcSsZsEzE5SzZW6E07zu2AX9FwQvAKn_zmJm9w==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8549 119 KB
37 KB 65ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2146 6 KB
3 KB 23ms
9ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AAB9 6 KB
3 KB 20ms
10ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 131A 6 KB
3 KB 14ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3AF8 6 KB
3 KB 12ms
9ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6102 0
0 48ms
48ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN8cYdEXZKV-lQi9Ns_HlBJPjtDFX7BWuqmEA_DgsbzhWigsEq-0ofL_37dfHyBfGHjGPqfP_ywiKDXNhQPdTeex7KjBBxylYvWUHnFbAJtQ9rCPEVdZ7VyhFad6HLYL3qu9ayIy210VUxpEbfsFSBRCTK2UZBaPmT8SKwREy7hOj-zBrELYK3Q6MNMe5rIqA0MthsUvV36-QBR5zDbShtd_X0QZ87ttH9rRctn-fkk6Yj2UZbQxls4-d-hciKB816v1K6WTnjUxKOJbFvSTvuGWrjMgPL1LZ0EOovTMa3s5pN8TJ0gndTY_5lKZENIXx4td9xsmYYF19zzkt615pg_jNURtmgAQiyIQq7eWI&sai=AMfl-YRUdnplKXkIUKBhQioGvEnR32fO3Y-d0GGGgjMKvIzQMxFVgXAC4Lz_h_811SS_1GzJqOVOR0noqI-RBeM6rGj3EHFpwf8hXXDhUj-4XaYV0xz2xiJw_PTa8_-H2A8&sig=Cg0ArKJSzAeSfvrGcJ8eEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6102 144 KB
50 KB 52ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ed3604ea7cb013e8729e82120b132a21d1542a16492bbf4f16d389a479a4199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51312
x-xss-protection: 0
server: cafe
etag: 5461062132770828680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6102 119 KB
36 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8441 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC4A 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3026 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 13:58:14 GMT
expires: Tue, 22 Nov 2022 13:58:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 64ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 22 Nov 2021 13:58:15 GMT

POST
H2 200 genfp Show response
ua.indianexpress.com/api/resolve/ 27 B
591 B 156ms
145ms Fetch
application/json 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/resolve/genfp

Requested by

Host: ua.indianexpress.com
URL: https://ua.indianexpress.com/personlization-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

74af3a31c870f9a4d9f42c2a14fce735266ac2b60f307caf0ad0e108adeebc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

x-request-url: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Referer: https://indianexpress.com/
x-requested-with: https://www.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
strict-transport-security: max-age=600 ; includeSubDomains
content-length: 47
x-xss-protection: 1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
last-modified: Mon Nov 22 19:28:15 IST 2021
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
expires: -1

OPTIONS
H2 200 genfp
ua.indianexpress.com/api/resolve/ Frame 0
0 129ms
128ms Preflight 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/resolve/genfp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-url,x-requested-with
Origin: https://indianexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-origin: https://indianexpress.com
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
access-control-allow-credentials: true
date: Mon, 22 Nov 2021 13:58:15 GMT
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=600 ; includeSubDomains

GET
DATA 200
OK truncated
/ Frame 8549 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22080faf1da0a15ad0193f2d812c326d82a442ed7ec2e29ab6c16f00005a27b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8549 0
0 51ms
51ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC_a20wyq3ut8UikDDRqOmOl7W7x2xuivROR6gcgO9X1NzDF3SKKCP9jH03WvJ9IYbx2bkTCsmChHogM1bE3R0Akcto9X-lt_-P-MseskdUa0AIP0TiGp2Wff4t2K9qHKe4dORl3naBHWio-rWjb9z7bBlRZ_DoGs-UxulP8AKBX5tjhbq1MXzyKPaHJICFF1V3OvkMHxhNckrDmZL3EV_j40uZ3NRqoSY4pqljRDixPPK3h2CuKqxbLNKztr-_9vdM_HaWVBeaRy2_EhSPh3Ao7iLnaWfwUIhA2Od2Q9reU-jRxVB22MsP1Y96wjMUB54pIhQPHDtE6pFMVtblE14w0iUORVv48tuJ6cH3A0&sai=AMfl-YRhlp6Z5sgEpX8gLmkOZtlTRqOPhuYORwOe6sLmzkEpSyq8S1XV79zuDUTe1VXUDSGG2MnX4Kx6ULXBnUyJC3PIdPvTOL7Ztrip1CulsdGjZnXXLu53NPUQQTwpwOk&sig=Cg0ArKJSzDg5FzDALOMYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H2 200 impulse.js Show response
impulse.contextads.live/main/ 34 KB
10 KB 64ms
7ms Script
application/javascript 2600:9000:2156:d400:3:6e47:11c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://impulse.contextads.live/main/impulse.js
Requested by: Host: pubs.contextads.live
URL: https://pubs.contextads.live/indianexpress/indianexpress/generic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d400:3:6e47:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66aa8c82a7b17fb6233973de31e7a77fe329a051ac8a5d1e4dde86078b1e9b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 20:45:05 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 08:59:36 GMT
server: AmazonS3
age: 61991
etag: W/"283d14feaf968b3d997c11f4d6021367"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9E0Q-XepDiU0K9gwkzGgQaTdT6SOnfAkcaflcSJHSesJSxa1z7bYew==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 131A 19 KB
8 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:57:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 131A 8 KB
714 B 40ms
24ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:10:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 13:58:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 131A 14 KB
3 KB 84ms
26ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 05:51:39 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 131A 355 KB
124 KB 64ms
6ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 16:07:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 131A 15 KB
6 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:59 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53AE 0
434 B 40ms
18ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhiY_pK7ATAB&v=APEucNUgfjqOdXSZ3AkDlVR22SLtk9NhHpAG-Le5QRvmJf2Zu0dpciFdH-QsNFrLqF0Cf4Bw2W5thFUGz7Up8ZFdWhOHYEx_Hg

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Nov 2021 13:58:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2146 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:08:00 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 2146 6 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:38:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2146 0
61 B 100ms
55ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSAL86bDKpSe2zZxS0QB_ygzO5dcp3UruGt0gOCtVwtowEyJVD96Su9zuJSLsYZAWoxUTZ9E33EMAvVWerfntxPvto7K7tEC0AnW2v8MCruE0P-DaER2bCGVEmazgoYUxaDk94ZZU1ySwD5bjrJag-iEmFp0rgF_6m-K4e2dZZ_96HKRNV2atqKRwrpW8qJ-NNuxESN3ZbDtwqGnl6gnsu3wiodvu7wMW9fVLRpHlknr2VxMxD02UUbTlbTnUZvCXGSAnJiT0ti4nVajB_jLHbOfheuU07gf0wSe_mztPu_zj9CkUQC0jTJ4TmippHdoQCxhMbKqe_XRPX8tufF4MNuEDWrHG0fYkFAYofVmBt5syaC-G3oF8yQyDW4alrTThhJiky3fP-yEHG7LFTXfoAXEz3y2DDkfOj0111pDww6LeH3FkfaK4P6m5q_jgZRIh4YPdjLIfOi_IZRd48Y0FS7OCSgtIkzks6-W6_w5KRz9BGQ3-ATWsqBVLY4OjFwh7pMzIgicr3RP0gW2Na434edgDISRQzDnsILpkJ2dcnt40_38u7zmXhf6VT7CrcCXz1asg09s_8wlOdLli7FFhULDmQgn0kmr1D5F1I_Y8kscyaDy8canMepy40QzPuF61rWCIeFDbHWXQqn2HMF24zQ9_kaxIr_V02UTAN_Uey8-PojwRQcrplp2bGELIWClDdHoKNLFo2OY3PH3pwaJeRt-HqfmzR6va9EpZgm-bsFrIINjMPjUvo7M2ip2M5-GXi6DWGH9npC18hjdTcHSkX_O9RdXzlxg0uF9Zf1znKg9PEQXJfGLdG166jYWaOJSRpPAvwWi-G7Y1zbholhhTNRIi5kwsz6BA5_ZMhHEI7Y3LnC31UygHuaTEdEAvGuRTOg9YGLXroftep7BLwFJR4__joOGbBdz_nLPqE5UFImJmvcGsENjpePxOaOAz22D-KxvW_gFLsIBEJ7dlVYxGvpxUQJSYki7EljqREeUwxc6mp79IyWZyvIV34zr8FkrgYlTvgiLSwf20BaeQxYMoSrVi2CTXH2hWKxr8_3hhY_tUFcIadsSvh9ZhK6IHsRo6CbYxotznyrgzwYgUaOEogpKpF6VWOnJQczx-YV5wEKkXi-SR8BxYX44TcqZUzswpbijIsQNYes02ueJSdWzg0oNQDJV1mYkyAX0sT9-s&sai=AMfl-YRv7O9Y0iCN32hS-lz9FIvZSVNS3AO12T7JDm3WLYwRC-8lAKJpW8TggU_GHigadslgHfMeiyxOsShWIP-WY_K8BpiAgXBmIQG6lTmqfQ-HzWYz9u1W-DpZ5v7IZPEPcgp3MFWFcMhelFNcdAEAMtTa0lQC3Taf3OD9DwwpvLQlOmB_c8MFescp56Xkx5GbUrb8Ilh_7BEHN6enj0Wyrk3dhYkRszkS1V0XFV756gKBc0yh3KN--O0Og_kE03hoGR5-6uLZ9SqRuciAb8PR4rNWzcA7TOyDnMjg6Ldi1DAyXbVNFvvcSoOHwvHuBfJWvLZF7tOzKZEZ2QuXvG0MOtGcKiHfz-T8EqZJI8bjZpJUT8B9D5-KZ6IExEIVz55e2RkfZ-Nfy1_nI48&sig=Cg0ArKJSzK5Dsfd9qiDcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.60878&adurl=

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 13:58:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2146 41 KB
15 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2146 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQB_7KDYVBkETdYvNP1yn04PoT90snpyPtpte0ZmsviY-ajyy5oHRINliOHN5N0EF61rpYqlS6gI4u39ce4Yh-wVg5EuJfjo5BC62JBbyr0pRfeYs

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2146 2 KB
1 KB 34ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2146 119 KB
36 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2146 15 KB
6 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:59 GMT

GET
H2 200 5492857215009155296
s0.2mdn.net/simgad/ Frame 2146 166 KB
166 KB 64ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5492857215009155296

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05abef642cc3c6434cd9f9f4499c902a3d6f8e8ff5a80cda85139904eae1384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 14:52:22 GMT
x-content-type-options: nosniff
age: 428753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169739
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 10:37:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 14:52:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3AF8 0
0 48ms
48ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COYox9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEjwNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1uCu0U8NSeYlovIz8stPUa6sXm9NdCT2-XQX7eKJG7Nr6fE-URy_gBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01MjI3NzQ4NDI5NTA4MDQ5GJDJCA&sigh=-fEovc1rP_Q&uach_m=[UACH]&cid=CAQSPgCNIrLMN46M_WGEzAqVIzTgYYHDg7hf5zO5OaGue-Xzha94TYIfApe3IEO19XaIErekow9pXagW9s1r78lYGAE
Requested by: Host: t.co
URL: https://t.co/8AczCbu0Tv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3AF8 0
0 67ms
20ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U9nWC4-lBKwC2ASdg2ICAgAAAFNTRLrROCmBfu5g_zwtHg8Q9qGbYZmaNBvBIg1sS0BaABI&wp=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw
Requested by: Host: t.co
URL: https://t.co/8AczCbu0Tv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:14 GMT
server: Kestrel
content-length: 0
server-processing-duration-in-ticks: 172993

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 94A8 140 KB
46 KB 153ms
107ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e456d15acea4fb01e1b9c073f618bdaab8a92f6bebd56f3b4f0e4fe1887d2a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Iw5Ib_s5a0EAQoBDXdA63r0_7nysGmrmUe7x_VCpsx2TMW45LuKbm3Fn_Xg6gCA-MxVMDf9WsLpoeHJOd3Rh9ZEa-BxPyb62lwU0_iPC8u02kwU2AX_y-imhC3TOSjjus0sokk1OlfW3ibSd1YJkSXw9VmQztVh6ltCCsQWgifzb5z0jX0g1PSHVpJSRz4kK22Q02iiFxGWJ158V5t_OOC864OtPRkEUjXc56p143bQw4YfYImD9B7Bg-nwe5-oFyPPvPQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 89051864
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3AF8 2 KB
1 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AF8 119 KB
36 KB 83ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3AF8 15 KB
6 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:59 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3AF8 22 KB
7 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 17:49:06 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame AAB9 19 KB
8 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:57:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AAB9 8 KB
714 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 13:58:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame AAB9 14 KB
3 KB 68ms
27ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 05:51:39 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame AAB9 355 KB
123 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 16:07:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame AAB9 15 KB
6 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AAB9 0
0 22ms
20ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTPoIjyKLKr-cxumPT1gQb9Ker4PtgmueGPVYPYPVQt_2Pkp4k2fshsQUI-AI_jl9ssN4Z
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2FE9 0
53 B 24ms
18ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjzupK7ATAB&v=APEucNV1J2_Kmlv-vXRsYOl-5jkoYh3amS1E6CnmRiLoMVFLhOnlcqRW3SV3VHtojBoKzO8n_D5Hd0hXc8YUZbx7WC8eTUT6WQ

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Nov 2021 13:58:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8441 19 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:08:00 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 8441 6 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:38:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8441 0
61 B 83ms
55ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFiVvWZiFL44IIkoCPg0TK9oL4OGgPkQMcu3v0UVZdUuD4uBIPOH2-o68pDMBXwC3e_ynaczeO64C7gVOuxQsCU9PuiCnjGjfb52k7bAmyk8ApajOk5nqxEW53gHrd3E19Xa1IfGDDuhIZCrJ8etEA7te8z1DBODOgASs_a74ps4cgpds4EUUkI2LTzEw_CshMivOC57USFkyzLQSYz4eA3A7lr-9RUT4dGX-_Jro4PhicpGhTIx-hxpIoBRxDxCoKBTPhGrKba9ku8qgWCDD-5rjJTmit4Ojl6UR5_Y6VSRDXhW8G5X8bZVR2lYnBFHoaPOD23furIpMxO6YTtBm8sjzduGQXOV5lA7zBkxcK8HAyLW9BqeaTCxGeA2yVz6F03w345uNraBKMx5mkAVEg7CxynTe9KNBqpD-4-C0eLM2xNnyHk3ye4qQP0DIBEj559v6NH9GWQ7J3q5tdXKlk162Mxu9DI3txxEW1SUVe2wuuqkCOYJJ3xO4FEERDFu9drFX0HC9yRO63WbgdD5mCwbm8noVaMZDbluMxTWO8GcJDdQV5E4ReHClAoOjSWIOKTMq02UHzY1Vqh-VavQs_HX7q3i8CMM_pIYMssmM45lc540ru7y4IUmv1KS30rN-djtRE2vzk3rjne_Ek6jsXlICcyuB5dlM4OIjiJMrkbL2lynf1yslAbTP0iEr8-aKYbgA6e6hg1_Hxnyvo_Hh6ejKbjRjXW0EYPBU3ocmr4R3WHlbs8YMv5ctAWRGy72UzhCnZbIKFwfq2JpnCH_LOWnmjLfTg1n7-JExYmg1Tf-uGOLcrgVByExDoM_0zbcOCPA42F48aQoOnrLlP4aCacbXA_S4-KDW-xe-aS0yhZFjgEnO_T9FIjR0bGc2wmeTggXQ-vYYDDyY4GzxTkpnEwMOtQcRjMMax1am4eJWnTnn1oMgOll0eHvN0D-eDmBSNcYblkOLmmJlI1HZSIIPdboNePiACjJxthj_JAdihd8i-HyAASmNAEUl0b-G4ELNxVhLqjuQYWeNNpC0yHNTRBCXcfCBIMF1yTTwivHVr6xBsrnPNhMEcO9wxPdy8TdpBKfLz1DAwA0GQToFHtvuIUkavy5tFGol937rp1RPgYUO4cLoa6FSYYjY1qDMALnrVxSa4T0QWmHJVAnNURlI5cBWdJxwBt15XeGNTPYc&sai=AMfl-YQq4z8mCzWZqx3yV6K88OUAR6CwiVzVl16-MTvpGQItZVlPvtt5jYNdSWYf48cSgu26gBA84ayxZ6yo2c98uja3UWY2AbLKB3avvPWtLIH8x4D9WCXICw5POICMZIQ7oNL-aH5FtLWKPdKLvlUm5w5V_jjtBCUowddPbtNSP5cWPiQNtOx3WGxjPPsp5fFx6_UKZCRjOzDfdrUGGevrQB0vymVerelrZRrOZZia8RB9xYRgU7j0uu_blDSPHFxGl-rq3BCVJNp4w46Dzh4ML8kuw9Nyp3qlhsJPUPWh5Q4R86nw_ngpp5Jcykwz3J7AzpvTBCWXUO057ersVWOqiNj_9C048Pkb1-csslIhBrNhnNTEChWOAAdeLod6vr8R0JdmDTvQIK3lq7k&sig=Cg0ArKJSzE6ool9hx5SwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.60218&adurl=

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 13:58:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8441 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8441 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cbb6jOhFQnhuh2DhHSlg6-yfA2GVRnLX54Q7fErVBD8C_BQETNZNUTxEoUJ-UJJ2WhTHtuUXsnQztvyX5hlMJuOPRDZ74t03Xr8dHqcqRhENWplUk

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8441 2 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8441 119 KB
36 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8441 15 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8441 0
0 21ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX8cojpuYd2WDca_iCqszuxlKwrT2tMroonbNDGYk-w1hj_7c88hYCAT0-UNAkGGwEsay3
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 7214504983789958802
s0.2mdn.net/simgad/ Frame 8441 91 KB
92 KB 54ms
15ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7214504983789958802

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0223d570169dc7e8dcef11932fa0f6d9a8b15005ef4cf2f0a91ae90f308ca98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 14:51:50 GMT
x-content-type-options: nosniff
age: 428785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93566
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 10:35:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 14:51:50 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 65C1 0
53 B 24ms
24ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjzupK7ATAB&v=APEucNWbLgkppbfDBqO945MrbW-gHpKZ4HiACY7aeHYjp6tZT5ny7itg4M9k-Jr_Ao5NtkZlsEHroxFpVHgblX_8yZVYQbRcsA

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Nov 2021 13:58:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 7214504983789958802
s0.2mdn.net/simgad/ Frame FC4A 91 KB
91 KB 54ms
20ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7214504983789958802

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0223d570169dc7e8dcef11932fa0f6d9a8b15005ef4cf2f0a91ae90f308ca98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 14:51:50 GMT
x-content-type-options: nosniff
age: 428785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93566
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 10:35:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 14:51:50 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FC4A 19 KB
8 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:08:00 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame FC4A 6 KB
3 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:38:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC4A 0
571 B 62ms
52ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuY8BNdBbVG4RI8kR3szJNf5ARHzSqC6uPJMN6hk8r9ZFTMb1uD5BqbhDW_rb1gy874-AJeHkiJgpA12x89O4K0KDCMqAM_3mky6RJFTJb9PXo0suGyNH7DzIf8ZAdB9J2M-sPldblOfFSa_0TIMt0f7WGKE7Ivt-5FsnFcLJut-36Bj21zBYKOhk8iTCX5zkw-ubcFr-OeE_cdz_CIQCBvWtdNpBqDZzfVY1pzFaA9GAM8xv_o_c6PsICv7hNjz_xD6RIKQ06RVzmskkRXR65S2oAcBbUnxEp-g9V9YGZgJwF1WwI9bthCbTW50Wz00wkPOJ4cVclpH8fjo6uJU72DceiGW5g79O3QGng-wTxuic4NylBnhHlK6Sjv1ag8OlXpZzgbcePuLm3LF2a6ei3gkRx14eMANgm9pAwDFgZQjHCbbHXrcx4o_sLBjTNr5oeppVvuZuG8QQF-_43yzT-RmyZRAWNm4W783p-YC8PlX_6wpCYs6AXWfW_ks3G47UeLmx2kpQ1oq93yepIcJ9Lq6ocXEclUHjQVDunZ-WC4hSpgNznoOQWwjeGSHrXHraNjv-oj-YqBKK7yWq7EMLQiqqPCYt2lv42PNLTb8T-7alAgcYDgzfk-Kz6_PGuSui83aYZsGwutRRss7iep9MVKRcLn6uvLnZcbEsyjltYUaEOCNdKmO4YB63Yr1JPBYDC1irqOPBsLQ1Vlv5XvkNbDKMxohkhAZ-5K3nV8IupsctMHC7Xc6BiX7yasqP9wJ84ltVP89sqm9SHA9eRKccBXjgIXtFLXJgK62xKggiiEPJOuVJ5sc1C2rAdNrppUTFVdZO-rgdVTX199Fo7oEcZQ9hu4tqVZTej2h87oFHvpe5deBmZGBpr0Av5REFe9V5DRjpWROM5tuROH7JRpdydEEyxhVJf3dS-uDqykflOcvz4kjvbVoEoErFMcD0vv25mDoPP0CrCRtafIQ3kJsQ1PPwr0dX141goN8slwGGKBndV39pbDeDGcz0bguowkscS6JEOau5wgrDzQb5HZA-ebWGurJ2UW0JVqe1qB46E9kgWBHy7OJRKOYDVuS-FNtPJwJ5YQN-zToueY7op-r93Ysc9DxsR83Z1oxkG1RnC21D_xuMWUOLUVCCuKdYqdfrK0M7ZBNFW3rY6R2LZAUplYCbWR-moJZr_LTipYjxs&sai=AMfl-YRMfrgWWThYrEMs8eVylw1mzu-kWGCVvn6805eSJA4aEl819yJAMG1oQfakkW6DCMBg8KVWfGv9DKter9hAr1ytAziCTUD-Rs93_zN_MnSX31vbgdKXMC4kJeMrVEQCr1tKJpprZCmp46jF0hdN2r06M6lY79CktfUaMDsakwgQWYIIaDSKec3TegoCK0CUsxSKUuS1mvxeKOvhLKWvlEZ_z4Zu1n4lJd5uojnfQDPN6rhlz3qqKuAVrVG833N4_eq_D0gZLsSlppUwRwDcu4K3vMSh2I15PJNQpf_l5rGCYm0qaokyGnj9arO4CiHE2A9UkXcSb030OBfI4cBdpgUq6KrVvz5xhk68oTFBjancebcV-1tCX1RYgVGUgzQ1mfTXiF-yTHHTrsY&sig=Cg0ArKJSzGwwzVla7ZIAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.15755&adurl=

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 13:58:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FC4A 41 KB
15 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC4A 42 B
63 B 50ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Co0gF0jIpP4ZfBomc9SXQk_wpoCLbwamG5ng6bEazhFJ3iD2nt0OktG2eLZXCnJZ7TK9OYDLVxN9S67TOCuYdma00RmGP5H5SasxwNwrzIWr00xA8

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FC4A 2 KB
1 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC4A 119 KB
36 KB 63ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FC4A 15 KB
6 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC4A 0
0 20ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAoIZFVzY4u8dS-AvgjKAog5bPrmWx2gRZiyeBfplG5s4z5EJL3b2fg9DI99p62HfQURYz
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ Frame 6102 270 KB
97 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be8f3e400483b54d82d24adca2a2d85dd7165f89092ce5e70626652fd5a51367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99572
x-xss-protection: 0
server: cafe
etag: 8525404910772592418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 3CB8 11 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 09:43:00 GMT
expires: Mon, 06 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 15315
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3026 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:57:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3026 8 KB
714 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:03:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 13:58:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 13:58:15 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 3026 14 KB
3 KB 27ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 05:51:39 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 3026 355 KB
123 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 16:07:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3026 15 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 13:50:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3026 0
0 19ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8htarIxIlz8QuHP07eRxTIwNMqaqO4CVmoZfDrtKPeJjdJ-msXEYTt9SzSOyycmzz1AjD
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 6102 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 022a8d8c886976f689830fdbe91ecc8897c05ce644066cf5db1034b30c5ed2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7270 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 13:45:26 GMT
expires: Tue, 22 Nov 2022 13:45:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A57A 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e12b97e9aa9a26d4dbcb2cac47bc74c91b9fe9a92fb057b52a9fc21830063979

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sFBHs27ltitsE2CyG5NZFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 22 Nov 2021 13:58:15 GMT
date: Mon, 22 Nov 2021 13:58:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sFBHs27ltitsE2CyG5NZFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dac.min.js Show response
dac.contextads.live/ 5 KB
3 KB 71ms
8ms Script
application/javascript 2600:9000:2156:e00:f:b7c0:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dac.contextads.live/dac.min.js
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:f:b7c0:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffd6323ee142840bba7354a6b6ae5979a9b0d8a5aae2224b8be4844bfcd57de3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 18:35:19 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 18:31:04 GMT
server: AmazonS3
age: 69777
etag: W/"88d32490a4127ecd4d03bb7435735f92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HFRShdeyhW_2YOFWcxcdqvBf43q8chA3pTzoQP4CddLg2rQN-7QAhw==

GET
H2 200 IMPL-INDIANEXPRESS-INDIANEXPRESS-RESP-GENERIC.js Show response
impulse.contextads.live/impulse3/config/indianexpress/indianexpress/ 9 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2156:d400:3:6e47:11c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://impulse.contextads.live/impulse3/config/indianexpress/indianexpress/IMPL-INDIANEXPRESS-INDIANEXPRESS-RESP-GENERIC.js
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d400:3:6e47:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bdd955aeb21a5fd2be94498a83ee94d990c6a43b18b254cb2704c38eb765c89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:39:25 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 11:31:44 GMT
server: AmazonS3
age: 43406
etag: W/"31e9d83feb682a9f29637cd1e0821254"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PudnsjczBLER5um_b82K7SjIACFPn9n-jm70aXM1SCYt8_-BkmnH5g==

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2146 0
23 B 65ms
50ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8441 0
23 B 63ms
49ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FC4A 0
23 B 55ms
46ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: t.co
URL: https://t.co/8AczCbu0Tv

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 2146 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab18deb677075d647001503d1e3f39a4f2ccc6eb030449e9ad9186f8bc34f435

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 131A 0
54 B 185ms
79ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kwaqi5px&c=6717380536609&slotId=3358690268304.5&qqid=CPqE_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 131A 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 417716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 131A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 260307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 131A 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CjrYb9qGbYfqxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DRQnDFIowYhZRAyhETJBuQdGw1kkG7D6jy6eBjdu6v5ZDDsEUoFN0c0wt11Bn0SoE-Qmlwe7BGb_XGThq1yCBJBlT6NjzHwRZoM_73XMBsMModToGUgfwJsacSNgwOJXXTsOHh1JMrSVZKPhKm9J0Nkd0Voc11JCwWoG_0xNY8d-9Ooreh1xcMHg6EJzwhXYQNqst0_sj70ZQSKyTAmOuLVUamQDzXl7lgELpP-pJrI4CPb4XMW43krhXcQYIQW7ECLZXXoM4Is28ufX4f2p5AiBo_kgFkzy927l8Xhb43tgRqUm8-e-ADMJ2MwiLO7Ywz84iejzBiX4HefYINwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1637589495673&ai=CjrYb9qGbYfqxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DRQnDFIowYhZRAyhETJBuQdGw1kkG7D6jy6eBjdu6v5ZDDsEUoFN0c0wt11Bn0SoE-Qmlwe7BGb_XGThq1yCBJBlT6NjzHwRZoM_73XMBsMModToGUgfwJsacSNgwOJXXTsOHh1JMrSVZKPhKm9J0Nkd0Voc11JCwWoG_0xNY8d-9Ooreh1xcMHg6EJzwhXYQNqst0_sj70ZQSKyTAmOuLVUamQDzXl7lgELpP-pJrI4CPb4XMW43krhXcQYIQW7ECLZXXoM4Is28ufX4f2p5AiBo_kgFkzy927l8Xhb43tgRqUm8-e-ADMJ2MwiLO7Ywz84iejzBiX4HefYINwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 131A 31 KB
15 KB 94ms
51ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CZbc3UJfBjq8TL09o-1UHXyeiyozibgC9FESh8xPmz07u8_ALoasuoDgtfK-aLQ476bbzow_iUDiVvjdGYCF3mvcbyAg&dbm_d=AKAmf-ClxwfGM5kdIiZOwIoxzlCMn-thF8HQ6AjBS01-XjwwAJdO3AOgnlkvQ5l5mVZeeiEGNg7IELFNUV9vNuanIOXjHJkawv67DQ4ogz1JPTwDFBR7H71zWpToUpxYCM8xxdwDb-OGIO9A2apjeGXYLwSPv4Ux5my4274j6G8y-4AZJfk6Nos3-4Slhtg7QMd248Ir9QqCsF9IZZxuOwpYJcox8z3Cj1c0Jm_TY9LFDPL2pUkujuSdGxJntgNaq2DcWRNje7hHis21oZHSZ59IPRh5T53yOEeayGjwUUzlaIf7GLtaPWnDcI4oaWeqTNVXCR6aM5uDbc6EiBJaniMdD5m6qVKYI-KhizACqfjIB0WxD5M0uCEQYHbOUE26UNLF1NFYtzSw18Iq_vtUmK3Pq-QK1MrhaLOgdpo55aRkOA7E1xO_AZiRCTon1m57-IBlLSVkukxOG9qCkEpQ5GUEMtFSBRIbXJKHNA6YWUai-2NKT7Ks7cfIz_CE240VlOxmE2SmFKQSoWfom0oeRqRIPcz2USypZqV8GjRt2EAb_8-zctOZQkgFwFt3tLLb6x6eFl1hyPYZDUjou1ZOYAjGX9XMXlF4UFG5NGGRo_ovj1BtUKQeCqanswqVpScL5FRfzaXz6S8k0OAtD1Skua69AWtYAs5CyTiuw3BmomRFae-1WFwviobhytWCc2FlM368VpoL8yp1g57RwznfWXXmeOS2A_4dTXdptASSysVY5cXiLSwRe9v2Wff9gqw2Q-CTS_ZOJ2_sIqtc8_KcSuwNAXisPGz4kLey57iSwgz2eGgQG4VHhevejA2aGRieIRYpGBqqk0Adqg3Ew_bYe9-OFmJ9aQu0sUZpAytvZ6M4Xi0j27kZ6xC0m2lhb6b-t4HFKxoW4jPGyKCNoDE1Fz5F8rGf5AI34sAmp0zto5dQIsOPs-YTjLFNRPdLLj6ihhvVz30SaNhvRiskmJ8JRYBbSEY2iAcXGxg5Hrd3unHr6dk2hwpv3irESFOwL8J1NHW1C5SLba8uLewda2sbaRFVhM1pWn2ZeoxripB4jg7S97nDPkb1Eh2l4rUhNCDuFUB3eW3RF-tWQuPwZOUiRlU-Ce-HhvYYuHcf13SttoinrnC1UlU1uM8ClB3pIMfsKjdEfmZbQnT_JBSyOKL-T0IBDj4sdGrs4KH78lkMzq36Y3R7gX83bCfORlwsDdXoZ-mvXVZq7K6WdlUmEksO8O2O0RmupRrI-th4iyBy4no3nP9_rGFw-5uVTZH76I2eK4v_IIsUA-AB11Bc4kAZmTbz9grjvE94CZLddYBnefqUOlKgMTH6ISIsXWxgLg3bQKYyeR4OsgMzH-oCUBtMDnFM3nBB1iLaQI09MNAT1xW_YckMjIUb9Woon-4kdGkq0w5H_tdbqDogOYRBIDb89UjrH2FrYR1AH29lQQEdREaiVTq9hgXAbbrGAJ1T6FBJnaUgiSQPqQdZlyz164TBoEe6n7JN6NW5pXCX7KrnLWL_sGDDov95ku8e4MI4bN7WKQtwVwdNoMknar4IaH15cTbGjZ9VWC_Zxthe1-gLyFPrnBg_PG3BNUgBW-2ORulWaCiol9uVIeVq5hhBFM4_8HmHhFyQrnGxZWPB6m7-o2gErlYP1qzI3yAKNkjMz_wIc0k4uKAi2fX8O5oTmrlnP6CRfo9s4BJgvwKKzjdpfE_hsuYB23KWE_hPRR9-Ir2fX3_Nf7n2sBCXxptzGOsdBacLSrZp6_ls90dzWH4jvRmsh4dkXTTFuVrL4YVuPafZ5v7L-6YGIgDTn1gR45SWqHC0D0Bmcu62AZjBj4-FqRPbHyZw45lfClWjVoPkxtrHCWep_YuQlvC0t13IwTwp9jdSxNHvhkowASW0HXYcLdbBlPPXD7TMw94ilrAn6gYomzWwCo1sIqdCbWj1nKHhMXneO6QMPx_fvfNcj97GEIKYsUbneOLN1gLShT8whstMfOwVGTzyDWSUmtvJd_koU8a2iu1-_GsbiB63m7DZOtKX31bGqJyEjwfgeuQgY_HKXVHg2JrPEQ4diLHYOJ0jYgjbOuF_AvYPW9IUxXqVUUMF5Wyv_qf3dJXSiaMJ5QiglhJbnrhJq3IQ8cLCbV7F6P24Wq9uHXDtDJsrj1RJf7ztSnS1ye97PaBg6M1NgkhoIuyvvpBzO4503ICJS6tkQLsQqXIbsxiEMmVShYk6SnbCHWvCrjBlPy0B687GXRxCsCw5f9I42RRA1eG4VB-AsP3afYTE5fkJcG5DQz0iomyB5zk6PvDDbbk5i5BCJIxjB7gO0FylPtuIB9pQL7OiLqzrpk8lWzyReWkJ5VSSIEq65wCquQtRYdzxKG8hIqmktIkYCpACsdhDl_OpDFTccALsqIJn59hv3Wj39kQZwsuD4YS0Zw2rlp7tswo_8BIOzoGJLNyNR71gNTCXjFm1FfQ_SPL8Y2h8SSyHQDVkFMZLIvVRcPJA-0OCMvGKI2Sg6RI4Cex86VfltpqGJrKMsclng0LaD5vFTRnOxpkG_tMkZKlHY-FOzA6XYX9ScVGwMXUjr1itwRCmUKgChB6YBQju5H-Pc5hlx0LC8CuNaSXhLBD2iRAetjz-JQ99ImD9UfbDXXptcwx7rDX9_5cdHChUBtnorkUpi5IDtydmVmDgM6dqD8WuOHWVv32ppynDBjV_r3osMmFT-eSyEB5pSLheNXUPDl98lQ_hLTcUHkEMvnP51GFPATcsai7TPoOnkDp1kjMdKNXWVEIE2riDzKGrQZFfYTX248JgI9B-aqSW297JTUU6xMEP2EvOHQQd-631iO8sUtPZZ2BpnsZx03g-JPkeSOP8wFwVB8C19sK9yOH79NHr8MTb0gahNYO36xyrS2THVlBgAN0WuPzg9DND7tE1SdODsZuXgsNyoFS0PI3dyDU52usKGsDUJGZ4Jj42heBYXpyKIUeGUT-IAQJFKg-Ht0M2Im_XnvR109PrXi8qYiwj0glYRsulUo4y6vRRZiMs7wPYw_v6XZjD41N3hEb_wfYm7MCf2zwb6E7hmmzJ_ARAKYUAmV0xmlob0KmbzSm_LKGQ7hvDKFP7pw_o36_Xy0Sq5vqjmFOFOsq2bVMUt_K6sjUylZQU-wHvICFWrgg4R2kpkaWU8DiauBcLaes-bO1V7F3uNargNk9WvCX_Y_NfnO_0o1D7tpvGFC4vLZI2J8-dhVL1pNErJBrAUBkvIH-l8KR-EG-7hDZ1W5eo43ve0pT-dL-sVZHq6qvaejdTd9Cgg8SHK_ZD9TJ9bIUa_895qIPQkSCupeOcgeRcWWgF97eEFpbh1R327mHtNZHm5Vv7OdFgsKz-WWvJMq87TAvKTGY7Vn6NfCTUkQ2PNTnOKPkaZbXwERaNpPwVsAFgq6yqMm5TsEe3RdfCKP2YKX9YGhia9e5bawsBB-_XrHw22tT2MhpZIvtVpybnk8phtUkW&cid=CAASPeRodd9hCCLeI2UDUOlGI7tvHbAH5em1dwKZm71WY3gAy17kKkSvkkQSLTm-D-ovJ6Qeo4pDSvQr3JEraN8&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

8c2e8a1074ff5c24aa60b437c89cedb701d9db4e0f27c8ccb936aad50b26362b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14825
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 131A 0
0 48ms
48ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CH0yH9qGbYfqxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAaoE_AFP0NFCcMUijBiFlEDKERMkG5B0bDWSQbsPqPLp4GN27q_lkMOwRSgU3RzTC3XUGfRKgT5CaXB7sEZv9cZOGrXIIEkGVPo2PMfBFmgz_vdcwGwwyh1OgZSB_AmxpxI2DA4lddOw4eHUkytJVko-Eqb0nQ2R3RWhzXUkLBagb_TE1jx3706it6HXFwweDoQnPCFdhA2qy3T-yPvRlBIrJMCY64tVRqZAPNeXuWAQuk_6kmsjgI9vhcxbjeSuFdxBghBbsVosdwozJGYhzsKlSNYCivpnNY99eNZgV8RpUwmPHT2fHOv9mBHLLa0ks5QViHmVPr5cnLKXk7uftxfABKnh35TeA-AEA4gFks7OkjiSBQYIAxABGAGSBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQs6oUGPrQ0rgB0ggJCIjhgHAQARgdgAoDyAsBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi01MjI3NzQ4NDI5NTA4MDQ5GJDJCA&sigh=4b2dAaqPf84&uach_m=[UACH]&cid=CAQSPgCNIrLMN46M_WGEzAqVIzTgYYHDg7hf5zO5OaGue-Xzha94TYIfApe3IEO19XaIErekow9pXagW9s1r78lY&vt=10
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 131A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 025628f65e4705b3aaa971ebc2235e9265c1dde9f4334742c965ae88763bd1e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8441 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46a85400d950921c9136f425dd8b20f1c6ecc585fc3eb430c360f01b99d19865

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame AAB9 0
327 B 145ms
79ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kwaqi5r2&c=4254797318482&slotId=2127398659241&qqid=CPmE_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AAB9 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 417716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AAB9 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 260307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AAB9 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTIGr9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DQICzzclUVrqRfQa-TCNxYOlpxNVsV4sj3IS7mhPXmFx9xe41kne69Wu1cEtS58hseX4dXj5m0DEBd80a_hk0H2uBKQlpPzASZT1Oz_PTG3-8vihI3jkoGkmTKRs9pyoppMhD8ok4kcxbOXBt0IRD1gY6EORtgVkh9M6cG1vkLa3FzkccJgbAVFzcXF8sKgCOeSpfX1zsal5RQIp3BLTS-cRpuMa87HEeWfhPMxRf976qxgE7xnDmcQbxSaolxjd5hrFjxsGjCdlkTvmMFY-iLULdq5IDjJoRIYG2U_kmF1LYXKrdWflx1V65CTC1PBczWl_4_-D6bPdxLd6HbwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1637589495714&ai=CTIGr9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DQICzzclUVrqRfQa-TCNxYOlpxNVsV4sj3IS7mhPXmFx9xe41kne69Wu1cEtS58hseX4dXj5m0DEBd80a_hk0H2uBKQlpPzASZT1Oz_PTG3-8vihI3jkoGkmTKRs9pyoppMhD8ok4kcxbOXBt0IRD1gY6EORtgVkh9M6cG1vkLa3FzkccJgbAVFzcXF8sKgCOeSpfX1zsal5RQIp3BLTS-cRpuMa87HEeWfhPMxRf976qxgE7xnDmcQbxSaolxjd5hrFjxsGjCdlkTvmMFY-iLULdq5IDjJoRIYG2U_kmF1LYXKrdWflx1V65CTC1PBczWl_4_-D6bPdxLd6HbwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame AAB9 31 KB
15 KB 67ms
53ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AEZ_y_0mrfK2CJqg9et0ZhPJBO33e9fkKOzn1fLSQshKxG42uymBW5fjvxF51WwQgfeQSShFDz_9z5gxqkeIPEsr_jxA&dbm_d=AKAmf-DmInxJZ1XTjO1aO0QdKq7RCruXheiYgH06C_wxFI563qnL1EgyJrENoRrFboYFE3GBng-eoOYyykh7z5n_-Mpabs9N3s3NYhD099cX5mW576HmFI7b8Jego6H7y4vFQYZIzPAp5p5repDMomuT7D8qHsfBNmIW3aXX7UAYgrW-CoqeIu-XTinyqCHOVZ_jCZELhlL_k60Vvw4nVXUdtcD_7A6rDymcM8BnTWRxey394VIBGZuchfY937ZzhqIf_Kx53T-eiuwE9LNCbVXzszmUrnaKg3HnGCLhFkOAIv7K5t7owMiDrLM1Sla9ooLV3nQBvgn3JntSSMmY4KXNuBhBNw_S1al7TYUZDf9_uTlmwViNQ-XNA8rtFCgvX0t5xxSGoFBCcxx4W1jQOJXR65LuNrk0lWZgySFNiVJmNpiHVyPbUmK-ysYlYs6vYym9b7Xz-x5dd278u-Ksa4DGy4vcUL8jg7560VJnvdNI52bzgjlFfB2lF1-u1OnGlVYaS2-56Jyna9wE0yBmf48_QHDrx-kqLVtvesXxWmqnHKZ3LGy7fLsVaUxKUU1acHgklVwH6t0ON2t-MMKFtYUSqq5M8ikyJgytUA99WpyfFj-O9w-mgPjDhTCDeO-698eee6ZDCPmkQw1uBOTLF28WFUPG6CS3H15uoJOgyqp7_2xniQKtUleEmtsH76dweqPanBPBqrhl-N9BKG3j2PLtT9XADjPP4jiUr22qPZ6AMpUaPrdeuRLzQ99YNh96xaQjsne5WHt1N8MPnJNzqzhkmu7kGa00bp8Ol9dlK4veX8iSqlFnLiq_COQ6H1KE5ys2bhQbT4_txgb4CCOIlEoS1pNZQcf1NCcggit7jrk9YYFPSct8OMXnrr99UFijlFVUSOnOVpmsrKL48XA66dAwKv99Q021GVZL3bJVeMjTVpenv94WNwzapLyEJLoVr4JZOz1xypoXj9DigDuUmcSgDRXd-nPWSLcrDkMa_Aa7_3BUEUa6gM6Bp8jHRZDA6rZmtpTSXqmG3dr2W7YR_WY7WsBdfCWOWXKi64EF1xH_BwyjJI-Wp1oebBZ0fqsgq5I6NxI2TCHmggkNhRMs8wwavKF50QituX_3ZfcSgXrnMSmsV5z7lf2ybWhlaBjOflnt4q1GELC2nPlEmFe-FUU9CQm2fQY4L8VDTynZtE1XhmR77Sk_ctuXPhVcCM3PiJN9iwnMi8ykBue_o7NfoUac3_CoRdTHw4Ng5Jm16-z0AbuPpW5waV4WJKVVd7skWaMazIAWn9Sl1y48BYbhcCHZyMpqNgSuuRXgKJVuu2O9AfgjaeewAkmXXXdYN-Ta2KhrSwkRxoKwdH37b0mGfAUvIbrK-muRqp7hDN2EN4K9jTkq-VTpq_sXsn03JvvHWVjkrAHDxOevaRPGnYyhLM1sch7NG6W1porU3h2DByyoWcCyawrXi3q2Mp0RuFlAz6zdwdpb0IRyKjZIvoz7mg_BT3vMvAWbgMHvNqK7kEYuFQ4PBxkw_bA5IvrHWr-GxQJ2VO2joCTaCSGU40dLEINkSno1xRBfQ2ut54AJSWf2bDAXPeEwO34Hy7EO5kO8sGiQyNQRuI-ELGrxhqAJu94Vk3PQBOMmnCmYyK71k_suIEDbHwkNXF8uB6hIU6J9don43NQHYghmxDV67Ah-OQqxeXVUlgAI5Kjoqeo57TVsvr9p4jU2IfcBYd7Q6aT5nctBIFB7ByzTBFo57SDwgvVkxfQ4P35l-MBzjC1expsUes53Kxe0YhMSIJrEUaeFJhCkgcDpllGPJeGucl-e347pVp5loqpxXKCMUVUoTp1vZsjWdl5QNi7dGeMuBrFEO_PXwEKjzico1mkg6MwEtlTJKSFk1DxEjtvYkrDLow_LlZCPwLOZtCsuL3jRRdiXHkAjnqvnwGCDMrmMezZUe-l5XB2WQF-cVTQE1dSE9eJj1SHuVJxLg7JvHp241L-cPq5EieAK1oaye92iEB5eildySGCcRBRXRSy02FhDG29AIGBNSLeVD7OR8B0fZ07e2KtFV3wdBxXdvRGGPBC333fGLFqPHnKkZlsdDyD7YOBfhewvC6psQeXsWeZPY2pscwewmw5kovbBqSjHIvAnFv3slZI9kFJq2fc8F6GdBOZatIP2zK49dz8IYuSYhl_S8SEDQVbYPbjdFagZ26sLM_uo1G3NE_YQOq55pB4A301L9BGA8hsgTIDy13T-EXh3Zb2UoI3d_FiKiyRI3iImIwu8g1FVzCkNLyYXwPOByKcl_tNUwooISm8ErlxdmCuADcwojk1W2ZSG0Xgiwmws3E2CBgmEg178KbDzLhRHT9edaVwU3nesX0kVnWp4zP0zdJX6pp-OfmeJyH7Z1zmt9q4hn6rFFF9ZGFaGeNf0Qzk1DrqzHBPpsRRQk-62ec5lr_1iuHHUSYjgZgtdw4muJC9LQGHOLPHF8FiaGEECvBjBXmGNXleUwkrmWsJJTRUACM8WzQlIQZAf-cZGXLHmRMrPSHdjRH0oUQFMlLi2bGJ08yEvCszXmlcNTjIz1o2J3mR8uJfHFsQhLTY8Th9y5s2IYCDWTSuVQqZ0YOsQkJ3l1Z9HzPT_UU8V32Q0hqESnxxOvG1L9nwBvnhS92bIm84raEf4kQhhWsIGylJbRuHC1-7-yewSlER-BC6d7dNshEs9xOjQ6KJLIE3yRL4P2GNVf7773a4oj-W47ZqLgzAarCK1c8vPxJUvN_JKbDJ_LImxhE-pKh39WPUHO1e5lwec4sX5JAT3e4uNc9nTen3kpfoGOVSZ15JevQz2kzgIc-rJZ5RRVurMDy6_0fEQWoOOpv9IHYPqNsPY9J1TAin_oFHI1NZyH2KuuPe8kmLsS79ESvsobWavF2dgyL-u3CRhc0vfsM1cQZqzvDW4i6qRtsz6sHGvRBMxhSB2Y71lHNuGfg8P7C5xv_8ujgsPzct0eabbeZp-AK_p1KMBDdA3QfIYHmtzYY-bjSUszur3IG7VgnjllWWcnhsS9KtRFq3DM7nxOPa_Wwnuflhre8KW5YsbjAF-0dL8y8KzgyqLt2BId0HT2LgKLzsxrNPQok961vXt1wOJ6tXKZ0IombCS0oMZ4TwTjxP1j9ZWfKEktoGzpaPb5cLvlZLMzc6hrTanfQjGNOW4cJUiLk5aD8llPYb1ar2Dwc9N_8QhUNyLEeBpAYmdyOB6h_GniltB64GLgtOXzSt5NOp8JlHAJc7UHRxCuN0RvmrPiAcCIj_sGwSdmTZJn9YCUttwIdieK5VqztsJwrodwCj1f1psPQnUFswfkTtWNGi8u4o5L3MsNydclYieOPJRlyVu-IGBQIBpWEgRZePYYdWc3ieBODcnOhPyjTH3GrJ-NZUOTbS7KQ4uSnTyGTMQnMdw9jvr8GQQeRXFYkiDoD1CsVa-L1liVl9GTWZpYD7k7mb7Q6xuHjJ92Rn6tsIA&cid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

f29a9a949b7e381a7bac2655b31a4569b2f33fdf4f82616c739a1d730c36ea56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14860
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AAB9 0
0 45ms
45ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTeqW9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAaoE_AFP0NAgLPNyVRWupF9Br5MI3Fg6WnE1WxXiyPchLuaE9eYXH3F7jWSd7r1a7VwS1LnyGx5fh1ePmbQMQF3zRr-GTQfa4EpCWk_MBJlPU7P89Mbf7y-KEjeOSgaSZMpGz2nKimkyEPyiTiRzFs5cG3QhEPWBjoQ5G2BWSH0zpwbW-QtrcXORxwmBsBUXNxcXywqAI55Kl9fXOxqXlFAincEtNL5xGm4xrzscR5Z-E8zFF_3vqrGATvGcOZxBvFJqiXGN3jmtuiwjgqzk-P9mVcy7_DG_mNoL-VGJ_PrnYYr06o_9rpaFQHnOkdtDgFqbh_h9fls46hPgnUL96oLABKnh35TeA-AEA4gFks7OkjiSBQYIAxABGAGSBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQztMWGPrQ0rgB0ggJCIjhgHAQARgdgAoDyAsBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi01MjI3NzQ4NDI5NTA4MDQ5GJDJCA&sigh=tI-RhtMZ3MI&uach_m=[UACH]&cid=CAQSPgCNIrLMN46M_WGEzAqVIzTgYYHDg7hf5zO5OaGue-Xzha94TYIfApe3IEO19XaIErekow9pXagW9s1r78lY&vt=10
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame AAB9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5c6bc7ed1169b20bd8901591a0925edc1c19a0565367a8aefac3d53965c12c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FC4A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e49fa2f6054be25d9382747658520fd63e29781cd912a5534b82f5597b984a84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7E44 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 21 Nov 2021 14:25:07 GMT
expires: Mon, 21 Nov 2022 14:25:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 84788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D232 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 21 Nov 2021 14:25:07 GMT
expires: Mon, 21 Nov 2022 14:25:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 84788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 6102 12 B
278 B 50ms
14ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=indianexpress.com&callback=_gfp_s_&client=ca-pub-9517772455344405&cookie=ID%3D2318900854c20a86-2212f1c5eccb00bf%3AT%3D1637589494%3AS%3DALNI_MZq1Q23M9Pt5UbPeusiQrJa39EUtg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6102 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6102 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E43 436 B
234 B 142ms
142ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046725&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637589495513&bpp=5&bdt=191&idt=254&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&cookie=ID%3D2318900854c20a86-2212f1c5eccb00bf%3AT%3D1637589494%3AS%3DALNI_MZq1Q23M9Pt5UbPeusiQrJa39EUtg&correlator=4382389988991&frm=23&ife=4&pv=2&ga_vid=945062858.1637589495&ga_sid=1637589496&ga_hid=1027256617&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=985&ady=6753&biw=1600&bih=1200&isw=300&ish=250&ifk=2331721683&scr_x=0&scr_y=0&eid=31060566%2C31063246%2C44748553&oid=2&pvsid=896682008534951&pem=938&tmod=1078950880&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.tiwphhkcm30v&btvi=1&fsb=1&dtd=268

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f3afc4c9bac5ab7475f8201084187aefa9437460c73789b7e417bafa1597eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Nov 2021 13:58:15 GMT
server: cafe
content-length: 214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 csi
csi.gstatic.com/ Frame 3026 0
54 B 79ms
78ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kwaqi5ta&c=7811779344594&slotId=3905889672297&qqid=CIGF_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3026 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 417716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3026 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 260307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3026 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cop9v9qGbYYGyL6qB7_UP7aGhuAvngcLOZoXk4Mz-Ds6UlozIKhABIMClqyNglfqigrAHoAG9jYKfKMgBBagDAcgDmwSqBPwBT9BwQaU0LBOhTpmKpgJsUwp1ktfJSqInfhNIWWYNT75dFipQWeJihktbej3WIqwuxEa5i6GtXcdvMAqdbxEk9kZ4x_rpu6pwa3OSvMhzQ4PPR5Nx3kR8SPiby44TET5Z11rxtaljkXGj6B5eEyuYgiJXKRaIcG6pK_jVF23EFPDBQ6GkgGE2aGNzNVrILYE72HFD0_-0yF1bciItXJfSpiROCqRpFef_Yaeuuf5jrp5w6_pxVL7sMGTOYiuuo2agiX3rEya_enCinMx-JwW1hfrEyOT1Ulv7CFrrSQlf3DDsYIZg8K9fJrPX14e_NrOZzMP-eNZgwxGpj1DzwASpqp767QPgBAOQBgGgBk6AB73F0v4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBOZ5K0NyBP7_OneA9ATANgTCogUBtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1637589495793&ai=Cop9v9qGbYYGyL6qB7_UP7aGhuAvngcLOZoXk4Mz-Ds6UlozIKhABIMClqyNglfqigrAHoAG9jYKfKMgBBagDAcgDmwSqBPwBT9BwQaU0LBOhTpmKpgJsUwp1ktfJSqInfhNIWWYNT75dFipQWeJihktbej3WIqwuxEa5i6GtXcdvMAqdbxEk9kZ4x_rpu6pwa3OSvMhzQ4PPR5Nx3kR8SPiby44TET5Z11rxtaljkXGj6B5eEyuYgiJXKRaIcG6pK_jVF23EFPDBQ6GkgGE2aGNzNVrILYE72HFD0_-0yF1bciItXJfSpiROCqRpFef_Yaeuuf5jrp5w6_pxVL7sMGTOYiuuo2agiX3rEya_enCinMx-JwW1hfrEyOT1Ulv7CFrrSQlf3DDsYIZg8K9fJrPX14e_NrOZzMP-eNZgwxGpj1DzwASpqp767QPgBAOQBgGgBk6AB73F0v4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBOZ5K0NyBP7_OneA9ATANgTCogUBtgUAdAVAfgWAYAXAQ

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3026 30 KB
14 KB 59ms
45ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bo1SI6Mit9Tz1IUYTEXubkMk5Q974auSUcCE1Kbkr-i12A2seasTPz9xoWNHghCTtPtg6O-vLyKZgxGURb4TwCSYD4xA&dbm_d=AKAmf-BvWkx5Mweho7Ea_UAr7Ztc-SPlHxG9CG2Pmm-T6Uko32paDCL-tGO0wadkbWIcPpB4gE1JJIdWrNWZpNF5XWuqB15ACd8Yu76oNnqYNkjmVHRBVinUlaSA4kdK7-A6lPrEM8N5fZ58DJRrS8Qz1H8HtKX3RLKYdFtZ1PtKerOAm1Y26jJfrC3bLGCQMUwaovEL731J9G28OrxHxQ1KzLxnOfgayOTAdD9yzCGTr2Zee8tw47QRKQ9dqUEUMqGA6lJzBj5R3lfGCT2dcGPOpL3ZzIgmof6h8xeLACqB4EO-qy7xtwL-SJTvea5eAai4TAHGGL5DInfiJE9dbQlaxxetS-X-VZOkNejyoOLdnNoGaQLeo5WgfnhCUa4hqdaDs_m-ZGrg_M1vBiBv34VUkSFFiTFoH-sdvp8KohU4XnSx5zeIjPFLDGxkf1sXxI0ZbfOFiLhiWKNH8stlXazDCT0i_SwuIT_7WmI8toMmt8Zj-1BufM6cDTFwm4vGmHIQ8wmRoB0MX3UYQnxVqUsRuJVQ7PyEbYZIlmlNSl6QXsT-H7qJgwbKfcqwcAuj_Lk1R5ilZjtvtZ1zmdzasIjLpRTbfx_bEqRoWfQ5W5V-pHE10-UQH1ymDo5SND2BWxupoPGNGSme6Dc2CMqA9mfdStMAfitfrSsQbPCInSIGYuAEo80dVsk6BnvY6NAkca6rwdY2fGyZSUAscvrLlu5aV-d1qaS9k5eumxuU35osoNXUSjxT_JVlxhTA6YFJNBWM1rSw5z59TPAvE1n4szruIWAtniURlAE2A-jiZOE49l16BfEegP8vdVvk7n9Xy1jZuozs5BQfdKHDUhykWX-pybrqUNuf-QOiPre30mBG4syrQS90iz74NDIbt8cv-0xPOixB3oB3D5aGrhlWUWpMyXEXgAhBh2znId60FROjb3yDX-swRbg0ttveoWQ8huB--MzORp80CR2uVf-Y-bHjEcnPw_LeDY9Zb1LZqEgwBorsv219DW1MEiELs-QKmLxYPqn9w9N2TynUP-ju_assC6LTprzhF1pf8esUlzBGsHyds8CaKNXV8Rs8Zcth9YKM9oJB6TCUSQQ6Gj58CwLYmj0ygtMJfXCObcAdCy0SFMU8BLIfJJsdB_MpoBLwQ7eAn0C8XVH8YclXBacAFGaAtHWRx3JWHPJ_J61-bHdvspFC3immduHsB_3ipEpuJ77ZAYEoepIW-QHaGqjB4rZQDP5elruucnwipHU96GKX0Kv62-R_34VUNDutgF-p07MJGkAn11UVDw2WTZYbrR9uPQbkW-3daLwBMjerQ_L8XLMcHFoEK5EBo7YPawxExMqFMaXctjl0hFNahwHTFRS1wb1z0VW3v_avNUn1zz9OfJQ4Zupxxg6ECVfXSo-PtMjURYPBbKhK0s6EZceg1l2jBMm8Yz38E3CgDt4evF-YeWckR2jotMkl_l18LWyw1vhEiGqW7-qzjhSUCSoROUEz7oieGExaa8epFzFrdwVbczfKdK1dKwLjRTe_G_Qzx2SGhWAQUunDkB-lZ0aRmdFMvp8E4jKpOEurdHBFUcDHNXGxOIeLxQaNeevf7TnxBS8MpFtqrA-fV0oRpeIgGSauI54De1Dhevc-krpz6kWX6i9X-5YwADy1zI0uM7N9BY76lRrDNmae4FrxZUk9ES2KepU25eZCnGh1DSFuWz2-s5as40qgf_qD_Rgpm4e2p-m0pxzmHulPE4eUrWJGS9W_ZKrqfo-E54rpke7Xi1elbd4ZHScMPIrYnFrPz-0sLCMBa-kTP7igP3ai60TFcstWHUMlDW_eclCTs_otcBCQLO251W16NZAJUrSguKweWGSE6KFOpSy5X_jEOoWMlkAhoLfdowG9ikegNeR338LqYCC2jdXT6EUoxYut1olCrxiO9iBE1Kfuc7WGZEM63sYg4zi1o9chLSZ9dVlKbRDrNgiPVs89WsZYUHN6vnfUiNjSriGHgtH5_NzQA6A0oSjQ1pSwx7DXXPxW23amULjDTCl1uz3F4RqB6YhJnVmffxsHLmMzeVtCfAmRuhjqHOjLLGb1aXHqfLKAedl6OCW867kTvzaAsEqJI2TcXWlWMPFF3y2wDyBhSio64pwGnO7qXkmnNPjrhRqxo1Hqly7DDKl8CAY65wZEpY5D9FeDAdhLyeDhNK-EfCSjHH7aeuFipyKV66UYt0OPjov0_DtmAf84ZeaAzdgPiUa-Pxush95rUa7I99VaHsHcxi0nszxeWQX6GgorIanT9E1FnERUWwVCFKJUG_wXcQSER9PJ8P7IdxOxKIOCgcHHIlTKax4CdSdPbfwNSraIVep6mjstAaCpKNYCHJeVaVvMsU9Aq8XAyOsULzLkmouhZMha9yNjkkNLKWi-CvzyDlawh5aqBwpvskoBFj4a7aWPTpu5u__LOGUf1Svs1RkWDxvguu082_YGNwRhtFz9YqM3fYXobiidgdir_0yOIyqMU8nkw3-EjpS5-kz7jv5cycOrV-i8hLJICFE1xp4Lco-ytUNL7FBeBl4Ta-U-3Z4qF3vaqTRojiTNhw24VoPU8zXUjXgJknkexScX_S4fZH1AujZE4lc91LbGBD9jRetdGYR5q71WHcJNCZvhBM377OS70pIPFBDoUL-8TNpzlWHJS9e9UYk0ktHr8EzTLLZOlUfiP2uDP6gyPnwxA0NPRVT3910pHyInomI21M_R72YjIPGa6ZtKrind6vuXEmPtMnieRBCb13PQ_1WiL6NHAIcMhthk04SYzA_oQUcImrE1kXao2QgqFd3WZR26Nb9h2DP8dq91b8ye82o36Cs0MSQJmVBw2QLbtoU7kH7adFmAY0_gGfuaKczG7RKNYwzhEl_euPS5tEjikqtj5NHyK7UcJjBVV1kVQbcAfu83330OjyYD8Lku5m16IXHiYv3J3eE8iOgToP0aqbxACwzD_vP5c6q6O1AqIvuHeUj8pKWR2uZZo-0jCmI32K-Mh50Wehuy7GU5z4ZQJZxNpVVuzEAOF5CE01_ZVvDSLxJhYddgTQ8PvGiA2UA1msEbg0whCu_d0uVbStQNCkrn_iZV7mLHU0ufiIkBCY0jndqXlcGGQRQNdpIU0A3Mm__aFEbl_AQSjLjraOWQkbJqOHGEFArz0gGahDzGq6XRWdsdv3Y-1VTwnnT2mSM2b2jVmt38W0TCUEFcE9IjF5IfPndGql_ZGIG7zRvEYSDE2gOBiKkApaLW6_zEP71AHWk0QcqGvF0Ocm9Vsk2S-v4vJeHk-ZXgsbGXopdC13pNXXKv3GkPqEElnDaoDOrv5EMqH3CCndi5opbWNHQZElGoIq7JzqBYEz8xVkquNobjujb2Qqgw25bGGe9ivMi0OBEUlJfu5eNmosfkWlM3ReLY2rilRv5H0xXs55Vm5Ea174eKXBmsjTPMpHLNssUlPqE&cid=CAASPeRoh7AetV3tgCt7UFCchPC8DayltHK_IVC12r8CjnYKjJJg5y-gTByqb58RuTdoO-QwLjACNnjpsZYQ63I&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

d8986a1ebc16254e57ae9fe30eac9eeabc69afae24325324ec78c6b90df9ed89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14763
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3026 0
0 46ms
46ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq5kB9qGbYYGyL6qB7_UP7aGhuAvngcLOZoXk4Mz-Ds6UlozIKhABIMClqyNglfqigrAHoAG9jYKfKMgBBagDAaoE-QFP0HBBpTQsE6FOmYqmAmxTCnWS18lKoid-E0hZZg1Pvl0WKlBZ4mKGS1t6PdYirC7ERrmLoa1dx28wCp1vEST2RnjH-um7qnBrc5K8yHNDg89Hk3HeRHxI-JvLjhMRPlnXWvG1qWORcaPoHl4TK5iCIlcpFohwbqkr-NUXbcQU8MFDoaSAYTZoY3M1WsgtgTvYcUPT_7TIXVtyIi1cl9KmJE4KpGkV5_9hp665_mOunnDr-nFUvuwwZM5iK66jZviI5x6AtPno8R1b_u7gOngurQljiD_ZNDGrBPZDjVb1KFm1FQ86BoUync9ZUgxhfhAV19JgVeocIznABKmqnvrtA-AEA4gF97f_8ziSBQQIAxgBkgUGCBsQARgBkgULCCIQAxgDSMD9pAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB73F0v4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQnI1gGNnUgbsB0ggJCIjhgHAQARgdgAoDyAsBsBOZ5K0NyBP7_OneA9ATANgTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi01MjI3NzQ4NDI5NTA4MDQ5GJDJCA&sigh=CjEQ7fwD5Ew&uach_m=[UACH]&cid=CAQSPgCNIrLMN46M_WGEzAqVIzTgYYHDg7hf5zO5OaGue-Xzha94TYIfApe3IEO19XaIErekow9pXagW9s1r78lY&vt=10
Requested by: Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3026 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c924eb2674f00421feb99334f1ea3993646b3c78b0bf78801fe975afdd146268

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B9D9 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 21 Nov 2021 14:25:07 GMT
expires: Mon, 21 Nov 2022 14:25:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 84788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3AF8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c46947495d56c6d2c5c9fb851bb6affbcd9a615a0cf5abcaced5978b87a51f3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 131A 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:50:29 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 131A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

54ms
7ms

Fetch
video/mp4

2a00:1450:4001:1a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C2E46E87183BE5914675CDE3CBD7B9C564FF37A.178EA604079972A5F79676D56F16D4B3C3652E21/key/cms1/cms_redirect/yes/mh/tm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edndz/ms/onc/mt/1637589217/mv/u/mvi/3/pl/48/file/file.mp4

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:1a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:58:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1764475
Last-Modified: Mon, 25 Oct 2021 13:57:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 22 Nov 2021 13:58:16 GMT

Redirect headers

date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C2E46E87183BE5914675CDE3CBD7B9C564FF37A.178EA604079972A5F79676D56F16D4B3C3652E21/key/cms1/cms_redirect/yes/mh/tm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edndz/ms/onc/mt/1637589217/mv/u/mvi/3/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame AAB9 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:50:29 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

53ms
7ms

Fetch
video/mp4

2a00:1450:4001:1a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DA42105E9F1E2E14A8022E768F838D0FF656A38.6A7BB4376087D0CDD40A5A4070D5D68964DA76C1/key/cms1/cms_redirect/yes/mh/tm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edndz/ms/onc/mt/1637589217/mv/u/mvi/3/pl/48/file/file.mp4

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:1a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:58:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1764475
Last-Modified: Mon, 25 Oct 2021 13:57:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 22 Nov 2021 13:58:16 GMT

Redirect headers

date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DA42105E9F1E2E14A8022E768F838D0FF656A38.6A7BB4376087D0CDD40A5A4070D5D68964DA76C1/key/cms1/cms_redirect/yes/mh/tm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edndz/ms/onc/mt/1637589217/mv/u/mvi/3/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AAB9 0
17 B 147ms
80ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kwaqi5r7&c=4254797318482&slotId=2127398659241&qqid=CPmE_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=977&mt=video%2Fmp4&vs=360x640&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.w8
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 94A8 2 KB
1 KB 39ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Nov 2022 13:58:15 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 94A8 2 KB
1 KB 43ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Nov 2022 13:58:15 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 94A8 308 B
608 B 23ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 17 Nov 2022 13:58:15 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 94A8 507 B
807 B 22ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 17 Nov 2022 13:58:15 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 94A8 43 B
344 B 55ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=A5RH3Zt1HowF9H3dzGVcTo3v6dOkWKYrP0LZ3ikDR8QtpY0fsOA0J60sQQabQXAYYviiK9FYdwxRhBBbYW57uL52zZmynDD2JIpPQaucevGxI6FVkwEFXQkpW_2ZnEQon1tYQ-CXr_GBKwQ3IxCwTEc7cv-GFdqf90BwgqGhqeX8QEl9wd78H2MynDghngmIGgwpx7ktYf75zKYc-Y2JbYhHR-V0TRg4OmKl04YGqAl6u13a9ItjB3JfiLSl2nOfYxTj22V-sz3oxp9SzqnzlEo1D9mso0BJLpEhjHpUTEJPiEXQTD5gN16nJwG9MtPlBEGV4WpG17Ko8EqGxFHsJxqhZhlPLCyeJhN0VeCl8rErDkGpuG5j_s0ev8kO_tIe-iyrqnqV49uXZt2ZfjXOIpPuSq3xYKBPMAcG03hLkYCdnDfvtUq4PrxUabkIAYk9rAtoqw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6182
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3026 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 418066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:50:29 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 3026
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

64ms
7ms

Fetch
video/mp4

2a00:1450:4001:f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2543C6590B9D9F9B31170107B1ECAA80EDD53028.5C702B0E8FF25901B4F73F407BF2F1F0F9735629/key/cms1/cms_redirect/yes/mh/Vm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1637589217/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:f::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:58:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2240767
Last-Modified: Wed, 17 Nov 2021 19:44:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 22 Nov 2021 13:58:16 GMT

Redirect headers

date: Mon, 22 Nov 2021 13:58:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2543C6590B9D9F9B31170107B1ECAA80EDD53028.5C702B0E8FF25901B4F73F407BF2F1F0F9735629/key/cms1/cms_redirect/yes/mh/Vm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1637589217/mv/u/mvi/4/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 blank.html Show response
dac.contextads.live/ Frame 8861 5 KB
3 KB 8ms
7ms Document
text/html 2600:9000:2156:e00:f:b7c0:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&amp=false
Requested by: Host: dac.contextads.live
URL: https://dac.contextads.live/dac.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e00:f:b7c0:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4a0b095a84e1405fd830aff4a6fc1c7e9f8634ae68f3660adc0304c8c5b3a32

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

content-type: text/html
last-modified: Tue, 15 Jun 2021 18:31:04 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 22 Nov 2021 00:15:41 GMT
etag: W/"11de4e828b74e76169c84d9572721885"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DPZDNNEp6FJbfa7rAcEnq7jIPYRuykVanitxvopgskCPabS_F4GZZw==
age: 49355

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 94A8 12 KB
5 KB 40ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 334206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rnde46OB0d%2B0T%2Bl3VArl3kR33%2FgLrLMGqEIyT6co1MGcT356OEJCaASRrW%2BQp%2B9htTjI9UKNsNcEOJhd6onF7r1%2B12sOPJnfNf46Cmat%2FKFrTU3GZLtwaZcRUyC23Y0HHST7viEo1zp2rPNnKueMRVHm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b22abedae72062d-FRA
x-cache-tag: abcd1234
expires: Sat, 12 Nov 2022 13:58:15 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 94A8 12 KB
6 KB 12ms
12ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/animejs/animejs.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Nov 2022 13:58:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A57A 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=239235206265264&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 08AA 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Wed, 17 Nov 2021 17:50:29 GMT
expires: Thu, 17 Nov 2022 17:50:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 418066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 0DDA 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Wed, 17 Nov 2021 17:50:29 GMT
expires: Thu, 17 Nov 2022 17:50:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 418066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A8 163 KB
164 KB 68ms
27ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=43772&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F43772%2F190905%2F03bdb82863ca4b679c716f4f57df381b_img_square_1.jpg&v=3&w=1200&s=UTZxmKFqj5Nhe890nCn-NL_-
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: b2dc9a11b5b8b3ae2fc9197cb6dc87883d6abcee6d327740e86597e327d0b4a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30998371
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 167258
expires: Wed, 16 Nov 2022 08:37:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A8 5 KB
5 KB 60ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=43772&q=80&r=0&u=https%3A%2F%2Fwww.esm-computer.de%2Fmedia%2Fimage%2F17%2F1f%2Fca%2Figel-h710c-thinclient-via-nano-u3100-1-29-ghz-via-vx900-433-1022771_600x600.jpg&v=3&w=400&s=f2wD7rSFIrDEW3kkZ_KAuX6E&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 84f3f7fcd9ac49ef508532744cf3e553a713ec643a828555ecff0afeca8fed38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=13388292
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5124
expires: Tue, 26 Apr 2022 12:56:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A8 9 KB
9 KB 60ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=43772&q=80&r=0&u=https%3A%2F%2Fwww.esm-computer.de%2Fmedia%2Fimage%2F04%2F89%2F44%2Fdell-latitude-e7270-core-i7-6600u-8-gb-ddr4-256-gb-m-2-ssd-webcam-1019769_600x600.jpg&v=3&w=400&s=vyduFnZtPD1xqNuZX0GKbqqb&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ea08f8c933f8cc02f21406cd25f821690afc579cb1f34d58046cf8cc22cf75da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=13213479
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9132
expires: Sun, 24 Apr 2022 12:22:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A8 10 KB
10 KB 59ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=43772&q=80&r=0&u=https%3A%2F%2Fwww.esm-computer.de%2Fmedia%2Fimage%2Ffe%2Fg0%2Fce%2Ffujitsu-futro-s520-thinclient-amd-gx-210ha-1-0-ghz-434163-1024517_600x600.jpg&v=3&w=400&s=XFWhJZffqlk6ko-3NOSlnFd5&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 8c832850204e351ac21aa517c01d56466c44d9cf6bcd9d1c8e48624ef891ff97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=13361382
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10470
expires: Tue, 26 Apr 2022 05:27:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 94A8 9 KB
10 KB 65ms
24ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=43772&q=80&r=0&u=https%3A%2F%2Fwww.esm-computer.de%2Fmedia%2Fimage%2Ffb%2Ff3%2F60%2Flenovo-thinkpad-t460s-core-i5-6300u-8-gb-ddr4-256-gb-m-2-ssd-1019890faGVntEmX0Hv4_600x600.jpg&v=3&w=400&s=OJmCAtAjYY8SmbjzSSZR0ADV&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 98ef25d37a3bbef9663f37417f578e98154cffae67a2a6baed00c0ba00bba7a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=13194769
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9678
expires: Sun, 24 Apr 2022 07:11:05 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 94A8 0
99 B 53ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=Iw5Ib_s5a0EAQoBDXdA63r0_7nysGmrmUe7x_VCpsx2TMW45LuKbm3Fn_Xg6gCA-MxVMDf9WsLpoeHJOd3Rh9ZEa-BxPyb62lwU0_iPC8u02kwU2AX_y-imhC3TOSjjus0sokk1OlfW3ibSd1YJkSXw9VmQztVh6ltCCsQWgifzb5z0jX0g1PSHVpJSRz4kK22Q02iiFxGWJ158V5t_OOC864OtPRkEUjXc56p143bQw4YfYImD9B7Bg-nwe5-oFyPPvPQ&sds=2&rev=79542&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 13:58:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 94A8 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Nov 2022 13:58:15 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 94A8 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YZuh9gAL2PsIu8CqAAhQ7d11fiGqaxs5WvyzRw&u=%7CjgmNRaoUPY4D51jOwdJDZb5evrR5i0uKe1MCSFZe5aU%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdGGhB191eAyn_QVhHrVzTWPcFDVwMiHPpUT0qef99Uzc6R-s4w0lZ0d67TxwyDDt-0FfUXZrIyUO3DJq4kqAWBYQZTOmzYLCYD4oWiUw7mzujxFBc0zcGiZc30-cUQ6yV22XtF7dY2CXrw_tVRPVHedMW5SI9HoVnJbraBiqy3lfXSlLlWVpfBPIVExld2gosxTMDLyqFXy27VU9ZQdZZRsACoJQayuGgLDT7y3_BfY9tp5VMs9dF54WqQVQdtu2r1SvxoUXa4ntmNlFWdLMAVan9Te2QSWu-gNOwDQJccPesKchdRsLnelhhvUjefsThPa044_6u2kLeg-5O8JxUnbwdG0V5p47bdtjiL8VmADZm1HcFXCAQk0YkVmJUPb11_OHCfXzUXKlucpKMXW-SwNXz-kpyBmmqE-wCxeEdalzCJ-fMLsqrlh-SPipShFJwvSR0t4TqJCmMY3IOXPBJTZLf3H5aip-h94zUQ9qNJR0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbntY9qGbYfuxL6qB7_UP7aGhuAvJntKxXNWdkfdwwI23ARABIABglfqigrAHggEXY2EtcHViLTUyMjc3NDg0Mjk1MDgwNDmgAdW20uoDyAEJqQIcIRu3xe6yPuACAKgDAaoEkgNP0DegLPAXBCCCzd0GP4a5q7cw-RLHNFLebVd6ejoZAf0XVaUfXxxRi1nC41efYmr1CEX3x7jlgjFMPDjLi4WQf-U4c18bB6afYb5zxLSg-HFL7H7VOOgBcTCIuY-iQaCywkElhZ-1pS-MCPnqoEvK-c3VLnnsAhqMC-MNQ9fE5sG0tNtFwFi4x4qLQPXaSzsJhsk8WSEgQBsppppqWrKp7fPgJgtkLd_Zy2jiAtuefCvdZwp78eixuQnQOYgTSouI6eusSZME5IbanHtgHvsKUNPYZBLnZlH9TWSrCSr945OGgspSz6eL-kiTCeev9VMkMZQlod6AeohHVDr5cgloZMj2byZENO9HqdD0Ar0hM-K8ZWMxrleHj9eWGM0ve3koTy9osfRPsITpbghghL4jm2b5fe-9Wy3YddSoDfbw9jPGu5ZM7huupWiHBiE51PO1RiA6vbJfs04BWW-cEicvB4_QMuYgXlc1-imVwUTd5ZrXIJhfYu5yk6IDkWVXJyU86c3G3lD58vbi-eUQVJCzdUPgBAGABtys98Xil9Sl2gGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12qnJ6RMxt9IUACBqquXhmjy0aEw%26client%3Dca-pub-5227748429508049%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:15 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Nov 2022 13:58:15 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 895D 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Wed, 17 Nov 2021 17:50:29 GMT
expires: Thu, 17 Nov 2022 17:50:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 418066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7270 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E44 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame D232 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H2 200 client Show response
api-cengine.forkcdn.com/ Frame 8861 2 KB
1 KB 290ms
247ms XHR
application/json 2600:9000:2156:5200:18:757a:bc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cengine.forkcdn.com/client?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&device=desktop&product=audience
Requested by: Host: dac.contextads.live
URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&amp=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5200:18:757a:bc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 / Express
Resource Hash: 70031b3e4c4386676ac6d2c56149b6c123c8b91eff8340bc3b51b1493c0beb48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dac.contextads.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:16 GMT
content-encoding: gzip
etag: W/"6cc-Q8fUJMp3ny8+0DkVjYA5YseFd1k"
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: 52AzMFlmBfCYkiPe1Hc-kOAnuMFilZbmHeDrs5xX1QVp4uWyZ70YnA==
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame B9D9 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 94A8 5 KB
660 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 12:12:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 13:58:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 13:58:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6102 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt1N1lsQlMsI_AB2CsFEyJ3MqLkp_KdAO4qbXe1FJPyOWK4ZyhD_8QzJRIyXga8Ir635TyOKm6X1yO0bAamTgSxAVgwC7pIZymsigjKI03qFegQ1-UcHkrbdE3Vq1fxk7xMfpqFOEUYYxVmBifXio4__EAji1f934-ZAI6X8V0KR8KyGWXyXqrf8wl1nxSnXQYFeL3j5tp9euQ_h37LhlWPv14gQl-5O_Qcar91zF4fIF7IJJOewJfg02bkRonJ5VoJSleiM3cltUiAYa_ROWdvu-3GLWvhtSmCLXQzWbcR8jwHdlJkwtPfjMNhwUZvBZOFx95B_zvvbc5IcTRUDM-ROHvd1a1oHtJN96PDHGxpg&sai=AMfl-YRPUQ-5Fxc_b_kPOUEUHEddSzWmMhIbFD1WKLBsl-3pB3tySlB9khE3dy1Io33IOkKxrTesA0-ZIy0mewJEa8mOs57OF3_r2Z3mGWqXMkK_--KLWIovC5T0CT-Wsvk&sig=Cg0ArKJSzAW7BTU51V3-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Nov 2021 13:58:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6102 12 KB
9 KB 34ms
20ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17943514373d9d532b4cdc3f750d32d9a668d6bad4f601cfdf1996a44acb1c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 13:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9217
x-xss-protection: 0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 94A8 44 KB
44 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 259574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:52:02 GMT

GET
H3 206 file.mp4
r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 131A 2 MB
2 MB 16ms
7ms Media
video/mp4 2a00:1450:4001:1a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b37c16729f79e9ee5d11ce3b86515e2d1870aee55d67f06d796ad22a955bf0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1764474/1764475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1764475
expires: Mon, 22 Nov 2021 13:58:16 GMT
last-modified: Mon, 25 Oct 2021 13:57:24 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 206 file.mp4
r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame AAB9 2 MB
2 MB 11ms
11ms Media
video/mp4 2a00:1450:4001:1a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5edndz.c.2mdn.net/videoplayback/id/db6fc036ca733f42/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779618245/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DA42105E9F1E2E14A8022E768F838D0FF656A38.6A7BB4376087D0CDD40A5A4070D5D68964DA76C1/key/cms1/cms_redirect/yes/mh/tm/mip/2a0f:9441:5:0:e9::1/mm/42/mn/sn-4g5edndz/ms/onc/mt/1637589217/mv/u/mvi/3/pl/48/file/file.mp4

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b37c16729f79e9ee5d11ce3b86515e2d1870aee55d67f06d796ad22a955bf0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1764474/1764475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1764475
expires: Mon, 22 Nov 2021 13:58:16 GMT
last-modified: Mon, 25 Oct 2021 13:57:24 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame AAB9 0
17 B 84ms
83ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kwaqi5ve&c=4254797318482&slotId=2127398659241&qqid=CPmE_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=977&mt=video%2Fmp4&vs=360x640&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252Fdb6fc036ca733f42%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3779618245%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F16AE30F5FEB911DDFB0EC1D6C3C2C0450D050B01.9C477DEAA108A0991C90CF0DD76CFF6C65D72366%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 08AA 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DDA 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H3 206 file.mp4
r4---sn-4g5edn6y.c.2mdn.net/videoplayback/id/ad47440cbe7c5802/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781626289/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 3026 2 MB
2 MB 15ms
7ms Media
video/mp4 2a00:1450:4001:f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
URL: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:f::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ef200ceb00bd3d242d4350becaac1dd3e2e914017d7f8ac6119fd81efdb284f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2240766/2240767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2240767
expires: Mon, 22 Nov 2021 13:58:16 GMT
last-modified: Wed, 17 Nov 2021 19:44:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6102 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 22 Nov 2021 13:58:16 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 895D 35 KB
13 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H2 200 rtb_ajs.php Show response
delivery.contextads.live/www/delivery/rtb/ 10 KB
10 KB 582ms
531ms Script
text/javascript 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=919&cb=75797458769&charset=UTF-8&loc=https%3A//indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/&referer=https%3A//www.google.com/&containerId=impulseadcontainer0&product=impulse
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: a202d9b9da7278252a35e7307ed438e355988234af3249a1444d7cf375a52515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:16 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
p3p: CP="CUR ADM OUR NOR STA NID"
etag: 18fbfe02d61e057e2e977d01846b64a3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Mon, 22 Nov 2021 14:58:16 GMT
x-amz-cf-id: HAtC-YmEEN69KI1QMQGo_dZO9FbWA_TKcRiD3-USzzzEgMGwpjjJ1w==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DD8A 12 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 13:45:26 GMT
expires: Tue, 22 Nov 2022 13:45:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F86D 783 B
535 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

264da305d60c9fc01124c7de58b84a1a5ea85e3956fb45deb452745060805442

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nWWPknDjYmJNUzxMmf2aGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 22 Nov 2021 13:58:16 GMT
date: Mon, 22 Nov 2021 13:58:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nWWPknDjYmJNUzxMmf2aGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_...
ade.googlesyndication.com/ddm/activity/ Frame AAB9 42 B
107 B 82ms
46ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D12010%26vmtime%3D43%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637589496379;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB9 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTIGr9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DQICzzclUVrqRfQa-TCNxYOlpxNVsV4sj3IS7mhPXmFx9xe41kne69Wu1cEtS58hseX4dXj5m0DEBd80a_hk0H2uBKQlpPzASZT1Oz_PTG3-8vihI3jkoGkmTKRs9pyoppMhD8ok4kcxbOXBt0IRD1gY6EORtgVkh9M6cG1vkLa3FzkccJgbAVFzcXF8sKgCOeSpfX1zsal5RQIp3BLTS-cRpuMa87HEeWfhPMxRf976qxgE7xnDmcQbxSaolxjd5hrFjxsGjCdlkTvmMFY-iLULdq5IDjJoRIYG2U_kmF1LYXKrdWflx1V65CTC1PBczWl_4_-D6bPdxLd6HbwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ&sigh=RPxGWEoOwIc&label=part2viewed&ad_mt=44&acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D12010%26vmtime%3D43%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637589496379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AAB9 0
24 B 51ms
50ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstAFfWeJdIrDg3C0UXwiLtJ4x25ZHNLK1u1k1CFkszCZlh1S01ZUzDdNeu0Mi_hTiflk4CCU9H2k2ZgCrTO2_q3xHnh7kXm_l9s_tvKrOuSgqL4NzduXhot9M5ptEEDRMMm700iRywK5VVsUm8tNSY9vWn4WB9--DEixwTOSrfmWB2gSwavnV7Jja3lv2Pw19lRo97inq_-9N-7A7SstAcAvobqnZ5-E0yeeVuRUELRWrnEcwCYT1Pbw2zlFC-PybQwzMuDJDdegGmSF23wKkFzcESUWaXRYs4bf4oFcJ9aM9Y4n0Mi37fZiK-SzhZ-iCc4lSh2s3iKaxUfu2Vh5Z9ZA0MsfKUD0AQWmmxxyH6CCIcHgNUyN8jeTToeLCyVeTPey5QSIhHzdxKaI674lq4lVfRF6MFraKn0AC2wlE_wYt5mOyOhtn28q-rbbjCRpOk763Url4uh8eZZI4sFcIGGo2jnTpCEnJ7HdRZz9vDKhiYvY1LHQBnppCeUOHbf9Bz7Dq1eu4FuiQ-gOSuEKJ5O-cJ5AvCssWWM2-snln-9Co-VwKXU_cdA4-znA9HAQY3xnbKfBnhHPrRFqQ9It8TndYKAO_-Y33-4omZ4wuHu5fj-fx-1ymPvbPkP-pT8sLiLxBtncPsY5YDdiL3EsXi69vZGHz4hNfJ2LLdAKHXtQ9mN79hiOwnZYajgN6uPAV9LJGwlqxW54M3jfOgZDSMTxMXwwbOgDY17aQIvkZFWW2Q17uzmFfAFp0tL8bnMIXeeBU4ZuIfSYFX1O4pMgHtyPpLz9Bz4GimRx743H4DmpR6sKSeO6FjMBIULxdxTtagDVREEO-Za3QUrEmAIvGCqzCuzoqUI-e7_C33XYRC64mrUJ1SRwHB-l20qyf3uRmNKOnzSQr_NS0bdQm7k_qYcGRxLwvl7nB57C-dWG3j78O1DJWeCrCr4aYeyZKHHc7pQrOsVqV48-6gNYt1jkvXYyIBmHP5iTKJDk3thdxGl43QfFp8i2gd5m0sMaKuztwMGe3peruKeZX3tn4EsbWB2kcsromCX541idfxNnRGGRnbLMh0C0YJnPd39uNHiK-ekbkryXAbWW80HqLpVM6qFykB0bV-fGGmyo-8YIpHEevc8Xs0CX3MBYBgOX3q-upgqdWOPijLfXXaJ&sai=AMfl-YSPCFlBgs62akwXhRYPDvy8qrw69ZO3MGEs4z-F617g4GRnzhPlMVidT89f9gwqKrqJakYwy082HZj36qNce0pYkolC4tRWCttkjelmMkBAKayX27pTpjAaimXJ9RQHXUpklc4CFY9BtkGp09oKglS8chP-3nMshFzZgvEqb-Py9jWdPBXWNq2mEfwdldzv0JL892FiczV7fwaWcgxANcgHeLt3eD9B1XlLpcrTHg&sig=Cg0ArKJSzGhA32TewM7eEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 13:58:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame AAB9 0
0 18ms
17ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhj60NK4ASABMAE&v=APEucNV-Ld-JAD8xRct6O_HE9biw3zQCiYKFufTsmBztsegYxNX9XPmP3in8ceJGq09UmDeM2THmNXx1sL-rRyCz3luDqtjd0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AAB9 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_...
ade.googlesyndication.com/ddm/activity/ Frame AAB9 42 B
494 B 77ms
43ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D12010%26vmtime%3D43%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637589496379;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AAB9 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYbUdM8jwPQ58HltaVj7sWEhwpRlxXTBcBRbtGYScNBsBqEZg2hnaNN84CM2N8DlcrgSiqxZefNnY2GPbtXhDUNykpPS95tRCBo5pswhv9SSqZtaWuRw&sai=AMfl-YQxVuHVxfD6YZiwffT2Db4RZBCl2jpn7-k-HI9HbpOoFjW4hgEzAEN3_e49AtpOFQnjFoehP2kTBZyYgaH79V26ZPhUWn5rFEskiloBZjV-kvXcd2bbFzzvLDUhoCs&sig=Cg0ArKJSzDYKwHvJNBUeEAE&cid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D12010%26vmtime%3D43%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637589496379&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB9 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTIGr9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DQICzzclUVrqRfQa-TCNxYOlpxNVsV4sj3IS7mhPXmFx9xe41kne69Wu1cEtS58hseX4dXj5m0DEBd80a_hk0H2uBKQlpPzASZT1Oz_PTG3-8vihI3jkoGkmTKRs9pyoppMhD8ok4kcxbOXBt0IRD1gY6EORtgVkh9M6cG1vkLa3FzkccJgbAVFzcXF8sKgCOeSpfX1zsal5RQIp3BLTS-cRpuMa87HEeWfhPMxRf976qxgE7xnDmcQbxSaolxjd5hrFjxsGjCdlkTvmMFY-iLULdq5IDjJoRIYG2U_kmF1LYXKrdWflx1V65CTC1PBczWl_4_-D6bPdxLd6HbwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ&sigh=RPxGWEoOwIc&label=vast_creativeview&ad_mt=44&acvw=sv%3D20211103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D12010%26vmtime%3D43%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1637589496379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AAB9 0
17 B 79ms
78ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kwaqi62d&c=4254797318482&slotId=2127398659241&qqid=CPmE_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=977&mt=video%2Fmp4&vs=360x640&dm=12000&event_name=first_play&asset_bytes=217244&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1ay~videopreviewstarted.1b0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping Show response
audience.contextads.live/ Frame 8861 479 B
753 B 709ms
663ms XHR
application/json 2600:9000:2156:a600:19:be69:b800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audience.contextads.live/ping?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&category=science%26technology&device=desktop
Requested by: Host: dac.contextads.live
URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&amp=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:19:be69:b800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 919456e36ef7d30cf1fd8e527a0e270ac02135b243a36debaad6446eafb39d4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dac.contextads.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:17 GMT
content-encoding: gzip
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: *
x-amz-cf-id: hetPIHpFq9XfMOqR6nS4Hay4-6kgc7icbKpU7Gb5vcBMPtfsvRhrAQ==
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F86D 0
0 46ms
45ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=896682008534951&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame DD8A 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 13:10:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D232 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BITHH9qGbYf-xL6qB7_UP7aGhuAsAAAAAOAHgBAI&bg=!FRalFlLNAAZQLpa_UC47ACkAdvg8WjCLlCu1G9bKNGccu2aAI3nYD4-e_xWC5GBGd72ZaRnDY_vG4wIAAAGxUgAAADloAQcKAHPrwHbRQWDmKA5Lsavs4GHfh1g-Zu0xbtP6GzT2v6Ukl1r-WONyuVolJyzhsZGdP8WPfYEJm9p2TJWU71K2WuPWAeBausuhPd8u2JoxvWF7AL6176RoxMuPoYwbyKVn52ekzFS7IIuVttM-7Nk_mL5gOd0AmQLRorSrHuP9ZomMbRYoVhkOE3g-Aej0y08v0LDYpl8_5KUnuQ4nH6sxIsK9i_NCBZsCWBE1_VpdLZTjGiEmOrWIbJtVczQ6iJSjV2eWEOZ7vBv0T4vvSYpvZWRh4idxDNx_NmYBY4Y1enoX5AChtUO8k4wwA6_0ADaB9PpCqG_7G8lK9TWdWxWe2XNhMpRltpwudKFHZOqS1poI-4pe9DhcXYa6a_PdaDgiHxTapbBG63bwOE2GdTrNi7GyaV6TsvIs-PLbmVhCdj_1dtB4yy0JT0hKOHz33MNZA4kVxW8A2ZdITi1JL-byvqrOOO8EY3Eb02m7_QLBCq5k90vSKbIlOwpXEh_AF1rjDh6GpV8KnUSznFI56kwizuHPUOs_-i5jC9Lvt2Cc5-qo7XIMJrSrMhXwXA9S8j4MIcKzTnpKXOY9XPL2_3a5pxK2yLW4hk-ggAuF9S0NIPXKosF9VA8aIy59kcb8EeZWD5QfktBsGuMSCCfOVHeY7zA_7TPDoJfviKdlSgPNbLaPYWxQ9LjnUWLDa6-gwON5p5FAGQ69ccu1ApkOGmUlleZYjLnLVvu1FqvseQBgyo_gdvwmQPugxlT98ml5nTYlPz2r1tzez4OsMDA7bAy2xKOl3pGZorTA_Mff6SS7ZK5TaWdSdC0ymaQJz2zfjxw06DK6NwIPIiMB9u8Yoa_CMC9d_iOHRREWkFpjvm1am_GUJT_1ap1DQzBABy4DeDgtg8irO6cq39imb_F1_TARV3f0EHR29Y4E-j2peW0rcBX5NLMZPw1hhcp3pBhycn0Tc5Poi33MSuzVCa4CGcNtKVbWIHIfF9COXUMZmo0bH6ZMEtZQPS-t8ZESHed4cZqzkjD-JAa6Cy4ZZFfCfby-ESNRGghXh0EcY2zCNp6nyiK4O9c-4hsfK5oxE_R9WO5w0uYKOr73lzYFkSMyFIIVJYX1ueMs8yxgpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=239235206265264&bg=!ExClEFTNAAZQLpa_UC47ACkAdvg8WiwVIzw-tWm6DKd2yos2zKZJOWKfyolLNo0H_jUI4IwpwLncjgIAAAHcUgAAADhoAQeZAnQKezzLbCvNbEoFfKFzeSrf6der4HG4oYPXHM4ORI4TTzhz0vtxTAlpkx_fdu7e9DMgY5EzsQcGQ__ARYFU7OrJjKmNS8or-zddoloqAgkZRvM9q5axR9X7RZJw2gW889jU7T7nt3-ToV6bJGpH_7a0nGoPFEJlvHvSH4hBOcEnhDtgmX0buE9IgdmLd9ojE_Y23_vI-PXOricJ7R1wh5dbjvW1IN2wyKRhV7JpNUwCSpFZI3rggKXsZ1JWhHEAWd7KEaszgJJ1Grqf2GrHR9aSpgjgtE5BokM2jv5OrDp7dU6dfz4MCDG2Wwi-uMO44P9bE2OoHexlxz8rTnMpoW4n_9DPTkFb5fegrkDIchbnZiZ_5krtjy_FO_jNRDSguo9uee0ALs_VLgtpOVSFCY6IwV_HK-us-JWiUYaI4DX5xRqSbsoKln1bCnxHw_Wd_admaWJ6fikqyKGjj63DVMWLSe4RvD7kYc7lc7D97a6UX6YenrfiYQDMXeFZ0KIPtBrfG6UEB0NKTIF9xcPB5orxilHgSR5z7QBwH8JeHXddnVWqtHuTIF0KLj37iyWmi7UbhLekjOYFXQz-kGdPmjBt3oytSa-2g-Le0vHG76MWbClZUFpjCdh6qsBDG7Jl16PjYztwYuZ3QYhPZ3IcyDwEYuH0DD3TeJr41LBzmPxEKKdVwlS2VBIzLu4dCytDprSrVBFgy_zo0a5fJ-lSyfXyY1LXL-24IjckXd2gmkfNmw9pzpqr3AEwRztc87wgRbFn6PUY6T3tnlxpPghWRgYECT2HLoQ97nbmxY7u1QGdyDvQPA097JwzAKmbdtoVe0u7MTmT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9D9 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfB3_9qGbYYCyL6qB7_UP7aGhuAsAAAAAOAHgBAI&bg=!9_Sl9LDNAAZQLpa_UC47ACkAdvg8Wky8RFvmjWtoChQCE2pIAk0ykYHoGNJGH05GPEeXB1MFgscRSQIAAAHGUgAAADNoAQcKADn0twdMI6M2u-6efH4w7xwUfAmUEmx4123kIB92XrFkkI13sK9HAqS5cwYUQd4tkDpnE85KKFqWU5uZAsV35eFz9tpDx96imrvrlu4nXduHrgiZIK_GczZpt4ILpeOnGc4G1i7T0LNzue-MipBMof2O_3uLJHyYbvHCkDaiV3KtMP_AdOpyuYu-W5b5K69qEN0RBn2As668m-1W3B-xgxlhgV64lw7JNP_C9SEYxvkNjJYygRe6Npfa0vATcvVlSmdArZ_eiDxu09eY0qqn50X1LICNMQQ9YPPN50YzIZrCM7ox5vpV9CD1BGrZCBR1-imWUSWp6jjQ2z4U_nSxYD6vvop_y7fX2Z7g8rpGKASxWEmvfROupdUPUip7LFDatZLUaFILtEWr_4pgaITgHa9X_fRm2NG94hKoaDwgc90MhBrUcCOtQlccEOBDbH2F6vLV8rEcnijNSYJ4Pdppdg1dYN9hbzcZ89EdBNUXxswWXO7yvmRGbMBFO_XzytL_8E2V_semvhu0qL0XB6CzshpzvTjv90dnxfHE8mS7CCEqpdz9Tjeg7KClko8aGA2DLJgfuOUMh2uiNgavOvfN9DcVBYtTH6dz-IBNL-5Gn35oHszwRfepb8NfHnJ2Q8JUfHEy3qwdDMubVgK4QaLUCYP74z0s9eS4PT_rOXPqKfZ8hifNPfGT8fUQ734EUKHU5V_SojoxYZzxLueBUbMeR1ONewf-zkVgY2AmvnOthMoaZVgLFgSK8Frfhr9YAAZYXSR0QMZLxe3GMxtkZEAoEVgWiXdiIh0XpiTbmkP00rKbkqGEGc2Ocqfzv0NkJ-PasInBk7XPie3x-EflAzBkTgILRNrQMO6qkfce2DXjcSXdNPrhskdsY7CtizXtdi-WpPpoKYs7oIkVK9-rCM1eM-i9Zt_tZi3NlEMKAIOPRIT2L6O7KouuXoZoT9qWiXT-jGH-3Gy-3FZl-GIoby0KwnyHI-zMH0_2kJb4NI72Kf7jaQoDAG2L312xVDhtYYV9DUNC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E44 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5HD79qGbYfixL6qB7_UP7aGhuAsAAAAAOAHgBAI&bg=!nJ-ln9vNAAZQLpa_UC47ACkAdvg8WsvhXlCTgVPqAlfxHRHEGf_hLXta6oIEjLFF832wrv-zZ1ujugIAAAIAUgAAADRoAQeZAtIc2nfNgY8VdLiOdz07ti1oWKCABneAOLvMEixixuefJaVxpT4o0EI5C0zXWLIKeiEI9B3MiHGxrBlyJHa6tFfFySM1tEku3dy0c3wgUh1UHXmdahvm8JShYFDnJA7QDihmweGi3zoiseEo9I5lEVvUO6Gba4siwiR0AU3VfPVYZZU983JmiRStnJW_h9IFasNIzE-AVMx9ogIj7O4a-ijPrlrmci40a7kGo-a-nQRee3evadycTEQPc4kgjWBn8IO3aLIFERh0AUOuKuEVby0JLJrJnmztO8OkBqlL8O_8ergCx6xhHK7Vf-edtFuOx7nY-ojtAxRrP4VYrwUIqj87rOuQ91VQv6m66EHCUi_JP2nWdD5Xzbfth-y_SP-ycvPTmjxyOcoo7pwVbadMr2J3HgzGGXjQ-7xGFehXgO8V1EH-y2CArrGIzryNecB0sC1DapmhQ4czZt1o8y7hyXMM7nSWhL6VpDWcaXsZcXSs6b1sTpVsaoLZfstkOF43N3rYuWqmTHZkC1LOr3YMvBDVGQKFQPxRBiOzhH4_C8NeNHdXonQ6mjd27QQVmS72AmNIZYVrethETEOZHB7GxvETsb6Y47Rx7tvZ6_dge8gVB4s0CIBUUzUZCugRNr45PUXq8642bSZTjrUkAiFj0aYYDMDyZ_M44DTnhApJ1Uc-zRC-tx3G5wTWzDwP1sxyBn9DWNQNa-MhAW6D-LBGLlffBnXV0VZFvEGRhFxaVXXlsaGzckZdBBcAslVkbSYCBLt4rXSR6eaW6c-Vi_K_LQcVyvj3kMcKPvcS3s4YrDSAiJBCaPwtG4fRU8CSlhMHazJQOvt5H14N4zL9g4aFDudsSdjDeS0dz26cGVZ5shep6P6wbN8ryqf-zmu4gXLMot5VYWAJMijgxDZmFt5QN3KR5WeTB49GCiH6jlrRNc3z7RN1JF2X7LO5VIPKvPYYBRopLQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DDA 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BqYxN96GbYZbaLcrGzAbP_If4CwAAAAA4AeAEAg&bg=!l5SllNDNAAZQLpa_UC47ACkAdvg8WrbZ9Lz9ouTCxWxTllIeF39OK_O4hwLHNYykq7ONBoflIXOZwwIAAAF8UgAAACxoAQeZAttliQy2cfa_Uo6e7Hr9_8MhbZj9jNdzHcFJ9jL7XCbQKez4YdHbIaDij-vwcYLvKQWb-zQnaeNmOFaq1qYxCU7xczZcsZ5boRAO5Oh2ZEu-IPeGmn5Ut2arrcqxRYr6-FeDaSKtdEpm_zZaY2M51toRys8PtQBndj71ZXhcxwv3OZtGirdSa46kvDgSRpTqyo34bjSfcXBarKE9Bk8lUoCJxAp5dhejfmjtmEnI6K3dfMdQPtFRX-r72UXPT7pRH_XPWxoME6PANiV9nNTTShothu60BXWyRsAOs_k3voM9F_Zbrh-Zq5fcdDEvJoeqMdwER0V8ez2y9_max5VblTv47R9kVYtoa7fFQhhOB_TZf7v6frS_bVYpdR4h_P43WztBIjaybCOhNdWBB8_Qdb1P7aFVeVevdcHe7R9sjaMUa44VO6qVrbI-OCXARSHCNIwH9Kly0Cu4LkNXPKdoNed9NGded5pMItl-C6tn8C3kTs5aDARfA5o5lF-BtqfSATmUU618YiGEL43twfjXjZT3yQs5LxnumxU98BDyW50d7KWzrw3NDJp-DPe0MUrH4LDHqC-G7G_OOTcmzoK5fMqbsf2sOYktw9E5W614DDK7e77ROXudeUccvwiM6-f8O0feRjahj2WvP6hwKCJBn6DhGTgZDouzmMQowFYP3Ibfuy_Y-k8ByyoK8mxJW3SAbc-x7ibCb3SYjeYlMZnrPOKFYP5kA29AzD5ChwOQ2gmFMeIdgXXGPcDS8k0LRk3HqXRSCoypvDaH5aJH77pbqMy0IJMFcDW9yLeqVTxc98bRONi4dZuxAuqzxW92EMFzeCHaNIQ6YubZjY6PB69rgIKatGJIFPgR5Jj7hsijykVx6aFjB0Vt5S1LejyjRvb4oxjeXqVYwdFwohp1BJbPbjQN_QpoVRaIeRrk5_c0RDsSKRMEKwJQIe7OF7xuX5efeVZegVspzj0atc-ikA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC4A 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1mItFSdOnPPN-oFU_19wx63_6gN5bGUb4nyZOFoB1qoEMjqRpcpLlAzsGjCTBTChLFb8uhQHVu1nztDP9a9u6P9_l0VqvIRZ_Mj6PEsHPkT4senJWpw&sai=AMfl-YQHSlY3T00YVyTbtNBeH6Gnmq9CjLXsFKVLplFzTeOvW1KVO4vtueRvbWI5YmRSMSWNm4Hm2N6uvqMBNtlezyvu97brmRifbH4d8SXr8vYzjfFpZpY04D0PXa0pqag&sig=Cg0ArKJSzOTLUH99BJ9yEAE&cid=CAASPeRohDfxpq_rF80rwynnNRRjy-BFT10WlhYx6_Bs1vbqR6TIzY51Ums4k-GzB_QoH-xpsZzGXXX08Jfay8A&id=lidar2&mcvt=1010&p=182,1310,786,1470&mtos=0,1010,1010,1010,1010&tos=0,1010,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=2006046257&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637589495339&rpt=406&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2146 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspVycwayv7gmN3XuV1CBTZ1mcvcROCFK9ZD52G5K6UiemvOM32xIQGjCYR5grolAMfWFyW7Yu-z7787c3zf4cl4AsI6AYUPeS3pZS_WDLruaYezCCfXw&sai=AMfl-YR6NqZ86nF9yLuVbA-Fdf4P6MqqP2xdtnQ7SfkpMdnn56K0RAAC33MAc9gmbjfy4xDZF49nMEaU-UuQfVmmVC4CgpExyjjBCdc6YTOEl45ricvn0911MPEtkh3lpu4&sig=Cg0ArKJSzJNX9nYbN5e5EAE&cid=CAASPeRoLMLWPtr-8nfyhRWqVhZhwZd9r0lRWOl6Ve-2PNP5eM2WbYWUViSbz0kLZn3iv3GndtInCcBQ4HebYOM&id=lidar2&mcvt=1011&p=187,315,441,1285&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=4134857687&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637589495308&rpt=352&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8441 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNf1Tpnd3K3DuclNcK8X_t5jHksrcHeCO5PrO-0XvQG7psPzPCeLrS1UJRJP5a6NZnNDhhwsfg4SKSh4-x1h4LY6ApGjyiNjR-Vhua40IcI7ZCxtdQIw&sai=AMfl-YTIQCxgm5fDMkwgp16Vv-N3nXHZWQJhh955j_kuMt0cqWe3fAiSHv9RT3ZuzzZ1crD39DZvrAMki2FoscF7LQJoI4-fcS_hIrHmXtl-1gYj2tZRffB0X-SVColUhcE&sig=Cg0ArKJSzFSxqhZit9VHEAE&cid=CAASPeRoyzBlrYtUOhcLrqT_6sLwy1Yov34LUXhI6gj5pfeaUOiaRmRU1sKdPiSaIjxKaFhayVfI2TjIRiI42Ek&id=lidar2&mcvt=1012&p=182,130,786,290&mtos=0,1012,1012,1012,1012&tos=0,1012,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=2713915709&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637589495333&rpt=372&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08AA 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BLhmh96GbYe_bLYez-waS85SwAQAAAAA4AeAEAg&bg=!V1SlVBDNAAZQLpa_UC47ACkAdvg8WjCuIax-oK_5uBw2AVs3EZGdRNvMuYEyAUYdxyxQaGqweUUqBQIAAAHZUgAAACJoAQcKAMh_ZtEApKnLtPr3CebOUgzwnjT7qrHxAGKl4ALLhRPNl-zDXHGjsh7Ybis2-wJQJ1dwBB0KBWTLpDL78W1AR5rDUgGM2dqbMbeoDssvWLGNyjKd45RNYkUQw06I899xkD_TdmCPtXm3DqvHJypsY_Gg49jazu7u-mzSh1x2hbyMGsnN8BB135Xex_zgNV1Y7BQABd2-BAyymZ08uc2oFLdmY-aNQIHxoS0Uaerh-R3bYrYXTxCJLlnSFzVWzZbhaA-wAgXy5XMy1pkCz2DWjquMgfZ6trYdohUc-PFlGLzOoUeNwj31ZNxezcbnHv-o2DW9_i8IR_vI3iRmai0Lqm6LFyhmts-os-THqJSE1wPcVeRNUjWnrNtI3sJjO3jyzQ3tcMRTwVLVGPY6967681BqQeqI6VYqa9MllIu27Ftl7JnLgSmVnxU1HAHNWLjzC7aHT9txpTkQtyhbm-AVHG4ye8NC-Kx4ceu-9vqaZ9Q1yRuEDZkRRFuOCzF5RobVGQHK6yAkkeXN7ICcB1MQKICodLIH1GL4T2RkEmo2R23ef0DvnvSWCHf9JS4OBcrUYcYyVWCkciBmPDpFWBmjWIZTvBkRDW0Z-COHvqG-vkzvoWvNNhz54tZFE4jCUF0RfZdKvl63hfb7s1jJDHqQOpLBss-xQQmdB09NvvIBwUWFbK-u29ZkG3W8mFOQQ3TyGVAeMTsclqbU7FrVwPNC7rRfsnPHPy5tg1x44h3IU2t9CSmU1lTgFuE0V6ESxgblkt3149lmAJsxjpgCJcTkfCixeSL5RRIzE8Iee0HsXgr4nZuk2PwPdsSYV9A62ZmmxrEctIswR7llsug9wh5IU8-2YvCLKmCCcsiSs_Ia4GZHw-MWLfjnEPDB71oU4bnUlc_7YzDpWnpTHXc2IA8FVusIICJoUJKjDmg75kyEisbvc2dErTuuTpLnQDJuR58oqMsxyVOYqSB4CRUtZDvdnmQleeye-VX92ro3EztlnPtMff5dgJHv0RDLll-g0j_wQv4o67pDiOcT4kBUx11T7hyjdoedqO3AUVTBXUkbcpojgIhcg9ReS-u_kP6vIX1CXCs0Sb78m5So_uvXoJ2JbzrtAONSzVBSldrbPyl9cyw8AVNFoGUpsoEM4c8VGiDPN9akTxZbGrWTM-qkRf3WW-4qpSwGDn_PLl87HXVFgCtillJR3E9B-FF5a1opBlq3Ya-jPKrOJSison69

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 895D 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BZOTM96GbYfjAMoSG-wbL-pvgDAAAAAA4AeAEAg&bg=!KimlKW3NAAZQLpa_UC47ACkAdvg8Wj0T_eaFySFHNJDizcl6D4bsZG2U9kvhYkuKxToMtRdJQ2FGMgIAAAGEUgAAACFoAQcKAKyVolO1kc63qicE1aHXvCd48fHkbkIe7FK54fqyfYMya-oq1Hfsi2Wz90JFvNy6oe9zmfV7M02NqmKz8go1UNj4l-kPqCXqK2OV7ZqdX0xIOPBqV_L7jUDnmPFi9W4kSTresy3a24YCJ6PHdC9SF6b2kero0IpDcXgmfV1BLOCY_ta4fSTa_oPDvUd3MsN5JVbTnQ5_a5l2rX2qeNXwCy76y-Xy53_NPW03e8hXmQLX1H3G3-Zjx92OzWXVb3OMh47KdLE-MhYq-Z5Q7SEuQ-CfEJ70nvZWjBlrWY8YSNWUGGLuFSqMWYron70gi4cPEd0IX8OmMZmD8X-iZz34X01v7pUD8KWTAEgoXbo-E27_BmWcsW0e42r8GMEygrGRKzIjt_Hx_z55z4ntCFD_9QgGNlMilt6-ojhcK0mAZC3EOj8oPftzAwDLpKO9RhWzwOb0CmV5iJ2OkneZUGFCPqciBx1Sj1HR7UCCqCljX1SZVuvcSpg1ehZa_pz5zBCzyTUqH510R0-MUFQBY5nJZ6KsUAkGa8v1fXmknYScc1Na_fTdFvMYhq5HOdPK9T2MiLcqBC5FGovptxMYjBv8AsCpSyGLNu7yuGVVksSIH6C38PchSWfO3jOvTEtqlduGFnmn1TROl2199UXXhYS5x1eVEgS6vBGOFXj3EPckMDSvmsS36_Wa-nvYZCrRGMee304JbmHvuiAJtqlpwAnu456KySBoGM9LbueXpwo6LS485C9d3hbxzIJfu5HyWREcCSB-4QcOSC95HYXuHGNQrl6kRrVNrId7j5lqPWYoKcPo2w1oRKjU3AU_eiY4HiK2q2D1EGq3dvZvpaBHucNqURYcqfQ_XJWq27n0V5EqHXkX8pHuMfWifNtwF3NDJgNCa-uxksVTOgRZFyVojf8HsSjS6fljjrT4uDCB46i467WO6ieFaxK-jciHTntiPPkYJDmnlo5eG2e-bufMvE7H3ttcSKqkR2UXmK_ZIOsl99oGw1nEDr_OHkWroDXq1O6ikJ4hgvMLBZXQYsO9vXVGYiIVvSgbw8-HAtNfUZnu9c1IN6mXa-fhYxXFHq8ZBvzF86g8bZTOMHS_VOU3tKyZCx63_uUTH0HzdZ31FC7YP3f0cvJ1Im2b16NEobk9LBPTTSJjC_4_z0Rxns3MF5y8nN0O-PE66xg3QoPwjf73yfoVYTXZ_Gcrqw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rtb_ajs_l.php Show response
delivery.contextads.live/www/delivery/rtb/ 3 KB
3 KB 756ms
755ms XHR
application/json 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs_l.php?zoneid=919&cb=75797458769&charset=UTF-8&loc=https%3A//indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/&referer=https%3A//www.google.com/&containerId=impulseadcontainer0&product=impulse
Requested by: Host: delivery.contextads.live
URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=919&cb=75797458769&charset=UTF-8&loc=https%3A//indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/&referer=https%3A//www.google.com/&containerId=impulseadcontainer0&product=impulse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: bff54895d14112f10d126095ef9bd7ff3f3c097b27616c91c7547522ea6cae8e

Request headers

Referer: https://indianexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:17 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://indianexpress.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-amz-cf-id: UouHjHPfOAVVswPOVW1syvzUnLAuKRnxH7b2PHlSMB3JWR0NuwHE6A==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6102 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=896682008534951&bg=!Y2ClYCTNAAZQLpa_UC47ACkAdvg8WruQHgPVx5Se8MbCQZxdTPF3mJUBzmqDqlyTj4qWWCgyLUSCLgIAAAB4UgAAAA1oAQcKADGQnNs-bN8jzd00YTVirDdHlqlkFwktaK9d0dqjnHbb5uwicVYCmxlMgQ8ao3u72mXLmQKdH9eQ6wvV6DRakK96U45Rz9lICMqB7wbDcD50xAX9-1r1V34aqPoahUsd4yc4nehsUTwL4bi261XYouILqBIEafwpW5rlEFFw6hezhPf1xnpzCCVQh0SxTBFNsYv5E8t9JChvgd_F4J0Y4hxzOVU2ncsLJCXUIfXmDEZKY7b6iKkeVz3bbkyBsv7WZWVqF1qZdbEe_iHmXqr-VIwWaedzMpDqsQWdhOTtZb5vsaeOSbBCVXvuqTn5MZr4o8LSL6KN4VZAOH7iALHR4ZHCTA24NtZdzQElKJJ1REN3Yp7HpQcz3tjBu5t6kg2ZZOjpctLRxAwIy4jhMr_ssFgvfgDGtjLXKMEA-ua1FUevfUXDlXArT9WZs12wiNVbHFTA2wDW52gJrFmeL5Txlhqij29EWOaDC32Exfq21VLVnMpbJ1NSBW7PrNU7CvikzpXGjdupELLsR6aIcO71k-aGzoE1xgj7k56lfSQE2TRv01EhNWNHOCJUnYpyxrDvX5mTNaO5XPAlRlkRnzOQd6VIuhc7PkhxB92h-gHt45Pr-iZV6wEPG8uvYj1TN1iMn62WLfqgf3slaTp0LyfcNHVQQUCWNeCBhU1KgrCWVfxms0rALt4F8OvoJDy0e1krPJWB8UF3PaGITOmF87vN6XqqOP1nIBONFG75aKdL2vEi1TRbT5FrcQ4rDtI7RrvlJAGhFlsnLJb7jsHnLA3yC6HIxGzA5MfGfQNs8ilMNDEQRcvlUPhKx2vMzwo-krBDl1c20ex8w5Rlv_2-PiPWb4PF01qaH7aR1YPwj3NotmtLos0ogajTQrZEPM7YUjD8fN-0a_xT1WvjgCoViMX08CXmivApIeogLHwExtCGfdDdHtpDhQtBYguEOGHsbrdFriei

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client Show response
cengine.contextads.live/ Frame 8861 2 KB
1 KB 153ms
140ms Fetch
application/json 2600:9000:2156:a600:19:be69:b800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cengine.contextads.live/client?device=desktop&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&product=audience
Requested by: Host: dac.contextads.live
URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&amp=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:19:be69:b800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 / Express
Resource Hash: 70031b3e4c4386676ac6d2c56149b6c123c8b91eff8340bc3b51b1493c0beb48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dac.contextads.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:58:17 GMT
content-encoding: gzip
etag: W/"6cc-Q8fUJMp3ny8+0DkVjYA5YseFd1k"
server: nginx/1.17.10
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: xLhM44JnUn5tzyex9rIxqiybvp_Gs_QD4C1pSdrbTNawx6NxXNTXDA==
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)

POST
H3 204 csi
csi.gstatic.com/ Frame 131A 0
17 B 79ms
79ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kwaqi5q3&c=6717380536609&slotId=3358690268304.5&qqid=CPqE_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=977&mt=video%2Fmp4&vs=360x640&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3026 0
17 B 78ms
78ms Ping
image/gif 2a00:1450:4017:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kwaqi5te&c=7811779344594&slotId=3905889672297&qqid=CIGF_6CQrPQCFarAuwgd7VAItw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lg.php
delivery.contextads.live/www/delivery/ 860 B
860 B 485ms
485ms Image
image/gif 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.contextads.live/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=919&loc=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Ftech-news-technology%2Fevery-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715%2F&referer=https%3A%2F%2Fwww.google.com%2F&cb=a540577cf9&bid=&request_id=151139171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:18 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-amz-cf-id: guEMRnaQOrmDYTp1nC4lrF5J5NzhL7YQt5_E6GH4YOnbVHER-8zjaA==
expires: 0

GET
H3 200 dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_...
ade.googlesyndication.com/ddm/activity/ Frame AAB9 42 B
63 B 65ms
50ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D2027,0,0,0,0%26mtos%3D2027,2027,2027,2027,2027%26amtos%3D0,0,0,0,0%26mcvt%3D2027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2249%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D12010%26vmtime%3D2293%26dtos%3D2027%26dtoss%3D1%26dvs%3D2027%26dfvs%3D2027%26dvpt%3D2249%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2027;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AAB9 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYbUdM8jwPQ58HltaVj7sWEhwpRlxXTBcBRbtGYScNBsBqEZg2hnaNN84CM2N8DlcrgSiqxZefNnY2GPbtXhDUNykpPS95tRCBo5pswhv9SSqZtaWuRw&sai=AMfl-YQxVuHVxfD6YZiwffT2Db4RZBCl2jpn7-k-HI9HbpOoFjW4hgEzAEN3_e49AtpOFQnjFoehP2kTBZyYgaH79V26ZPhUWn5rFEskiloBZjV-kvXcd2bbFzzvLDUhoCs&sig=Cg0ArKJSzDYKwHvJNBUeEAE&cid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D2027,0,0,0,0%26mtos%3D2027,2027,2027,2027,2027%26amtos%3D0,0,0,0,0%26mcvt%3D2027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2249%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D12010%26vmtime%3D2293%26dtos%3D2027%26dtoss%3D1%26dvs%3D2027%26dfvs%3D2027%26dvpt%3D2249%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2027&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D2942,0,0,0,0%26mtos%3D2942,2942,2942,2942,2942%26amtos%3D0,0,0,0,0%26mcvt%3D2942%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3164%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D1%26dur%3D12010%26vmtime%3D3210%26dtos%3D915%26dtoss%3D2%26dvs%3D915%26dfvs%3D915%26dvpt%3D915%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2942,2942,2942,2942,2942%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2942;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB9 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTIGr9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DQICzzclUVrqRfQa-TCNxYOlpxNVsV4sj3IS7mhPXmFx9xe41kne69Wu1cEtS58hseX4dXj5m0DEBd80a_hk0H2uBKQlpPzASZT1Oz_PTG3-8vihI3jkoGkmTKRs9pyoppMhD8ok4kcxbOXBt0IRD1gY6EORtgVkh9M6cG1vkLa3FzkccJgbAVFzcXF8sKgCOeSpfX1zsal5RQIp3BLTS-cRpuMa87HEeWfhPMxRf976qxgE7xnDmcQbxSaolxjd5hrFjxsGjCdlkTvmMFY-iLULdq5IDjJoRIYG2U_kmF1LYXKrdWflx1V65CTC1PBczWl_4_-D6bPdxLd6HbwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ&sigh=RPxGWEoOwIc&label=videoplaytime25&ad_mt=3210&acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D2942,0,0,0,0%26mtos%3D2942,2942,2942,2942,2942%26amtos%3D0,0,0,0,0%26mcvt%3D2942%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3164%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D2%26pst%3D1%26dur%3D12010%26vmtime%3D3210%26dtos%3D915%26dtoss%3D2%26dvs%3D915%26dfvs%3D915%26dvpt%3D915%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2942,2942,2942,2942,2942%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2942&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D5937,0,0,0,0%26mtos%3D5937,5937,5937,5937,5937%26amtos%3D0,0,0,0,0%26mcvt%3D5937%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6159%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D8%26pst%3D1%26dur%3D12010%26vmtime%3D6210%26dtos%3D2995%26dtoss%3D3%26dvs%3D2995%26dfvs%3D2995%26dvpt%3D2995%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2995,2995,2995,2995,2995%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D127%26psv%3D126%26psfv%3D126%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,5937;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB9 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTIGr9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DQICzzclUVrqRfQa-TCNxYOlpxNVsV4sj3IS7mhPXmFx9xe41kne69Wu1cEtS58hseX4dXj5m0DEBd80a_hk0H2uBKQlpPzASZT1Oz_PTG3-8vihI3jkoGkmTKRs9pyoppMhD8ok4kcxbOXBt0IRD1gY6EORtgVkh9M6cG1vkLa3FzkccJgbAVFzcXF8sKgCOeSpfX1zsal5RQIp3BLTS-cRpuMa87HEeWfhPMxRf976qxgE7xnDmcQbxSaolxjd5hrFjxsGjCdlkTvmMFY-iLULdq5IDjJoRIYG2U_kmF1LYXKrdWflx1V65CTC1PBczWl_4_-D6bPdxLd6HbwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ&sigh=RPxGWEoOwIc&label=videoplaytime50&ad_mt=6210&acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D5937,0,0,0,0%26mtos%3D5937,5937,5937,5937,5937%26amtos%3D0,0,0,0,0%26mcvt%3D5937%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6159%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D8%26pst%3D1%26dur%3D12010%26vmtime%3D6210%26dtos%3D2995%26dtoss%3D3%26dvs%3D2995%26dfvs%3D2995%26dvpt%3D2995%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2995,2995,2995,2995,2995%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D127%26psv%3D126%26psfv%3D126%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,5937&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr7O6oZCs9AIVh9neCh2SOQUWEAAYACDm7r9MOhoIh7-AxQEQqeHflN4DGIbl1d4DIJX63bTRDkITCPmE_6CQrPQCFarAuwgd7VAItw;dc_rmcid=CAASPeRo3gfMRGS3EM0Rm0HsVjsUDZyBoJ7qg3MdB1zpDcW8sXqb9OzftdgFQAgiI3mo-qyvsH_gWxqoJAiXTiI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D8931,0,0,0,0%26mtos%3D8931,8931,8931,8931,8931%26amtos%3D0,0,0,0,0%26mcvt%3D8931%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9153%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D13%26pst%3D1%26dur%3D12010%26vmtime%3D9210%26dtos%3D2994%26dtoss%3D4%26dvs%3D2994%26dfvs%3D2994%26dvpt%3D2994%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2994,2994,2994,2994,2994%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D1023%26psv%3D1022%26psfv%3D1022%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,8931;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379;ecn1=1;etm1=0;eid1=960585;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame AAB9 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CTIGr9qGbYfmxL6qB7_UP7aGhuAuGtvmGZpX63bTRDvAuEAEgwKWrI2CV-qKCsAegAdz4qrsCyAEFqQIcIRu3xe6yPqgDAcgDmwSqBP8BT9DQICzzclUVrqRfQa-TCNxYOlpxNVsV4sj3IS7mhPXmFx9xe41kne69Wu1cEtS58hseX4dXj5m0DEBd80a_hk0H2uBKQlpPzASZT1Oz_PTG3-8vihI3jkoGkmTKRs9pyoppMhD8ok4kcxbOXBt0IRD1gY6EORtgVkh9M6cG1vkLa3FzkccJgbAVFzcXF8sKgCOeSpfX1zsal5RQIp3BLTS-cRpuMa87HEeWfhPMxRf976qxgE7xnDmcQbxSaolxjd5hrFjxsGjCdlkTvmMFY-iLULdq5IDjJoRIYG2U_kmF1LYXKrdWflx1V65CTC1PBczWl_4_-D6bPdxLd6HbwASp4d-U3gPgBAOQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBPxvYQNyBOG5dXeA9gTCogUAdgUAdAVAfgWAYAXAQ&sigh=RPxGWEoOwIc&label=videoplaytime75&ad_mt=9210&acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,56,336,244%26tos%3D8931,0,0,0,0%26mtos%3D8931,8931,8931,8931,8931%26amtos%3D0,0,0,0,0%26mcvt%3D8931%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9153%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D13%26pst%3D1%26dur%3D12010%26vmtime%3D9210%26dtos%3D2994%26dtoss%3D4%26dvs%3D2994%26dfvs%3D2994%26dvpt%3D2994%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2994,2994,2994,2994,2994%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D364409213%26psm%3D1023%26psv%3D1022%26psfv%3D1022%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,8931&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1637589496379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 13:58:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ua Show response
ua.indianexpress.com/api/capture/ 119 B
573 B 127ms
127ms Fetch
application/json 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/capture/ua

Requested by

Host: ua.indianexpress.com
URL: https://ua.indianexpress.com/personlization-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

ab9292e8e99dbdb957775d7b78bb5a878ecf565f7b476ff9c7c1e00f28715b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

x-request-url: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/
Referer: https://indianexpress.com/
x-requested-with: https://www.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Mon, 22 Nov 2021 13:58:26 GMT
content-encoding: gzip
strict-transport-security: max-age=600 ; includeSubDomains
content-length: 117
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Mon Nov 22 19:28:26 IST 2021
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
expires: -1

OPTIONS
H2 200 ua
ua.indianexpress.com/api/capture/ Frame 0
0 126ms
126ms Preflight 23.79.141.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/capture/ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.141.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-141-164.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-url,x-requested-with
Origin: https://indianexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-origin: https://indianexpress.com
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
access-control-allow-credentials: true
date: Mon, 22 Nov 2021 13:58:26 GMT
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=600 ; includeSubDomains

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 16:24:21	Name: muc Value: aa4767f9-1037-4941-8241-72fd370ec8dd
.t.co/	1970-01-20 16:24:21	Name: muc_ads Value: aa4767f9-1037-4941-8241-72fd370ec8dd
.google.com/	1970-01-20 16:24:21	Name: CONSENT Value: PENDING+011
indianexpress.com/	1970-01-20 08:21:57	Name: _cb_ls Value: 1
.indianexpress.com/	1970-01-20 16:24:21	Name: _ga Value: GA1.2.945062858.1637589495
.indianexpress.com/	1970-01-19 22:54:35	Name: _gid Value: GA1.2.1649566495.1637589495
.indianexpress.com/	1970-01-19 22:53:09	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 16:09:57	Name: UID Value: 14IA9KIDCOQLFNSAYF8OJPg1637589495
indianexpress.com/	1970-01-20 08:21:57	Name: _cb Value: lSkhNQi968DkZhIj
indianexpress.com/	1970-01-20 08:21:57	Name: _chartbeat2 Value: .1637589494640.1637589494640.1.ByxBIC4oPogKWI5aDuSdb7Bty-ju.1
indianexpress.com/	1970-01-19 22:53:11	Name: _cb_svref Value: https%3A%2F%2Fwww.google.com%2F
.indianexpress.com/	1970-01-23 14:29:09	Name: WZRK_G Value: ebe4435186a0461f95a4d72ce691114a
.indianexpress.com/	1970-01-19 22:53:10	Name: WZRK_S_844-RZZ-995Z Value: %7B%22p%22%3A1%2C%22s%22%3A1637589494%2C%22t%22%3A1637589494%7D
.izooto.com/	1970-02-03 22:53:09	Name: IZCID Value: 1e131fce-9abf-4f39-ba96-810bcfd45048
.indianexpress.com/	1970-01-19 22:54:35	Name: ssostate Value: NJOnaY
.indianexpress.com/	1970-01-20 08:14:45	Name: __gads Value: ID=2318900854c20a86-2212f1c5eccb00bf:T=1637589494:S=ALNI_MZq1Q23M9Pt5UbPeusiQrJa39EUtg
.indianexpress.com/	1970-01-20 07:38:45	Name: fpid Value: 356ce8a36a1d23fcfb47798867e4281b
.indianexpress.com/	1970-01-19 22:53:11	Name: upssid Value: 356ce8a36a1d23fcfb47798867e4281b
.doubleclick.net/	1970-01-20 08:14:45	Name: IDE Value: AHWqTUkBc1lr-EO415tX2v0J-yLWxXB4tBBTOeKJuqJsaHmFsUaH2Fuw2pe-Hl0Vnlw
indianexpress.com/	1970-01-20 07:38:45	Name: forkrtg Value: {"generic":"29112019"}
.indianexpress.com/	1970-01-20 07:38:45	Name: fpuuid Value: 2113282401965750
delivery.contextads.live/	1969-12-31 23:59:59	Name: OAGEO Value: DE%7CHessen%7CFrankfurt+am+Main%7CNetwork+Space+Provider+Ltd%7Cclouvider.co.uk%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7CThis+parameter+is+unavailable+in+selected+.BIN+data+file.+Please+upgrade.%7C%7C
.contextads.live/	1970-01-20 00:18:46	Name: fmgctxuid Value: {"id":"21HEDwDRwnkNNi9MDLdYiYJ5eE7"}
indianexpress.com/	1970-01-20 00:18:46	Name: fmgctxuid Value: {"id":"21HEDwDRwnkNNi9MDLdYiYJ5eE7"}
delivery.contextads.live/	1970-01-20 07:38:45	Name: OAID Value: 01000111010001000101000001010010

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/8AczCbu0Tv Message: Unrecognized Content-Security-Policy directive 'referrer'.
network	error	URL: https://s1.wp.com/wp-content/themes/vip/plugins/vip-do-not-include-on-wpcom/vip-powered-wpcom/images/vip-powered-dark-small.png?m=1401974073h Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://indianexpress.com/wp-content/themes/indianexpress/style/fonts/fontawesome-webfont.woff2?v=4.5.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://indianexpress.com/wp-content/themes/indianexpress/style/fonts/fontawesome-webfont.woff?v=4.5.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://indianexpress.com/wp-content/themes/indianexpress/style/fonts/fontawesome-webfont.ttf?v=4.5.0 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://indianexpress.com/article/technology/tech-news-technology/every-3-out-of-4-gamers-in-india-experienced-a-cyberattack-norton-special-report-7625715/ Message: The resource https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19-7DQk6YvNkeg.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.indianexpress.com
ade.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
api-cengine.forkcdn.com
audience.contextads.live
bid.g.doubleclick.net
cat.nl.eu.criteo.com
cdn.izooto.com
cdnjs.cloudflare.com
cengine.contextads.live
csi.gstatic.com
csm.eu.criteo.net
d2r1yp2w7bby2u.cloudfront.net
dac.contextads.live
delivery.contextads.live
dlvr.it
e9f4ccbe00992de0b7a42d9cfb5b8085.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
images.indianexpress.com
imasdk.googleapis.com
impulse.contextads.live
indianexpress.com
mab.chartbeat.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pix.eu.criteo.net
pixel.wp.com
pubs.contextads.live
r3---sn-4g5edndz.c.2mdn.net
r4---sn-4g5edn6y.c.2mdn.net
rtb.nl.eu.criteo.com
s0.2mdn.net
s1.wp.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
t.co
tpc.googlesyndication.com
ua.indianexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
wzrkt.com
104.244.42.69
142.250.186.130
142.250.186.162
142.250.186.98
143.204.98.119
143.204.98.125
173.194.76.154
178.250.0.139
178.250.2.148
178.250.2.150
192.0.76.3
192.0.77.32
23.79.141.164
2600:9000:2156:2600:a:5b2c:b080:93a1
2600:9000:2156:5200:18:757a:bc40:93a1
2600:9000:2156:7200:18:1fcd:34f:cdc1
2600:9000:2156:a200:1e:3056:9b00:93a1
2600:9000:2156:a600:19:be69:b800:93a1
2600:9000:2156:d400:3:6e47:11c0:93a1
2600:9000:2156:e00:f:b7c0:a340:93a1
2606:4700::6810:135e
2606:4700::6812:d841
2a00:1450:4001:1a::8
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:4001:f::9
2a00:1450:400c:c06::9a
2a00:1450:4017:80d::2003
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a04:4e42:400::714
50.16.218.57
54.148.61.62
022a8d8c886976f689830fdbe91ecc8897c05ce644066cf5db1034b30c5ed2c2
025628f65e4705b3aaa971ebc2235e9265c1dde9f4334742c965ae88763bd1e7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
040f199e2a426e829e7dc4d557ead78c86d4de8514d6ab7b1e97af7193d52d90
06196fadd1d067e62636f730631319a131e06c8c65625d455e27f6dd50753c47
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c41ff30d6ca6f3c5df722c3cb820075ecb0892b8d340c0bd623044677086acf
0cf2414a30c24da458e2f3f20b7fb2ff4e6c37dac6ab93fe4466bd82b24c7fbb
0d09bcb8e0086007da2e0957db48a7861313fb2ad491c55a5aa8a2bc05351461
0e3f3c55f00fcaff956bc996a2cb353ee127734901fa4c43cd1d12c2af8577a3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f569d185f0f4544923e8fb9a3738dfb89641e5b09efa261e4212d7506a1c351
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135821744dedd4cf0c6443a53e58d9dabb01de0a6de308643f9957c43f7dfdba
1361f53aec79b71880b6965f4bb5ac3edeca39e173736ebcebe5e1282f1781f3
1660c7b9da05dbd944426f37f56de2c3a8fdfc23ea8bc6b62c7421c2a42b8887
1782a40f72f41c83cc7e7da54f6d0b01f9011e44bfde4b2e0494c64d3b94ec56
17943514373d9d532b4cdc3f750d32d9a668d6bad4f601cfdf1996a44acb1c2e
1c3fffe143ad0ce81d60e95e6f6c72b8799587e0211c49e6c4b7efb25ba6c016
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2068fc47a0550c8de2fa4fabbc1a2b9b54b1e5ec4aeb554db6864152d9055fc3
22080faf1da0a15ad0193f2d812c326d82a442ed7ec2e29ab6c16f00005a27b3
23eac2aabf15dc04b584e94b9d76a9d57fc9d5f7d4313773c74c06e3a111e9de
264da305d60c9fc01124c7de58b84a1a5ea85e3956fb45deb452745060805442
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e81779d04f48c0b0a38ffa0aab2cfd228f5cbe81e6d12c55c6458930eac937e
2f3afc4c9bac5ab7475f8201084187aefa9437460c73789b7e417bafa1597eae
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
357a6b78648baa6c8a3007ecdde9c3fbbecb294a01cfea516f85f157380bcebd
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3adb5f1b6b7fa9bbb2566416ee54c605783d4f9041d09b29fe0dd26e7c633191
3b085dc0997098eb528dacd4f7c64cfa6d13aeffcb9025c5687e96a3c8615626
3d24fe79c706829a5a574b236e8d413bc16d2e902586e5028de98701f72940c8
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3dee579082b075f323ebd0d5309ac8aa86df82118da75c8b27296acef81229b9
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
419429610cf4f4baa6c8270440e0ee7eea0ffacb7d3ec84d683610ca911470a8
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
4264bee32a14c5019bb345c12fdf8c8e96e7405ae794b15d3ccbf52130106ef0
46a85400d950921c9136f425dd8b20f1c6ecc585fc3eb430c360f01b99d19865
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4984a12a4e2268fb4e8104ec4b208d4ceb597fa6ebc3529924eed8602a29ba49
49919cdd76bb75af97102773b75d9b766922863883afcc28ad868b31d4beb6ec
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4ab429c88eb98edc8bdd668e6ce93c1d38d2bb8965a7e98e8480f2130bcf5fe3
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4b3c8ba49573c192f1aba9a15e97ae789781a183b725e9a86b3fd966678a3f3f
4bd883ad0cff79a693c47400802ec7e5787596d0b303d6822e2a7c162b91ff11
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e456d15acea4fb01e1b9c073f618bdaab8a92f6bebd56f3b4f0e4fe1887d2a1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
53d41f58a5a0769bd8745675ccfdeee69d83658fd3fa20a9f809e6522282db74
54b1f1a011f102d2c6581b702a4351f9baf8f32d9925c5b8f89359da728790f6
5b6d850dfe36b361b3256f9f9fb74f306a470e097da8ac774290657b8486b513
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5be9fa274bd6ff4d7f74dd01c37ea07eccfe55f5d1b1391a7e06ad4a5196e225
5c41cf7e3b9a26e23a5cadbca346cec8ca102891359d1df6b0123401f69d51e1
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5df7f6f64b314fdf6b880f4af5882d8b276c9272dbb03757dcb2598046e33b41
60168a9a6548e561e2509e1ff25a920cc184e2a9915965d3f14f5cf1a6ec8850
630f0440ea30df602859f4ef93f16a21705cecc8a5bf6b30ce5344ad727baf52
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
66aa8c82a7b17fb6233973de31e7a77fe329a051ac8a5d1e4dde86078b1e9b1f
67247b5cc3929dc20447c5740d39df6d8d3947a51d0f0fd9ada6ff3a6aa0c227
67dd353d1a77cd00fcb937ba3ad7a6b4f9095547c35682ce4fde80ed6332fa4c
6a1f7a22635852e7bc951f63969f071ef13e43a63ce63466844e8dc46a0525e0
6e0256402d7a187ebb546573bca940234ed150bbb59eb845a39fc9d0f45f67e6
6f094491b1b273637401174042d10ee30e5717d1041e28863df97db3450ec80d
70031b3e4c4386676ac6d2c56149b6c123c8b91eff8340bc3b51b1493c0beb48
703b80e3a3a93b91a303a27c4476029afa1b1e0c374792daa6e72eebd0984b82
70e6089b5b9dca69eef035f82b211576e5e6d6489ca2e7ab78a07ae7db747466
742dbc7d27a84eed3e863ede50b9c805e8dd100de0bca8350aa19e0b7ae6c469
74af3a31c870f9a4d9f42c2a14fce735266ac2b60f307caf0ad0e108adeebc5d
79bfecda7a16e1b51b6c0095a7bf5cfc3aec6073c1b87ca202fe56175f9d4362
7aac0d9430e944f82379fba6fb642aec2e7e7ae2595c112d48037b1215c749a9
7b0c3a8aff9e900e3591ff092e0b0b58c17b659bda9792094e9c3683bdf2c73e
81d6892362bf208376ee5ef6cd873a2400833da59db548b8614ae52fe16dc6fd
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83ccce4670bd42c28b2dd26a61ea5ce8493280109140a2f6b3075b82da66ac41
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f3f7fcd9ac49ef508532744cf3e553a713ec643a828555ecff0afeca8fed38
857f2bc19c0e2b74db1a86cf75ae39e2f1bbdbaf4247b51c1a9c2a0d1ab0430b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8c2e8a1074ff5c24aa60b437c89cedb701d9db4e0f27c8ccb936aad50b26362b
8c832850204e351ac21aa517c01d56466c44d9cf6bcd9d1c8e48624ef891ff97
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f48eb72fe38135c113ed66a6aff33e72113d34310ece2a12c16202990258ac0
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9027c08fab8b14e38e1b2148efc47da27cef607a11109c07c2f8ed583ae853a0
919456e36ef7d30cf1fd8e527a0e270ac02135b243a36debaad6446eafb39d4b
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
93bdf6d56dd85d97f055218e25cb243456d21f053d0f1e5720f2e2c49371d717
9811cb648fb8e9b68df670e6f974d718925254f68b126f43561c808551a6d9f6
98ef25d37a3bbef9663f37417f578e98154cffae67a2a6baed00c0ba00bba7a6
9b0ac7450c1b5a96493c9a1e8a5aa0901a65bddb920971a47048f0c898d8dfbf
9bdd955aeb21a5fd2be94498a83ee94d990c6a43b18b254cb2704c38eb765c89
9c48b9e8a644e6b176799b8e1b14377dbaf3b1acfaebdedde869a7887c78e688
9d86160a354c9cb0fea4f44ea4d25c6285ce784cb6bd15519e1d9159c7bcc8bf
9dddc27fdd4fca56fa0a6307a3e2a77189e6eec543a188730aad40c34f635f72
9ed3604ea7cb013e8729e82120b132a21d1542a16492bbf4f16d389a479a4199
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a202d9b9da7278252a35e7307ed438e355988234af3249a1444d7cf375a52515
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29e2c9f534f6ed0577c77d6a1e3fd531c1f427d22bee84fe71673cf25dfa2a8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a47d344f0655b3b13a442080cd49616fa3f17f63ff64b9ba90f33b0e5bee6316
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c6bc7ed1169b20bd8901591a0925edc1c19a0565367a8aefac3d53965c12c4
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ba66d5e0cc38107ffab4352e68d139570aad3d1aa7eeb8457c0518ba52cb2b
ab18deb677075d647001503d1e3f39a4f2ccc6eb030449e9ad9186f8bc34f435
ab9292e8e99dbdb957775d7b78bb5a878ecf565f7b476ff9c7c1e00f28715b70
acf8c914a144367e2406a598cf26b14ba5f556c7ea28fb38d5fe4cff6f140759
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af19c3a82e5f292ef463eb58b880ebce62145fa12f0d0e4b2fffd0d105175b3e
b05abef642cc3c6434cd9f9f4499c902a3d6f8e8ff5a80cda85139904eae1384
b1237ab3cb334bcbdb5912f6e7568118d8c54cdf456ee7502c9688fa993337fb
b2dc9a11b5b8b3ae2fc9197cb6dc87883d6abcee6d327740e86597e327d0b4a7
b30132c70cb4020f3d9a78e99f3612dfed77573407108d8c8784adde1c642bf0
b37c16729f79e9ee5d11ce3b86515e2d1870aee55d67f06d796ad22a955bf0fe
b4a0b095a84e1405fd830aff4a6fc1c7e9f8634ae68f3660adc0304c8c5b3a32
b6d791a798646b7ca067a07062142454cf67b0b0d1b1ed9743632a4c45660702
b81d3b6160d1c509c6e74c2e592823035ead5edbe18a982defe378c66002db63
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be7a0d43b9d11f65be9372ff5106512f9bdce581ae2b224a9b89123b20a44882
be8f3e400483b54d82d24adca2a2d85dd7165f89092ce5e70626652fd5a51367
bff54895d14112f10d126095ef9bd7ff3f3c097b27616c91c7547522ea6cae8e
c0102b5dad30615171cb27dcafeb7c4c3eddec38fee9cdd7637f14572f35c97b
c46947495d56c6d2c5c9fb851bb6affbcd9a615a0cf5abcaced5978b87a51f3d
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c924eb2674f00421feb99334f1ea3993646b3c78b0bf78801fe975afdd146268
c97ccb301c4f17329a72cca32c49b7cfa9a4015d3a108f27c954808b18fbf2ef
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d20ecc3c9e73b01450272f39afe0228dc737ccf9c21d5aa5b643c057da2f8ab2
d288d182b1e0e96c17ebe31148058175e2a64aee99dcea5e5ca2c0439b9c690b
d366c6ddcb5c1fbe15b0fdc1258bc9bc0577a3649410939c3ff33ed6f80ea6c9
d49658df7a0ddfd8a19de471e610091740340ba09d16d4c6e7eb9053b7c2d4b0
d720fa104347e74458680a4c87a74570bbbd1afa137d8d941de8dde98484aa0c
d86a6065ecd6bfa453211689af94579b5f93bf0c6bf8761045c4d13b688ef4ae
d8986a1ebc16254e57ae9fe30eac9eeabc69afae24325324ec78c6b90df9ed89
da5bcd12ad3a05776199adb2edd408b409e316810f9787b456ab6657c9cf2441
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de5a2be1a091470b4f620516ef1633bc6ecd554a6ce1b5f3bc8075d767158b18
e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e12b97e9aa9a26d4dbcb2cac47bc74c91b9fe9a92fb057b52a9fc21830063979
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49fa2f6054be25d9382747658520fd63e29781cd912a5534b82f5597b984a84
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e97e116402211cff15d03df9b4fd35416ad562c5084d83b6297fdb947a344e8d
ea08f8c933f8cc02f21406cd25f821690afc579cb1f34d58046cf8cc22cf75da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef200ceb00bd3d242d4350becaac1dd3e2e914017d7f8ac6119fd81efdb284f2
f002a1169985148fa2dadff4fda87dbc16de1390417fa2cf7dfa166d955c1b7b
f01981d8f1a5bd929956aa43132045d327af6cd0ec09ac50d824a668d272f39b
f0223d570169dc7e8dcef11932fa0f6d9a8b15005ef4cf2f0a91ae90f308ca98
f29a9a949b7e381a7bac2655b31a4569b2f33fdf4f82616c739a1d730c36ea56
f36146cad5142a6dd0e90e1da20fb52f11fae5150dca8ec5c41bb9e98d730239
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fce3f2edfcbc1f8f2a481b0c51eef3422baed06801b5842257b742249b34b82f
fcf976924376619b1e9c09d4cc47206161f9feafcd7db383aeb6f6a46ce75a1e
fd3d736519aabe42b50b6e82fa4dcf0ff56e91e6b86a5277c1f059a3b8ac5dc5
ff305d664ec6c12ad16d8f10b6f57f90274c619d902ca293d7ca12c8e40dde15
ffd6323ee142840bba7354a6b6ae5979a9b0d8a5aae2224b8be4844bfcd57de3

indianexpress.com Open in urlscan Pro 23.79.141.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

309 Requests

99 %HTTPS

68 %IPv6

25 Domains

54 Subdomains

46 IPs

5 Countries

8572 kBTransfer

12365 kBSize

25 Cookies

32 Outgoing links

Page URL History

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

indianexpress.com Open in urlscan Pro
23.79.141.164 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

54
Subdomains

46
IPs

5
Countries

8572 kB
Transfer

12365 kB
Size

25
Cookies

309 HTTP transactions
10 data transactions