indianexpress.com Open in urlscan Pro
23.205.234.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=
Effective URL:
https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-w...
Submission: On May 25 via api (May 25th 2022, 6:59:11 am UTC) from US — Scanned from DE

Summary HTTP 434 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 28 domains to perform 434 HTTP transactions. The main IP is 23.205.234.32, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is indianexpress.com. The Cisco Umbrella rank of the primary domain is 35156.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 14th 2021. Valid for: a year.

This is the only time indianexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	23.205.234.32 23.205.234.32	16625 (AKAMAI-AS) (AKAMAI-AS)
47	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
42	104.90.139.15 104.90.139.15	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:231... 2600:9000:2315:7000:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	18.66.2.128 18.66.2.128	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 3	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:27::... 2620:1ec:27::cafe:2093	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.215.67 143.204.215.67	16509 (AMAZON-02) (AMAZON-02)
83	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:231... 2600:9000:2315:5c00:1e:3056:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.144.94.26 54.144.94.26	14618 (AMAZON-AES) (AMAZON-AES)
3 22	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
10	52.209.143.133 52.209.143.133	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	108.138.7.82 108.138.7.82	16509 (AMAZON-02) (AMAZON-02)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
61	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:1200:19:14ed:c7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:6a00:a:5b2c:b080:93a1	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:2600:3:6e47:11c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:8a00:f:b7c0:a340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:214... 2600:9000:214f:9c00:19:be69:b800:93a1	16509 (AMAZON-02) (AMAZON-02)
16	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	65.9.63.107 65.9.63.107	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
434	49

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

click.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 23.205.234.32 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-234-32.deploy.static.akamaitechnologies.com

indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 104.90.139.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-139-15.deploy.static.akamaitechnologies.com

images.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ua.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:7000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-128.txl50.r.cloudfront.net

cdn.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:2093 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-67.fra53.r.cloudfront.net

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

83 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:5c00:1e:3056:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.94.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-94-26.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.209.143.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

ev.indianexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.7.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-82.fra56.r.cloudfront.net

sdk-03.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a73bafb454375ecf0d907670ae07f366.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1200:19:14ed:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

image-ap1.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:6a00:a:5b2c:b080:93a1 (United States)

ASN16509 (AMAZON-02, US)

pubs.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:2600:3:6e47:11c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

impulse.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:8a00:f:b7c0:a340:93a1 (United States)

ASN16509 (AMAZON-02, US)

dac.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:9c00:19:be69:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)

cengine.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audience.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.63.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-107.fra56.r.cloudfront.net

delivery.contextads.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
127	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 a73bafb454375ecf0d907670ae07f366.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130	2 MB
89	indianexpress.com indianexpress.com — Cisco Umbrella Rank: 35156 images.indianexpress.com — Cisco Umbrella Rank: 58126 accounts.indianexpress.com — Cisco Umbrella Rank: 186281 ua.indianexpress.com — Cisco Umbrella Rank: 126390 ev.indianexpress.com — Cisco Umbrella Rank: 169731	636 KB
53	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 ad.doubleclick.net — Cisco Umbrella Rank: 202	362 KB
34	google.com 3 redirects news.google.com — Cisco Umbrella Rank: 4610 www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 74	91 KB
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	402 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	298 KB
16	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	666 KB
12	google.de www.google.de — Cisco Umbrella Rank: 5483 adservice.google.de — Cisco Umbrella Rank: 7678	2 KB
10	contextads.live pubs.contextads.live — Cisco Umbrella Rank: 81481 impulse.contextads.live — Cisco Umbrella Rank: 77830 dac.contextads.live — Cisco Umbrella Rank: 73515 cengine.contextads.live — Cisco Umbrella Rank: 74061 audience.contextads.live — Cisco Umbrella Rank: 119192 delivery.contextads.live — Cisco Umbrella Rank: 83072	37 KB
9	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110 partner.googleadservices.com — Cisco Umbrella Rank: 789	16 KB
8	moengage.com cdn.moengage.com — Cisco Umbrella Rank: 15807 sdk-03.moengage.com — Cisco Umbrella Rank: 134311 image-ap1.moengage.com — Cisco Umbrella Rank: 408870	70 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	92 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1266 i.clarity.ms — Cisco Umbrella Rank: 1832 c.clarity.ms — Cisco Umbrella Rank: 668	26 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 141	2 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1226 mab.chartbeat.com — Cisco Umbrella Rank: 2263	24 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 14671	54 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	427 B
2	wzrkt.com wzrkt.com — Cisco Umbrella Rank: 7162	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	115 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2770 pixel.wp.com — Cisco Umbrella Rank: 2592	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 232	553 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1180	201 B
1	cloudfront.net d2r1yp2w7bby2u.cloudfront.net	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	57 KB
1	checkpoint.com click.checkpoint.com — Cisco Umbrella Rank: 753174	1 KB
434	28

	Domain	Requested by
66	pagead2.googlesyndication.com	indianexpress.com securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
60	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com
37	indianexpress.com	click.checkpoint.com indianexpress.com
33	images.indianexpress.com	indianexpress.com
26	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
22	www.google.com	3 redirects indianexpress.com tpc.googlesyndication.com googleads.g.doubleclick.net
22	securepubads.g.doubleclick.net	indianexpress.com securepubads.g.doubleclick.net click.checkpoint.com www.googletagservices.com
16	static.criteo.net	ads.eu.criteo.com
16	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
15	fonts.gstatic.com	indianexpress.com fonts.googleapis.com
10	ev.indianexpress.com	indianexpress.com
9	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
9	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	pix.eu.criteo.net	ads.eu.criteo.com
8	partner.googleadservices.com	pagead2.googlesyndication.com
8	ua.indianexpress.com	indianexpress.com ua.indianexpress.com
6	sdk-03.moengage.com	cdn.moengage.com
4	ad.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	delivery.contextads.live	impulse.contextads.live delivery.contextads.live
3	csm.eu.criteo.net	ads.eu.criteo.com
3	www.google.de	indianexpress.com
3	i.clarity.ms	www.clarity.ms i.clarity.ms
3	sb.scorecardresearch.com	1 redirects indianexpress.com
3	cdn.izooto.com	indianexpress.com cdn.izooto.com
3	news.google.com	indianexpress.com news.google.com
3	fonts.googleapis.com	indianexpress.com googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
2	dac.contextads.live	impulse.contextads.live dac.contextads.live
2	impulse.contextads.live	pubs.contextads.live impulse.contextads.live
2	c.clarity.ms	1 redirects
2	www.facebook.com	indianexpress.com
2	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
2	connect.facebook.net	indianexpress.com connect.facebook.net
2	www.google-analytics.com	indianexpress.com www.google-analytics.com
2	static.chartbeat.com	indianexpress.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	audience.contextads.live	dac.contextads.live
1	cengine.contextads.live	dac.contextads.live
1	pubs.contextads.live	click.checkpoint.com
1	image-ap1.moengage.com
1	a73bafb454375ecf0d907670ae07f366.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.bing.com	1 redirects
1	ping.chartbeat.net	indianexpress.com
1	mab.chartbeat.com	static.chartbeat.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	pixel.wp.com	indianexpress.com
1	d2r1yp2w7bby2u.cloudfront.net	indianexpress.com
1	accounts.indianexpress.com	indianexpress.com
1	www.clarity.ms	indianexpress.com
1	cdn.moengage.com	indianexpress.com
1	stats.wp.com	indianexpress.com
1	www.googletagmanager.com	indianexpress.com
1	click.checkpoint.com
434	57

This site contains links to these domains. Also see Links.

Domain
tamil.indianexpress.com
bengali.indianexpress.com
malayalam.indianexpress.com
www.jansatta.com
www.loksatta.com
www.facebook.com
twitter.com
www.reddit.com
images.indianexpress.com
indianexpress.page.link
campaigns.icicibank.com
eureka.indianexpress.com
www.linkedin.com
www.instagram.com
play.google.com
itunes.apple.com
www.financialexpress.com
www.inuth.com
expressgroup.indianexpress.com
www.myinsuranceclub.com
rngfoundation.com
www.lighthousejournalism.com
subscribe.indianexpress.com
vip.wordpress.com

Subject Issuer	Validity	Valid
click.checkpoint.com Cloudflare Inc ECC CA-3	`2022-05-05` - `2023-05-05`	a year	crt.sh
indianexpress.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.moengage.com Go Daddy Secure Certificate Authority - G2	`2022-02-02` - `2023-02-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-03` - `2022-06-01`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
wzrkt.com Amazon	`2022-04-06` - `2023-05-05`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
ev.indianexpress.com Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
delivery.contextads.live Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
contextads.live Amazon	`2021-06-29` - `2022-07-28`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Frame ID: F69309C8ADEA73641E02FC5460A66D1C
Requests: 154 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 3B5CA09BA747E67CF1158FB376517FEB
Requests: 1 HTTP requests in this frame

Frame: https://a73bafb454375ecf0d907670ae07f366.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5998A6279B8E095064B1413FF80A57EC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D23631B10A501BDAB5009492BF26768A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A026AE4A9AE406A610EDE3993D112BDE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D5162C84A7E5538CF3C888166387D39
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2W2_K3z45NJUDWW68Ptd64C23SR3_k8VfvKbyP6_CROB7SZHDUb0XZr0TMN8qc_DUPI3lEdlKc65V6kgl-tcnrTkAuzgbKbnKrokoexpsZyqVQd2D1hnBWntoYoJBC_PYk-fgu4SvFgFxDSCz7DxisBKmS9aqclILR4L7IxnwwxiUQq8a-6v1ieO6Rw6hQnX8hC63V9L04nrx42qYQwrS4l6Nm3VaztKf1wk8dYV0vHppf3q50r49SJVqLINiE83kABiY1-FW4MXywsaCfPUppcbWsS3w8VF0llbKSyv3tTVvzxYlxEm0Wq79XH3WqlQIkne_ueGzNWVRhiRb4Q1CIfh2Bfia1zYFiUF1&sig=Cg0ArKJSzPOsW0LT-0c2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 412CB158E54788C783E9BE9942DBE418
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1mLzRM4MwgN6K4JFGUWo1kazDOw1GaDR_OccpQfxVveR5lZjPGa2uWKkUk_RYw6t6kNnHYqKqfEUiSe3zsrEAS1YU2ik7lcCqBv72_myPkUb1QYk6ln1ZaRMv7d1Hq-7_7RzLr-F7YEcPjQtSccGQtMZT3OWOvpghPFua-sb_VSggdmb1wVj8p3O-EadRjGuf0RA6ebRKwaNwhgLJwkMHVnJsI1IcaqBnu63AO2-6SGdFCqyFi5TRpNz01ILsnxSMBktQ8H1LKwMlGNe93sTaIBzhkMDKcj8ju5Qh1CMdAXTNXl_bPiO5EYEwXHfSzaE8SLTBgT7iQ6frNJ-4aFZRiJ2EhCZAsxHgwJa&sig=Cg0ArKJSzMj_SZycthjwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D70328062EBA145205AD33E6435ADEBC
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSSJR61Vb1LmzgIiaZLN4Zo_HaA7diA6rkm606KDPBGD0ugBtQgYc83GW7BxErpfHFGdhj-r8bZOyrIihlPaRHQkBkmmld_cjINaoZye-Kdfkb2wxFWwQ9pcTa4Xegmuikg8_Yh33sSKDUQhg99QSvHFhFL2Fs7qWPwfbRyHCf52wM6ZDPmRoA0min_Fu3lxeuUW1gXkPJo3jyu11Rs81jP-HQ1IhnhBkp5eV4ImDMyuE2IipI-rcf1r7Wn3Eg5PuUptGo2kUUtdwdW7aSzLVyjST79x0yfxpFUD6k5JADvJQtUay9f3zkhfNfczzFBPaftFlGyjSrYi9jSyVofaQKVAs6LJilBHL1kbQkmQ&sig=Cg0ArKJSzE7QD2fTiuU0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D36A3A347B44459C6D12854683D77FF7
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6O0PcPUt2mBY2yXwEX71269rDR0VWfmCrznF9CkqK15n2FH1hZkKX6GO2hgp8qylhOEXfVM2kCnuRWOpNk9QmOkAuVPBN64FdDVujju6N0kSealJm9c8VtiQrruPJRUz9voUvmUK_aTJoQvjcDnf9Nat2q9-HIHyoJMo4jMwd4vlJWWhlAGFqlxkDyTdTksmMMuwq0CZyKyvIT1EjimTBVsoMrNwwFp7WEihEoLg6F8_vo7oGYZ_KBiVKmtgMd38VObBDdqRS6Dof7mlXYH3wsCMahW4j6Ns3O_7Dz_vWyul539gV9pzE5Djed_-gYMHKl227trsCvYhOfMvMxjIkLekN-14kEH7_lsxm3A&sig=Cg0ArKJSzMqu2jiFCLViEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0AAA2D1F167DC68F6F75F1FD7FC06A49
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIzwGLZzDUV-69NrfVpkIir5G3GfEthTdQvTWxuWyn89V-kwKtfTEAi6xzJVDr28GJS3FLH_YKocInqrbhHmjtRlrl_akU9eyRBbcpSWARHR5DpzRxTMaGvxUwr7awDuiWpyG3qUTSly8GcKP6XCd7lSMlQCCY_usPQkHWlkoTVzF8aYtCoeUSe3_Y4lZwYeOqMOtsFfcw1IJXO4yNkKnT6d9PZJez4CRGrU9rua4DalqnvKo2qSznH5de_ErgkoB-ourE_guA8G_HK8R2s8OEuUVdZeMH7HaTEHfu_pSqyVU_ZnVGz-c7OLFAo63C4oDyQ8HFcljYZFokfq26EUjCSKnb2upRvmi5TDkLwQ&sig=Cg0ArKJSzLd38SexTplcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B58647BA546816A030B147D93ECD1EBC
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssavtcG69aTz4qsyWZSHqacjLufXpuYiMHGVoQNbQiKH0NaqBnU181XT7cTwtFiN5V6gxPZ-P1TmS__rT6ZbUGCnAayHULS1-_9YTK81XMJ_g1At0ZGksJZPvnXnAMiRgWe7X4fkTkJ8RIjAWKu779TFNn-9hOLc6Me9BbQHFrl_UcN8ljdbuUpbqofUBDM0xFerUWshNOiZJ1LDZr_IFx0pl9TQV6pHY0lTD6ELSfnhE3yzRvvnJBHEqQiBglWcO_6FD-r9KAE-QarLBKUtX9TCxjcz58xsEt54nYArPWLKN_YWDpb-RzpQmRdUl4vSiTSqDvxiVhekpA5MaItI0gkMSUUeG-PuXIYidZgrbU&sig=Cg0ArKJSzFGyRqZzdIqOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B0C6F18768C3D68332DF674CCE8721E3
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul6VBOwvNtA0sJRNLTKcA5sYoCj4S9CcQpbhUFMusaY36niy2D-uyNSbnNQsDYvL4uQlmPoTxOyhU1hn6GGeWV-YgKgJDPJAVrtUjnQtGVXyXHwQQLsMDMUKebZwzi6rvI6enWWvlr4QdRFuJpBqQJ4TMX6rwS-0TVOE_Sofp44HgIhUH5MFKyLQIlvQUdIKupe9kdEPEQ_dszOIQNWqco5Xh0pPXPDHcmEbQ0mCqfVKYW3mFQFa7WXk9srO8fF_pckd6Ex2GQ7Gma0B1oP-5StQvabDRsW-ijes_QW6C3x2AL76s_9NnRO_fl8YhFg4_N2FJLf2o_0KVqNO3LGeEIn2E1iBE7GOMUyA&sig=Cg0ArKJSzP0oEJUnaOXHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 31F8C8DC055BD522F0ECABF296BCB974
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVkk1ND_0wtgrXQnpbX5iJYVxlDX4tLlTvFsaUehx6AJDQD0HKyBnw8QO33nEiB-yUqfO8RNIDXCtotKHvVKM94coP1ubuwMxxCn8e7fKyklGIpBYhp0DD4HRgeUn6q1TzNsNtHUNKoIUNN6wEiKLNv2f0flu_3l_avvCUx_sVuV1_bQQe2Z_ahMrOmUSwnXhW-O2xP223skzN6XgWpD66j9fpGfhmEXQ-NgiG6FEpG4pG6qlCS9xEy9W3EmghpB6Pq9MOJACZwRll8kcaX-JkmVKsGuHNmIY4YH_lXxba5sjuN_eu036mxKRswRW_v66YIYY74iYIZNEs1Z5pXPUSNx-zCZh-CFRoiw&sig=Cg0ArKJSzCCgmYfbfUv3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E78E9713F75B15F1EEC1C4AC2B2A87E7
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNGIVlP6pPYI_TEqbUIZ4aWZjbm6tGsuRE6AOhktghIRNhdzAkFuvJ1CvdhqC2RNTAnKGy8UxLqcPzQDEOCB6S4j1lIwIYzW9TuS-gcaZ7qssjTSsWUMoVHUsHj4zSLkg3tj_RNIIfmuaF4vETPeFEpeuINN31Y3QB0ycaAaabl3r6DBpHeK6ip9bc6Ta3nz6sH9xR0K_iRZSvuVuLVSSFYxjcAqYri35lIK8-lfgT8LUL_oG0r_guaIpnT-Ly9cOICp6NlC8HpcaMP6iA-NMIVU9iYlfElBoX1eRm0syQeNE_MFg0oiMSLxPgfydqvIcaXWAFjaoWskFG0kvH3XbMnLUGg4416-eQ1TTzyGh59w&sig=Cg0ArKJSzO5HMXPbNa2kEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CCDA186934A69F914AC8C07A27563E23
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220523/r20190131/zrt_lookup.html
Frame ID: 5594DF2821A30D252D729722590F7B41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=90&slotname=4068205970&adk=2668761221&adf=3173046726&pi=t.ma~as.4068205970&w=728&psa=0&format=728x90&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944566&bpp=4&bdt=206&idt=338&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=2&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1997433642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=187&biw=1600&bih=1200&isw=728&ish=90&ifk=2440170843&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067737%2C31067768%2C31067526&oid=2&pvsid=1060439149467540&pem=626&tmod=175301254&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.v0rnrobqfh04&fsb=1&dtd=357
Frame ID: FE3110CF2B284D2FE9A31FE3F157C058
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046724&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944719&bpp=5&bdt=344&idt=229&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=126749912&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1620&biw=1600&bih=1200&isw=300&ish=250&ifk=1685284269&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44760474%2C31067487&oid=2&pvsid=3888245929453611&pem=626&tmod=1318275688&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.y9ftxvckarvp&btvi=1&fsb=1&dtd=245
Frame ID: B6FB789478117763C457C5EC90690D2B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=6686286215&adk=2703873347&adf=3173046725&pi=t.ma~as.6686286215&w=336&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=336x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944740&bpp=5&bdt=373&idt=235&shv=r20220523&mjsv=m202205240101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1110079953&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=700&biw=1600&bih=1200&isw=336&ish=280&ifk=1241629477&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067757%2C31067488&oid=2&pvsid=1484438737876758&pem=626&tmod=2021561125&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.c6iyglq3ef05&fsb=1&dtd=250
Frame ID: AE4A4322FB7128A0AC764A8EB791CED6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046723&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944762&bpp=4&bdt=380&idt=236&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1786783204&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=4650&biw=1600&bih=1200&isw=300&ish=250&ifk=2444015815&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067527%2C31067487%2C31067718&oid=2&pvsid=312738747088414&pem=626&tmod=1099106339&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.br1tp7q2xze7&btvi=1&fsb=1&dtd=242
Frame ID: 2A2142B41BC94FD71AF45E9F05B039BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255
Frame ID: 5BA7CC6D4716A6A32E600664743BF6B4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186319&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944844&bpp=3&bdt=433&idt=240&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1961895520&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=1230151253&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31067737&oid=2&pvsid=577011371732562&pem=626&tmod=259749370&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zgf9ega0ongu&fsb=1&dtd=253
Frame ID: C6B588A2F82BCE20F26E85815C484497
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232
Frame ID: 1D18A1061834FA73671547DA0D41C8E6
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263
Frame ID: 8956E4ED3389C426ABC3A81FFC9CDD14
Requests: 11 HTTP requests in this frame

Frame: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&amp=false
Frame ID: BC194CF354F84B831068526B2932BD50
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3TuQAAQv4K4FlHAAWW8h49Kclk_RwPfp8QyQ&u=%7CUGqX%2BeomXONwI4%2F2NUZgdXLqXCfJQ1S%2FNI8yyxFZssU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4UCR1GnmPW4iMUx47ZizX0Y4aSGCN7nIEkwiC-jGZOmkW234zmh52fBVlpGAg-BIm1fjkCRO3NKb93Bx95kgpbLUC5rc0OR3DCbKifXgAKOxCwfW02eblu22oVGI1dkQyEOMZCbef7_7OnhWzZYah9_LCcm-o2WR6zEjURn_Tp1KPpVAmOSiSAX6QXL8n42a6aT0VG20LcNDQMY_hUCTqixEvZQjtu8Bxupxg--WDmjDgNQKKWXOABYB7l1fKH44sGZgs8FH9JYHg1Roqew1GYh56fMh3_9pThALfKbvFfdMehfm0Uk44Jex0xlf5tedo6gFCMppnW0VppBXu9ZheU-DorSqKuEKWbYLt9nOLWBJrvFjgIPx9rom3KzrYvNka1AdfoVJvcCDRkf792-T-wyWzoYljWVCYQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI6j1udONYv6FAceygQfyrZaICMme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAiqsz0j59bE-qAMBqgStA0_QNe1SH9skRDYLDE_JGAZwL59M88aceR9VQa8oIrRsB4KGtGsRP4HgpKxo0UFXsjeHl1u69ulC1zD5Nquc3oLCh4HQmf1K2a52QDNpkGcmqHfryGP2UO8X03q4VPgkS9RSiAXo8WE-zXE8dgtXJZ6JG6bsUX-xGEObWvmj4yiOw3qcdfp0-enT37izqC4I6XUecLNOIRSKd0T9xo-bZeRgw5cz7KA1pFkYVtmvq_IfACOKsmWbE7jMJZ-aQAfN_1V4Amk4niGCKk-1UVpqN9U0tPWBCymM2VQqy62eWiaE7XGRPUfKlp0Powv3JWIDanmzKrFWf8jZxegqr-2fsPCk4L6Z6kBqaTnsNalnWwwc2l7R7d29bjg0_85En2K9MqbH2jKy-Imvv16ALXTS9_GM14zPyOU_1c4j83DfVdMYPN-WoyTGc2WCdn0O2ZYcnyNgndAEEB_IxPR3wlILDj6ZceQWgqZaqk2P3SNIXeks7Vsh-r_vMksMaISaThZtkBdzEbGqC2yAPBfVtP-TEK8wZXQbZlyIuJh7Td61KbK31G0HnwADIxoCZRcreYAGpY-0v_P7nsBXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EdG8bWbPFAZVfgY4ORv9FWe5rQA%26client%3Dca-pub-9517772455344405%26adurl%3D
Frame ID: A396B53DA44FE52BD0A71EE4AB3E4F76
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3TuQABiE4K4B2xAA2a8qxf2-UR2fY23dsatg&u=%7CUGqX%2BeomXONrWJwyT%2FN%2BgzeoNzfZICWRRHy9JInBRwk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoI1Nb-TXZrXOCYQLm9qLuhr7z8Iti4yQ3J4AkqekfEm7MA3iqvTeMFkukbETIeL6b2yR5wJ6dVV7PNgTaIpf3vO7CK-NxwjsO7FGkOgudUJ1whJsfIRw22LM8sZfRGNlmc8TD1vzZdS29LXME3do7y0RefTTLeL96EVVCdQw2jxMmURKHFYsGoQWP5AHdc9SfGkuVPJT9HS1iGFgkbBAdZG4CzPgd4UmmvrrQQoQVFdpjb5VNKzJNspMK4iPS6W99yzzydJhdGgJzvajsrOHvQuWD_xSxwVPTewD8Kxuhhr5JqGbyThtVhnJWqJlxA3dKOVeuIKEdQY37zXaGDWsoAknxKumU1g6DCp1-uKkrVqekEQqL-_jnQMyciAr_Z76GiPlFYmClEqyQBsFTUk8cDU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlOCudONYs6QBrG7gAfytbY4yZ7SsVy1mOPWkwHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAjQrXO8s-bE-qAMBqgSzA0_QkO6DjjAv8SkKiE34DblTVzXItrUZyAlPt_Dh5-wd17aeR_tqry42zk79h3PdreiE-Q2SAYs7tDwo4qWVSJ1tNQSV6SW8YDJxljIys5-lW6I19Iw0v0wXGWkPkH4mmGvQOKmkqP2Uvzu0Q09baoc3XX2IHXQELfp2UB5VCvRwPVc0LxfQHVsHK-RDDNwdtj5Isu4jF7rB_xe1EgGxnrhSJ3Gj8G6oWFTPxZR8-bexY7EKSFpN_q3aZ1VXyfOCqCyN48yOP8bzVBN4HMF-egNcIRm7uPU8Ukv3MU3SSUCfYVxot3qoflak4R4DniOGbWwhFEiN0WA_I2ZYeikTPPjVOWhQk1VKVXBpm-Pi2rdl8KYyJ2tMAok8FeARf56qZcgGcc7AT7D_-7gwIJ-r_vd292m7yiRVui3iBh4O1AApdDCSJd91sNQ3MsFteYK0IWNkEIHs-12jRp21FH5ud-8h6dmj3rcjztyYupvATKENb_Ln4QgtsU53TafE8mCfGlQeRr-joC4GVvILhvjeql7DPPhy4voVhU6KXwCmqUoAFbhQ2LpnQ5C9vySWrQzLFZnh5oAGpv6GhpiRjLuMAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QnrOYqCW5DBa_Czov_wiiv0PKVg%26client%3Dca-pub-9517772455344405%26adurl%3D
Frame ID: B97706FE4F19166C28549DFA06A748AF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 98022884005880CC317E5C1055F58CD8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C77BC3E4629419D0D7241DE5EC95AA8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 947DA443C3B16434F24A8F1FF3CC7882
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6FEA79B911EF37AD971D93B646829F04
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7F24D92F57AAE19947FEEFED683676E7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js
Frame ID: 23E4374FC690A9C7F2E0C0563B8ECB4E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6662E2ACE1E9DF124CA97AB47232FEE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F05C300C569EA12E60E37D5E7FFF2482
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js
Frame ID: 479AC89806ED89CAFA4A7C15671AB4A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js
Frame ID: DB30661E59A084C91C074FE0E7E28128
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC4D6C19718516DAE067824DB5AB0873
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 527434E8CCB91488904D5456900A3996
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02C94EC1B11FB79626BD71973AEDD4EC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5EFCA4E9BE043430D532CE073CB2CD87
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39889640FBD911F285D682F76E94AF5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0779D8D22963E011CBD63395E08CC1C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FD775B6D17504B8401C56F9E74AFF7B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EA187692E4A4EB19315F750FA1D65C0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js
Frame ID: D3A8066CBA99D57B12C604F93CAAE702
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js
Frame ID: 2C995E9CACFEAD02F9E759D38C9BD6B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB8036180C09A6BA75612E0A8208F973
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 039C2CD432447BBB619E70EF6BDC9D55
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B53CF0A3C601E50EC5DB23B3CB2A5294
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43E952D3D0567E44EFEF56A83905EC6E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ever Surf wallet flaw could've let attackers steal crypto wallet

Page URL History Show full URLs

https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk... Page URL
https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-atta... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

MoEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.moengage\.\w+

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

434
Requests

99 %
HTTPS

61 %
IPv6

28
Domains

57
Subdomains

49
IPs

6
Countries

5056 kB
Transfer

12658 kB
Size

40
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://tamil.indianexpress.com/
Title: தமிழ்Tamil

Search URL Search Domain Scan URL

URL: https://bengali.indianexpress.com/
Title: বাংলাBangla

Search URL Search Domain Scan URL

URL: https://malayalam.indianexpress.com/
Title: മലയാളംMalayalam

Search URL Search Domain Scan URL

URL: https://www.jansatta.com/
Title: हिंदीHindi

Search URL Search Domain Scan URL

URL: https://www.loksatta.com/
Title: मराठीMarathi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/indianexpress

Search URL Search Domain Scan URL

URL: https://twitter.com/indianexpress

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F&text=Ever%20Surf%20wallet%20vulnerability%20could%20have%20let%20attackers%20steal%20crypto%20assets%3A%20Check%20Point%20Research&via=IndianExpress

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F&title=Ever%20Surf%20wallet%20vulnerability%20could%20have%20let%20attackers%20steal%20crypto%20assets%3A%20Check%20Point%20Research

Search URL Search Domain Scan URL

URL: https://images.indianexpress.com/2020/08/1x1.png
Title: https://images.indianexpress.com/2020/08/1x1.png

Search URL Search Domain Scan URL

URL: https://indianexpress.page.link/aeiu
Title: Indian Express App.

Search URL Search Domain Scan URL

URL: https://campaigns.icicibank.com/business-connect/index.html?utm_source=IE&utm_medium=Display&utm_campaign=TOL&utm_term=N&utm_content=N

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/video/art-craft/
Title: Art & Craft Classes for Kids

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/video/fitness/
Title: Fitness Classes for Kids

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/video/dance/
Title: Dance Classes for Kids

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/indian-express/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/indianexpress/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.indianexpress.android&hl=en

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/the-indian-express/id506351833?mt=8

Search URL Search Domain Scan URL

URL: https://www.financialexpress.com/
Title: The Financial Express

Search URL Search Domain Scan URL

URL: https://www.inuth.com/
Title: inUth

Search URL Search Domain Scan URL

URL: https://expressgroup.indianexpress.com/
Title: The ExpressGroup

Search URL Search Domain Scan URL

URL: https://www.myinsuranceclub.com/
Title: MyInsuranceClub

Search URL Search Domain Scan URL

URL: https://rngfoundation.com/awards/
Title: Ramnath Goenka Excellence in Journalism Awards

Search URL Search Domain Scan URL

URL: https://eureka.indianexpress.com/
Title: Online Classes for Kids

Search URL Search Domain Scan URL

URL: https://www.lighthousejournalism.com/
Title: Light House Journalism

Search URL Search Domain Scan URL

URL: https://expressgroup.indianexpress.com/advertise.html
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: http://subscribe.indianexpress.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://expressgroup.indianexpress.com/corporate-social-responsibility.html
Title: CSR

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=indianexpress.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc= Page URL
https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://sb.scorecardresearch.com/b?c1=2&c2=8738137&ns__t=1653461943020&ns_c=UTF-8&cv=3.5&c8=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&c9=https%3A%2F%2Fclick.checkpoint.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8738137&ns__t=1653461943020&ns_c=UTF-8&cv=3.5&c8=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&c9=https%3A%2F%2Fclick.checkpoint.com%2F

Request Chain 137

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=9556C13907A34A369E37A4137141EA78&RedC=c.clarity.ms&MXFR=128CDF87BFF462A51E94CE28BBF46C11 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=9556C13907A34A369E37A4137141EA78&MUID=09E6A41BC37860F20EB2B5B4C2AA61D8

Request Chain 320

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 347

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005020;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=440377857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005020;dc_pre=CNr5rN-J-vcCFUzydwodzJMC4A;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=440377857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 352

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=1914432199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CKaIrd-J-vcCFQeTdwodoI0IDg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=1914432199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 358

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 368

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

434 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=
click.checkpoint.com/ 651 B
1 KB 197ms
172ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-caS5CpCBau3IbO53Dm3ThPWHvwbXDlHJaPxVow3GbDk=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 710c62d04d85916e-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-caS5CpCBau3IbO53Dm3ThPWHvwbXDlHJaPxVow3GbDk=';object-src 'none';form-action 'none';frame-src 'none'
content-type: text/html
date: Wed, 25 May 2022 06:59:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 Primary Request / Show response
indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/ 111 KB
25 KB 663ms
611ms Document
text/html 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Requested by: Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: e1f887a65e7ac59e33e7ad5e0dc6330d3abcf742d3111fd59c7522cc5a537447

Request headers

Referer: https://click.checkpoint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: must-revalidate, max-age=300
content-encoding: gzip
content-length: 25274
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:59:02 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://indianexpress.com/wp-json/>; rel="https://api.w.org/" <https://indianexpress.com/?p=7887991>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-mobile-class: desktop
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 0 2 9980

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
29 KB 62ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

80b110bd2739c684f764fc9440cd2685591af18f0d8dbf3efe7b5c13c0ac459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28687
x-xss-protection: 0
server: sffe
etag: "1225 / 72 of 1000 / last-modified: 1653429844"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 May 2022 06:59:02 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v13/ 22 KB
23 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 07:56:33 GMT
x-content-type-options: nosniff
age: 82949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22492
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 24 May 2023 07:56:33 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 25 KB
25 KB 37ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 09:17:14 GMT
x-content-type-options: nosniff
age: 510108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25984
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 19 May 2023 09:17:14 GMT

GET
H2 200 /
indianexpress.com/_static/ 2 KB
1008 B 14ms
14ms Stylesheet
text/css 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/_static/??/wp-content/themes/indianexpress/style/evolok/ev-em.min.css,/wp-content/themes/indianexpress/style/share.css?m=1653283496
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d86a6065ecd6bfa453211689af94579b5f93bf0c6bf8761045c4d13b688ef4ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 23 May 2022 05:24:56 GMT
server: nginx
date: Wed, 25 May 2022 06:59:02 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=246
accept-ranges: bytes
content-length: 840

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37620a21f2c57e24796a04610065e1c73d00476563915c8f068967114ccbfddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 06:41:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 06:59:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 06:59:02 GMT

GET
H2 200 /
indianexpress.com/_static/ 290 KB
55 KB 40ms
39ms Stylesheet
text/css 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/_static/??-eJylkltOxDAMRTdEGgJ0/hBLQRn3MknJo9SuSnePOwOoSEhMhfITP861cxU7D4ZqERSxEpDBNpYu+oL3YQSzZVkSrIBChAnwHcaGmG/sdaCfwTVjD3IZYgrmPRRLHZc9wEtNqc7PfpJQr3xSjjRWjqKFu4NxztKqliK9mnP/f1W++VgoTZ029NoOhZFUSAW3wZD8oj4lnDwtTY7lb1xr2/gH9LVznsyQplMsbN/y9lqPPUgMeQq47Lz6uM/yKr98n83EHjJ4tdPdNu15xmdiZZ7yozu09w+tHvcB9iwGIw==
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fbe13738ab064499c52a7a865a1a82fa306f117793828f841294fffea21fe89d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Wed, 25 May 2022 04:55:41 GMT
server: nginx
date: Wed, 25 May 2022 06:59:02 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
content-length: 56330

GET
H2 200 jquery.min.js Show response
indianexpress.com/wp-includes/js/jquery/ 87 KB
31 KB 15ms
15ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 14:57:03 GMT
server: nginx
etag: W/"62349dbf-15db1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1146089
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 30953
expires: Tue, 07 Jun 2022 13:20:31 GMT

GET
H2 200 jquery-migrate.min.js Show response
indianexpress.com/wp-includes/js/jquery/ 11 KB
4 KB 20ms
19ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 17:51:44 GMT
server: nginx
etag: W/"62507630-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1146098
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 4169
expires: Tue, 07 Jun 2022 13:20:40 GMT

GET
H2 200 slick.min.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/vendor/ 39 KB
10 KB 20ms
19ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/vendor/slick.min.js?ver=17092019.1
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9027c08fab8b14e38e1b2148efc47da27cef607a11109c07c2f8ed583ae853a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 04:13:08 GMT
server: nginx
etag: W/"624135d4-9cd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1146126
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 9689
expires: Tue, 07 Jun 2022 13:21:08 GMT

GET
H2 200 ie-moengage-sdk.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/ 1 KB
909 B 20ms
20ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/ie-moengage-sdk.js?ver=05052022.1
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d72976626d32773e6200410b353da9fee771f7c69b5cd4d6c1781d2946628bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Thu, 12 May 2022 04:57:55 GMT
server: nginx
etag: W/"627c93d3-51f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1465665
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 697
expires: Sat, 11 Jun 2022 06:06:47 GMT

GET
H2 200 swg-gaa.js Show response
news.google.com/swg/js/v1/ 70 KB
18 KB 348ms
296ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-gaa.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77de8880782b1239866c64bbba1d2d7529e300b8628f6a23f0dd9580260bc706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17954
x-xss-protection: 0
last-modified: Wed, 18 May 2022 18:04:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 07:49:03 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 145 KB
45 KB 59ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2457ed91b16d9dbf7a21917fd4f8c47da415054f1c93354749ed075ad211fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45793
x-xss-protection: 0
last-modified: Wed, 18 May 2022 18:04:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 07:42:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 152 KB
57 KB 54ms
15ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-356047812

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45a447aa2dc11f10715a355af579ef5d7bad0c0292d2539bfa8d28fc63bb2484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57885
x-xss-protection: 0
last-modified: Wed, 25 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 06:59:02 GMT

GET
H2 200 fb-followus.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 1 KB
681 B 27ms
19ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/fb-followus.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 1c3fffe143ad0ce81d60e95e6f6c72b8799587e0211c49e6c4b7efb25ba6c016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: mad1 0 2 9980
content-encoding: br
last-modified: Mon, 09 Aug 2021 12:04:57 GMT
server: Akamai Resource Optimizer
etag: W/"6110e708-41d"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 474
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 twitter-followus.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 2 KB
923 B 27ms
20ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/twitter-followus.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 49919cdd76bb75af97102773b75d9b766922863883afcc28ad868b31d4beb6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Mon, 12 Jul 2021 03:35:00 GMT
server: Akamai Resource Optimizer
etag: W/"5e722478-641"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 716
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 indian-express-logo-n.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 8 KB
2 KB 27ms
20ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/indian-express-logo-n.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 4984a12a4e2268fb4e8104ec4b208d4ceb597fa6ebc3529924eed8602a29ba49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: bom1 118 184 3244
content-encoding: br
last-modified: Thu, 17 Jun 2021 15:56:41 GMT
server: Akamai Resource Optimizer
etag: W/"607372ba-1f52"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 2206
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 theindianexpress-logo-n.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 7 KB
2 KB 27ms
20ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/theindianexpress-logo-n.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: acf8c914a144367e2406a598cf26b14ba5f556c7ea28fb38d5fe4cff6f140759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hkg1 0 2 9980
content-encoding: br
last-modified: Tue, 10 Aug 2021 04:14:09 GMT
server: Akamai Resource Optimizer
etag: W/"6110e708-1b89"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 1805
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 facebook.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 949 B
694 B 28ms
21ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/facebook.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 67247b5cc3929dc20447c5740d39df6d8d3947a51d0f0fd9ada6ff3a6aa0c227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: nrt1 0 2 9980
content-encoding: br
last-modified: Tue, 20 Jul 2021 12:05:06 GMT
server: Akamai Resource Optimizer
etag: W/"5f00d2fc-3b5"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 487
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 twitter.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 1 KB
964 B 29ms
22ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/twitter.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: ff305d664ec6c12ad16d8f10b6f57f90274c619d902ca293d7ca12c8e40dde15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: bur7 0 2 9980
content-encoding: br
last-modified: Sat, 14 Aug 2021 04:23:07 GMT
server: Akamai Resource Optimizer
etag: W/"6111117f-5ec"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 757
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 reddit.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 2 KB
1020 B 29ms
22ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/reddit.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: b30132c70cb4020f3d9a78e99f3612dfed77573407108d8c8784adde1c642bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Thu, 19 Aug 2021 04:45:21 GMT
server: Akamai Resource Optimizer
etag: W/"611a2be4-749"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 813
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 1x1.trans.gif
indianexpress.com/wp-content/plugins/lazy-load/images/ 42 B
224 B 30ms
23ms Image
image/gif 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/plugins/lazy-load/images/1x1.trans.gif
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 114 11 3110
last-modified: Sun, 27 Dec 2020 20:02:36 GMT
server: nginx
etag: "5fe8e85c-2a"
content-type: image/gif
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 42
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 newsguard-check.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 556 B
535 B 31ms
24ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/newsguard-check.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: be7a0d43b9d11f65be9372ff5106512f9bdce581ae2b224a9b89123b20a44882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Fri, 06 Aug 2021 08:31:29 GMT
server: Akamai Resource Optimizer
etag: W/"61080b8f-22c"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 328
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 newsGuard_logo.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 3 KB
2 KB 32ms
25ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/newsGuard_logo.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 3dee579082b075f323ebd0d5309ac8aa86df82118da75c8b27296acef81229b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 114 53 3256
content-encoding: br
last-modified: Tue, 29 Jun 2021 06:41:00 GMT
server: Akamai Resource Optimizer
etag: W/"605b2ae2-b57"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 1327
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 icici-26th-may-300x100-1.gif
images.indianexpress.com/2021/08/ 17 KB
17 KB 73ms
5ms Image
image/gif 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/icici-26th-may-300x100-1.gif
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b4beec436298c5fc7ca3dc18d075b329f338ec6abd611f085173871d7ec148bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 109 198 443
last-modified: Wed, 25 May 2022 06:26:53 GMT
server: nginx
etag: "7166b6e3653e40a0"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 17651
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Terra-Luna-Bitcoin-Reserve-disappeared.jpg
images.indianexpress.com/2022/05/ 3 KB
4 KB 76ms
8ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Terra-Luna-Bitcoin-Reserve-disappeared.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 0f955d2b647fe1afc37181568788598adaea288dde8d4de08a5881fb8126a257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 20
x-image-server-store-time: 1653293038
etag: "0d6cafc2d5b00945"
x-image-server-cost-real: 17724
x-image-server-cpu-estimate: 20
x-image-server-response: request-1318104-72667325-1b8fe0d0
x-image-server-cost-estimate: 17724
content-length: 3537
x-image-server-product: AIC
last-modified: Mon, 23 May 2022 08:03:47 GMT
server: Akamai Image Server
x-image-server-cpu-real: 21
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3574
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 15
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Apple-WWDC-2022.jpg
images.indianexpress.com/2022/05/ 1 KB
2 KB 77ms
9ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Apple-WWDC-2022.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 85ac28707b76f118496dd5da0df04e9fc623e4b7613af3a9a80d4dded48051a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 70
x-image-server-store-time: 1653459092
etag: "99012795d5aa60d5"
x-image-server-cost-real: 26318
x-image-server-cpu-estimate: 34
x-image-server-response: request-2280148-31397127-377b700
x-image-server-cost-estimate: 15160
content-length: 1259
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 06:11:31 GMT
server: Akamai Image Server
x-image-server-cpu-real: 16
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 1975
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 34
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Nothing-phone-11.jpg
images.indianexpress.com/2022/05/ 3 KB
4 KB 78ms
11ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Nothing-phone-11.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: b5a1af791ec023e728b22becae9372c0526b647c4d959cdfc47053f32a520f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 81
x-image-server-store-time: 1653456567
etag: "3d944703eb88f5d6"
x-image-server-cost-real: 28522
x-image-server-cpu-estimate: 19
x-image-server-response: request-2447367-01588101-2648f8e
x-image-server-cost-estimate: 13607
content-length: 3124
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 05:29:26 GMT
server: Akamai Image Server
x-image-server-cpu-real: 15
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 3124
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 20
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Apple-iPhone-13-Pro-Max.jpg
images.indianexpress.com/2022/05/ 2 KB
3 KB 88ms
21ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Apple-iPhone-13-Pro-Max.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: f3b0ab7ac23f90d09462d4220fbef156c720bb3088fcf3c5b26667e56caa96ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 83
x-image-server-store-time: 1653461402
etag: "b2784c6337b3b195"
x-image-server-cost-real: 28743
x-image-server-cpu-estimate: 19
x-image-server-response: request-3455127-48537671-3b08cf8
x-image-server-cost-estimate: 11051
content-length: 2121
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 06:50:01 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3067
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 16
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 OnePlus9RT_FEAT_1-1.jpg
images.indianexpress.com/2022/01/ 23 KB
23 KB 79ms
12ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/01/OnePlus9RT_FEAT_1-1.jpg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 49b6a0ef3bf62a8eee20471a1983fbdfde28f2d0f6ae59541394e9d2302b358b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 118
x-image-server-store-time: 1642162821
etag: "57bf0ac203318af3"
x-image-server-cost-real: 45473
x-image-server-cpu-estimate: 26
x-image-server-response: request-2388907-07636905-3aac510
x-image-server-cost-estimate: 17076
content-length: 23198
x-image-server-product: AIC
last-modified: Fri, 14 Jan 2022 12:20:20 GMT
server: Akamai Image Server
x-image-server-cpu-real: 35
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 23644
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 23
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 WhatsApp-Image-2021-09-08-at-12.14.02-PM.jpeg
images.indianexpress.com/2021/09/ 8 KB
8 KB 16ms
9ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/09/WhatsApp-Image-2021-09-08-at-12.14.02-PM.jpeg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: c97ccb301c4f17329a72cca32c49b7cfa9a4015d3a108f27c954808b18fbf2ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 16
x-image-server-store-time: 1631085119
etag: "3fa9e2c45c2e7979"
x-image-server-cost-real: 15105
x-image-server-cpu-estimate: 16
x-image-server-response: request-4938446-65576916-ae5ea05
x-image-server-cost-estimate: 15105
content-length: 7688
x-image-server-product: AIC
last-modified: Wed, 08 Sep 2021 07:10:48 GMT
server: Akamai Image Server
x-image-server-cpu-real: 27
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 7688
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 30
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 9fbb10bc-be28-4695-bdd7-2c5f66b2d30c.jpg
images.indianexpress.com/2021/09/ 11 KB
12 KB 19ms
13ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/09/9fbb10bc-be28-4695-bdd7-2c5f66b2d30c.jpg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 6a1f7a22635852e7bc951f63969f071ef13e43a63ce63466844e8dc46a0525e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 35
x-image-server-store-time: 1631739062
etag: "fa5d7e16d966597e"
x-image-server-cost-real: 17103
x-image-server-cpu-estimate: 23
x-image-server-response: request-30266-45909270-1489d58d
x-image-server-cost-estimate: 17103
content-length: 11354
x-image-server-product: AIC
last-modified: Sat, 04 Sep 2021 07:23:24 GMT
server: Akamai Image Server
x-image-server-cpu-real: 19
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 11354
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 38
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 samsung-galaxy-featured.jpeg
images.indianexpress.com/2021/08/ 18 KB
18 KB 19ms
13ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/samsung-galaxy-featured.jpeg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 742dbc7d27a84eed3e863ede50b9c805e8dd100de0bca8350aa19e0b7ae6c469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 39
x-image-server-store-time: 1629475832
etag: "120f90a8af181f3d"
x-image-server-cost-real: 38381
x-image-server-cpu-estimate: 52
x-image-server-response: request-720181-16020584-28a2e159
x-image-server-cost-estimate: 38381
content-length: 18119
x-image-server-product: AIC
last-modified: Fri, 20 Aug 2021 16:09:54 GMT
server: Akamai Image Server
x-image-server-cpu-real: 56
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: no-transform, max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 20973
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 74
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 93805306-5c05-4e14-ae10-c295d584ee70.jpg
images.indianexpress.com/2021/08/ 4 KB
5 KB 20ms
13ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/08/93805306-5c05-4e14-ae10-c295d584ee70.jpg?resize=450,250
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 7aac0d9430e944f82379fba6fb642aec2e7e7ae2595c112d48037b1215c749a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 20
x-image-server-store-time: 1629195222
etag: "accc27b32a6ec914"
x-image-server-cost-real: 24784
x-image-server-cpu-estimate: 50
x-image-server-response: request-4475376-68346693-21c4eddc
x-image-server-cost-estimate: 24784
content-length: 4545
x-image-server-product: AIC
last-modified: Tue, 17 Aug 2021 10:10:31 GMT
server: Akamai Image Server
x-image-server-cpu-real: 24
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 450
x-im-original-width: 450
cache-control: no-transform, max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 4545
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 45
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Jitendra-Singh.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 20ms
14ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Jitendra-Singh.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 8fe8b87d02127b04c62c7d68b9f64131c98407cc1354e1fc6f1a969d827a2a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 13
x-image-server-store-time: 1653451593
etag: "be0393ee292ed9e7"
x-image-server-cost-real: 11998
x-image-server-cpu-estimate: 15
x-image-server-response: request-2405207-72565506-1d0cc136
x-image-server-cost-estimate: 11998
content-length: 3873
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 04:06:31 GMT
server: Akamai Image Server
x-image-server-cpu-real: 15
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 8602
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 20
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 modi-biden-5.jpg
images.indianexpress.com/2022/05/ 4 KB
5 KB 20ms
14ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/modi-biden-5.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: c65c924ebf76dd38ad7a36dd70d6af92723ba0302b0b1e5e0b86e17468ea2953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 16
x-image-server-store-time: 1653435498
etag: "72c726e7cebf38ce"
x-image-server-cost-real: 18024
x-image-server-cpu-estimate: 25
x-image-server-response: request-2136902-42218584-7c4064f
x-image-server-cost-estimate: 18024
content-length: 4216
x-image-server-product: AIC
last-modified: Tue, 24 May 2022 23:33:44 GMT
server: Akamai Image Server
x-image-server-cpu-real: 15
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
x-akamai-note: original-image
content-type: image/jpeg
x-image-server-original-size: 4216
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 27
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 sunil-dutt-.jpg
images.indianexpress.com/2022/05/ 3 KB
3 KB 25ms
19ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/sunil-dutt-.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 4a0b6fba8bd2c878a2af243d2e3b426b5325abb008f09e63a06c89b014862c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 12
x-image-server-store-time: 1653447373
etag: "ae933910c5003544"
x-image-server-cost-real: 13416
x-image-server-cpu-estimate: 19
x-image-server-response: request-203219-68023188-2673e90
x-image-server-cost-estimate: 13416
content-length: 2995
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 02:53:42 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 5259
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 25
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 panchayat-1200.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 25ms
19ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/panchayat-1200.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 64e3db9c6c869414d70f242bb353a2773fdf9a9bd132884b4c1f32c4ba54a8a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 57
x-image-server-store-time: 1653456791
etag: "73c4f52d7cc0c974"
x-image-server-cost-real: 21451
x-image-server-cpu-estimate: 15
x-image-server-response: request-2379296-22836179-a368b
x-image-server-cost-estimate: 13050
content-length: 3593
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 05:33:10 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3863
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 11
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 texas-gov-old-tweet.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 26ms
20ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/texas-gov-old-tweet.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: ad59e21b381880e57cf20a8fde6a6308e3cb252ffb32367228644c0fa86493c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 74
x-image-server-store-time: 1653461936
etag: "fe1ba53e38dbfa49"
x-image-server-cost-real: 26719
x-image-server-cpu-estimate: 27
x-image-server-response: request-1131329-81437098-6ef971c
x-image-server-cost-estimate: 16200
content-length: 3982
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 06:58:55 GMT
server: Akamai Image Server
x-image-server-cpu-real: 14
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 6284
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 30
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 bbc-man-utd-gaffe.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 26ms
20ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/bbc-man-utd-gaffe.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 19b1550783a6edd06c485a3d0c86ed3cd3f3912c43c65032311cfae2bda553f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 157
x-image-server-store-time: 1653457327
etag: "6cb9406889d4e9eb"
x-image-server-cost-real: 49941
x-image-server-cpu-estimate: 14
x-image-server-response: request-456496-14173924-365db5f
x-image-server-cost-estimate: 33665
content-length: 3646
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 05:42:06 GMT
server: Akamai Image Server
x-image-server-cpu-real: 14
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 5574
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 91
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 GT-RR.jpg
images.indianexpress.com/2022/05/ 4 KB
5 KB 27ms
22ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/GT-RR.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: ce5aa4fd22242dab728c7f9455cfa02c40139ffa4706678f69ec59b390543f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 28
x-image-server-store-time: 1653418989
etag: "aba7e18427c0849f"
x-image-server-cost-real: 39409
x-image-server-cpu-estimate: 38
x-image-server-response: request-1921068-36677062-1a1e8fbc
x-image-server-cost-estimate: 37950
content-length: 4212
x-image-server-product: AIC
last-modified: Tue, 24 May 2022 19:03:02 GMT
server: Akamai Image Server
x-image-server-cpu-real: 24
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 8940
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 40
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 MS-Dhoni-Hardik-Pandya.jpg
images.indianexpress.com/2022/05/ 4 KB
5 KB 28ms
22ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/MS-Dhoni-Hardik-Pandya.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 3f17c23993365af88be276e6cc2c89df0e64cf2e14fd4e5da5fef589e61ceb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 54
x-image-server-store-time: 1653456314
etag: "f96b280830b8bdcc"
x-image-server-cost-real: 32108
x-image-server-cpu-estimate: 78
x-image-server-response: request-474871-74684962-7f125a7
x-image-server-cost-estimate: 28963
content-length: 4165
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 05:25:13 GMT
server: Akamai Image Server
x-image-server-cpu-real: 24
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4772
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 30
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Opinion-1-8.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 29ms
23ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Opinion-1-8.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 93ea77cfbc5c67a34b8e3503c7eb24d17e1d9d4f58c6ff1a32aa4c9e278f1db0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 13
x-image-server-store-time: 1653451535
etag: "c2671a5fbe963ed8"
x-image-server-cost-real: 12547
x-image-server-cpu-estimate: 24
x-image-server-response: request-1359504-70959067-4ba0874
x-image-server-cost-estimate: 12547
content-length: 3885
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 04:05:18 GMT
server: Akamai Image Server
x-image-server-cpu-real: 15
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 10237
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 15
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Indo-pacific.jpg
images.indianexpress.com/2022/05/ 4 KB
5 KB 29ms
23ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Indo-pacific.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 5f22b1c1c49822e34c6d676214c55d8e52e514c19ccf11f4efe78b1dc7ef82f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 11
x-image-server-store-time: 1653444747
etag: "c0b824d6c4a9edb8"
x-image-server-cost-real: 11219
x-image-server-cpu-estimate: 21
x-image-server-response: request-2241506-15195620-18a159a
x-image-server-cost-estimate: 11219
content-length: 4187
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 02:10:49 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4812
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 11
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 dehydration-1200.jpg
images.indianexpress.com/2022/05/ 2 KB
3 KB 29ms
24ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/dehydration-1200.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 4e264ed4468be1772bae20991be1e2b733b0af0b856d1c1313fc969cc3c8b355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 22
x-image-server-store-time: 1653461888
etag: "413c4eb7b8e35628"
x-image-server-cost-real: 18936
x-image-server-cpu-estimate: 27
x-image-server-response: request-1704406-34940018-3b61c25
x-image-server-cost-estimate: 18936
content-length: 2559
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 06:57:59 GMT
server: Akamai Image Server
x-image-server-cpu-real: 15
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 5422
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 22
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 GT-RR-2.jpg
images.indianexpress.com/2022/05/ 4 KB
5 KB 30ms
24ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/GT-RR-2.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 520431acbac185f8b35068f3473103ce85a60ad74088bb4ea33a74b79180c4c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 17
x-image-server-store-time: 1653420827
etag: "4f76badc3a8c38ce"
x-image-server-cost-real: 13526
x-image-server-cpu-estimate: 33
x-image-server-response: request-2260375-92810190-34b542b
x-image-server-cost-estimate: 13526
content-length: 4494
x-image-server-product: AIC
last-modified: Tue, 24 May 2022 19:32:52 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 9603
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 34
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 modi-antony.jpg
images.indianexpress.com/2022/05/ 4 KB
5 KB 31ms
26ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/modi-antony.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 9d472aada2312e10e81b8bb06f3ce1d59bd11ace70fe553626422fc8b3505230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 15
x-image-server-store-time: 1653436856
etag: "c128997748183a12"
x-image-server-cost-real: 14605
x-image-server-cpu-estimate: 21
x-image-server-response: request-2359738-39640395-27af5c6
x-image-server-cost-estimate: 14605
content-length: 4471
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 00:00:09 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 9248
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 15
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Verma.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 33ms
27ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Verma.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 7e4285fa48b87b19b5aa32313ef2be0ec5e75e8a688ea99f89c0a77fb73c2495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 11
x-image-server-store-time: 1653416885
etag: "a602d104852f8a11"
x-image-server-cost-real: 12491
x-image-server-cpu-estimate: 21
x-image-server-response: request-56857-41721040-1e8c0d4e
x-image-server-cost-estimate: 12422
content-length: 3615
x-image-server-product: AIC
last-modified: Tue, 24 May 2022 18:26:38 GMT
server: Akamai Image Server
x-image-server-cpu-real: 27
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 4081
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 13
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 rajasthan-unemployment-protest.jpg
images.indianexpress.com/2022/05/ 5 KB
6 KB 34ms
28ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/rajasthan-unemployment-protest.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: cadb9b06567b10b75aca7bf4cefe3dbad81888b8d0dadb187f8c2555bed2a470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 17
x-image-server-store-time: 1653436856
etag: "885cea40e50fbb1a"
x-image-server-cost-real: 12608
x-image-server-cpu-estimate: 19
x-image-server-response: request-2390826-80523941-3305399
x-image-server-cost-estimate: 12608
content-length: 5288
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 00:00:06 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 11277
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 17
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 modi-7-1-2-1.jpg
images.indianexpress.com/2022/05/ 3 KB
4 KB 35ms
29ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/modi-7-1-2-1.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 89254a22a265b79e6519da6c24261a7674d83927dd9f557a6321c55f2b7b7256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 19
x-image-server-store-time: 1653436856
etag: "11e13b75fc98af56"
x-image-server-cost-real: 15148
x-image-server-cpu-estimate: 22
x-image-server-response: request-2305085-84296919-1f06e92
x-image-server-cost-estimate: 15148
content-length: 3206
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 00:00:09 GMT
server: Akamai Image Server
x-image-server-cpu-real: 17
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3216
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 30
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 assam-6.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 35ms
29ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/assam-6.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 5c0256669a1cfdf80a805400cd9379b7e450dc08ce037ef446745707fd8cd243

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 50
x-image-server-store-time: 1653436856
etag: "b5a7bede7b74442d"
x-image-server-cost-real: 18736
x-image-server-cpu-estimate: 57
x-image-server-response: request-2059094-83899635-3a1bc41
x-image-server-cost-estimate: 15942
content-length: 3804
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 00:00:21 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 8197
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 29
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 prithviraj-chauhan-new.jpg
images.indianexpress.com/2022/05/ 5 KB
5 KB 36ms
30ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/prithviraj-chauhan-new.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 50547ca5c3b598f0bb3c18b3d5a540c345bea338a1c9d263c6a5d184e91d83c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 89
x-image-server-store-time: 1653447606
etag: "6590da7e4b129950"
x-image-server-cost-real: 29638
x-image-server-cpu-estimate: 15
x-image-server-response: request-2190008-14077276-1675d2fe
x-image-server-cost-estimate: 14267
content-length: 4835
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 03:00:05 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 5460
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 10
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Rahul-Corbyn-Pitroda.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 36ms
31ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Rahul-Corbyn-Pitroda.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 42e3da6105a22bdd590fdd545ce0887bc841b8f4b78084ea0e370c50929caf95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 59
x-image-server-store-time: 1653436856
etag: "47713c71ca2a6353"
x-image-server-cost-real: 21334
x-image-server-cpu-estimate: 15
x-image-server-response: request-1348240-76787940-7888e1
x-image-server-cost-estimate: 10252
content-length: 3797
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 00:00:55 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 14153
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 19
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Djoko.jpg
images.indianexpress.com/2022/05/ 4 KB
5 KB 37ms
31ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/Djoko.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 31fef500bebe0b5feda04d394c31813a86ae9167c0ec15bf179209e3d5a72fff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 34
x-image-server-store-time: 1653417266
etag: "72efe3bd60062afd"
x-image-server-cost-real: 14459
x-image-server-cpu-estimate: 16
x-image-server-response: request-2936024-91296964-2a2cd9e
x-image-server-cost-estimate: 12126
content-length: 4204
x-image-server-product: AIC
last-modified: Tue, 24 May 2022 18:34:24 GMT
server: Akamai Image Server
x-image-server-cpu-real: 12
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 8755
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 18
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 Bihar-Police-1200.jpg
images.indianexpress.com/2021/03/ 4 KB
4 KB 38ms
32ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2021/03/Bihar-Police-1200.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 700cce9653935e3e2561589c210d915dd785f937eacf572344941e982ea799db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 79
x-image-server-store-time: 1653436856
etag: "d26e86444f54cf3e"
x-image-server-cost-real: 28434
x-image-server-cpu-estimate: 22
x-image-server-response: request-3275265-59743102-3178853
x-image-server-cost-estimate: 14795
content-length: 3782
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 00:00:55 GMT
server: Akamai Image Server
x-image-server-cpu-real: 15
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 3802
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 31
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 TMS.jpg
images.indianexpress.com/2022/05/ 4 KB
4 KB 38ms
33ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/05/TMS.jpg?resize=150,83
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 361dd4a342a8d35a6f9c8709d38cb49b36aace29e7cb458e3966a70dc8721708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 54
x-image-server-store-time: 1653436856
etag: "105b324926912f16"
x-image-server-cost-real: 20681
x-image-server-cpu-estimate: 22
x-image-server-response: request-2270902-43712629-1283ffad
x-image-server-cost-estimate: 11759
content-length: 3626
x-image-server-product: AIC
last-modified: Wed, 25 May 2022 00:00:55 GMT
server: Akamai Image Server
x-image-server-cpu-real: 13
date: Wed, 25 May 2022 06:59:02 GMT
x-im-result-width: 150
x-im-original-width: 150
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 12676
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 17
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 icon-facebook.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 757 B
598 B 28ms
26ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-facebook.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 9b0ac7450c1b5a96493c9a1e8a5aa0901a65bddb920971a47048f0c898d8dfbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hkg1 0 2 9980
content-encoding: br
last-modified: Thu, 05 Aug 2021 08:39:47 GMT
server: Akamai Resource Optimizer
etag: W/"610783a6-2f5"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 391
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 icon-twitter.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
782 B 29ms
27ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-twitter.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 67dd353d1a77cd00fcb937ba3ad7a6b4f9095547c35682ce4fde80ed6332fa4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: ams7 0 2 9980
content-encoding: br
last-modified: Fri, 16 Jul 2021 18:24:29 GMT
server: Akamai Resource Optimizer
etag: W/"5f888673-4b4"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 574
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 icon-linkedin.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
852 B 30ms
28ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-linkedin.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a8ba66d5e0cc38107ffab4352e68d139570aad3d1aa7eeb8457c0518ba52cb2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hkg1 0 2 9980
content-encoding: br
last-modified: Fri, 06 Aug 2021 20:01:33 GMT
server: Akamai Resource Optimizer
etag: W/"61092aa0-54f"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 645
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 icon-instagram.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
812 B 31ms
29ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-instagram.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: f002a1169985148fa2dadff4fda87dbc16de1390417fa2cf7dfa166d955c1b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Thu, 19 Aug 2021 11:26:39 GMT
server: Akamai Resource Optimizer
etag: W/"611a2e55-592"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 605
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 icon-android.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
712 B 31ms
29ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-android.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 040f199e2a426e829e7dc4d557ead78c86d4de8514d6ab7b1e97af7193d52d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: br
last-modified: Tue, 10 Aug 2021 07:26:54 GMT
server: Akamai Resource Optimizer
etag: W/"6110e708-550"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 505
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 icon-apple.svg
indianexpress.com/wp-content/themes/indianexpress/images/icons/ 1 KB
816 B 32ms
30ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/icons/icon-apple.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: b6d791a798646b7ca067a07062142454cf67b0b0d1b1ed9743632a4c45660702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: arn1 0 2 9980
content-encoding: br
last-modified: Fri, 13 Aug 2021 12:32:09 GMT
server: Akamai Resource Optimizer
etag: W/"61121fb1-526"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 610
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 newsguard-logo-w.svg
indianexpress.com/wp-content/themes/indianexpress/images/ 3 KB
2 KB 33ms
31ms Image
image/svg+xml 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/newsguard-logo-w.svg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 54b1f1a011f102d2c6581b702a4351f9baf8f32d9925c5b8f89359da728790f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: bom1 0 2 9980
content-encoding: br
last-modified: Mon, 16 Aug 2021 06:45:31 GMT
server: Akamai Resource Optimizer
etag: W/"61124e51-c09"
content-type: image/svg+xml
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 1344
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 vip-powered-logo.png
indianexpress.com/wp-content/themes/indianexpress/images/ 5 KB
5 KB 34ms
32ms Image
image/png 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/vip-powered-logo.png
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 318b47c0042bbc1bdee2d50b37d8d8b1c2a592978855b9de235dbd1a23ecbab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 08:53:36 GMT
server: nginx
etag: W/"619cac10-13b2"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 5065
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H2 200 page-ad-codes.js Show response
indianexpress.com/wp-content/plugins/express-ad-code-manager/js/ 6 KB
2 KB 14ms
14ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/plugins/express-ad-code-manager/js/page-ad-codes.js?ver=2022.04.28.3
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 83080d33c145ea7b3266fe88d307d8b6dbb6ada102a7334f416d445b7f07da98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:35:47 GMT
server: nginx
etag: W/"626a35c3-17a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2591301
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 1730
expires: Fri, 24 Jun 2022 06:47:23 GMT

GET
H2 200 ie-events-all.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/ 11 KB
2 KB 16ms
12ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/ie-events-all.js?ver=13052022.1
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 80c9b87046ea6ae32fa5c9347485ad042420de4041524aeeda380166c6b7b15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Fri, 13 May 2022 11:46:33 GMT
server: nginx
etag: W/"627e4519-2b55"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1576743
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 2262
expires: Sun, 12 Jun 2022 12:58:05 GMT

GET
H2 200 ev-dab.min.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ 91 KB
31 KB 18ms
10ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-dab.min.js?ver=23122021.10
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6e13531bc8204971bc7e7e0b271a32bf604637aad85e5d086dd9c3b10eab914a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Sun, 10 Apr 2022 14:21:22 GMT
server: nginx
etag: W/"6252e7e2-16b9e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1146969
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 31243
expires: Tue, 07 Jun 2022 13:35:11 GMT

GET
H2 200 ev-em.min.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ 108 KB
35 KB 23ms
15ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-em.min.js?ver=23122021.21
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 602e2957e78a25c7ab8533c71b6bb587fca967a11bb5b21463cbb36d93b1b3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 12:43:44 GMT
server: nginx
etag: W/"6241ad80-1af3a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=271790
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 35712
expires: Sat, 28 May 2022 10:28:52 GMT

GET
H2 200 ev-custom-article.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ 9 KB
2 KB 26ms
18ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-custom-article.js?ver=2022.05.24.1
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 888627d62154b6e7d81e60055f1ec8b9241ba400088f2377c13b38765d60642e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Tue, 24 May 2022 11:47:45 GMT
server: nginx
etag: W/"628cc5e1-2419"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2523457
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 2302
expires: Thu, 23 Jun 2022 11:56:39 GMT

GET
H2 200 common-wap-optimize-code.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/min/ 4 KB
2 KB 26ms
18ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/min/common-wap-optimize-code.js?ver=2022.04.11.1
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d1239195ef549be88e61188ee28cd16a049f8165812509d6ae4548c95aaa6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 06:17:01 GMT
server: nginx
etag: W/"625e53dd-10b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1814850
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 1403
expires: Wed, 15 Jun 2022 07:06:32 GMT

GET
H2 200 jquery.sonar.min.js Show response
indianexpress.com/wp-content/plugins/lazy-load/js/ 1 KB
930 B 27ms
19ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.7
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Tue, 12 Apr 2022 08:33:08 GMT
server: nginx
etag: W/"62553944-580"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1146098
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 718
expires: Tue, 07 Jun 2022 13:20:40 GMT

GET
H2 200 lazy-load.js Show response
indianexpress.com/wp-content/plugins/lazy-load/js/ 1 KB
718 B 27ms
19ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.7
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6317ff3996862074b0c999dcf3745042f6146283b715259939235a1266aba6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 07:04:42 GMT
server: nginx
etag: W/"6253d30a-47e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1146098
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 506
expires: Tue, 07 Jun 2022 13:20:40 GMT

GET
H2 200 ie-moengage-script.js Show response
indianexpress.com/wp-content/themes/indianexpress/js/ 5 KB
2 KB 27ms
19ms Script
application/javascript 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/js/ie-moengage-script.js?ver=20052022.1
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0fddae6379e4fb4746079a8f493c11097efd6fece8f580ff5c8802676d73c1d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Mon, 23 May 2022 04:32:38 GMT
server: nginx
etag: W/"628b0e66-12ee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2412228
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 1535
expires: Wed, 22 Jun 2022 05:02:50 GMT

GET
H2 200 6bff223c6454901a4414857a7304f43fa28f5e67.js Show response
cdn.izooto.com/scripts/ 3 KB
2 KB 58ms
25ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/6bff223c6454901a4414857a7304f43fa28f5e67.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ce4b392c8a1bff303749d78e93ee01d56160bcfbaf48b9eb51a80e00396f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1381229
x-xss-protection: 1; mode=block
last-modified: Mon, 09 May 2022 07:18:17 GMT
server: cloudflare
etag: W/"6278c039-c1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 25 Jun 2022 06:59:02 GMT
cache-control: public, max-age=2678400
cf-ray: 710c62d65f3c68e5-FRA
cf-bgj: minify

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
9 KB 52ms
10ms Script
application/x-javascript 2600:9000:2315:7000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js?ver=5.8.4
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:49:22 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 00:18:19 GMT
server: nginx
age: 580
etag: W/"625616cb-595b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: hKiYvHc1UTDaYoLBQ70UWIYLBk8fI6bff_M1IFa0KAmbgaOvhlhVVA==
expires: Wed, 25 May 2022 08:49:22 GMT

GET
H2 200 e-202221.js Show response
stats.wp.com/ 9 KB
3 KB 44ms
5ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202221.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 14 May 2023 23:13:20 GMT

GET
DATA 200
OK truncated
/ 93 B
93 B Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f01981d8f1a5bd929956aa43132045d327af6cd0ec09ac50d824a668d272f39b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 moe_webSdk.min.latest.js Show response
cdn.moengage.com/webpush/ 249 KB
61 KB 99ms
23ms Script
application/javascript 18.66.2.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/wp-content/themes/indianexpress/js/ie-moengage-sdk.js?ver=05052022.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-128.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdae3376dec1dab9828d6c0ddaebd9f7e6dabd7d65bdc6d3d4ef7613106400ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:53:08 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2022 14:52:45 GMT
server: AmazonS3
age: 355
etag: W/"1825bf92785e6f804d9f0a9a78d18f32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22aa51e74fb02e10dd4d8353100e9be0.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: VjxjcCLfMc0v0Ixg5pDReF8ooxUd_w_2zN51-HlswHlf5_EP14dHFA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2394
date: Wed, 25 May 2022 06:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 08:19:08 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 38ms
8ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:04:37 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 17666
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: F9fKnvXaihpaAGmBqcnxMEqXEJEW3GV1RPobG_igSBxMALUP-KJAug==

GET
H2 200 9unn02nf3n Show response
www.clarity.ms/tag/ 2 KB
2 KB 170ms
109ms Script
application/x-javascript 2620:1ec:27::cafe:2093
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9unn02nf3n
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2093 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 483e65485ab2b4ace5cc93061d7ff131c1f7e8b084564289692a4b65e6cd7f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:02 GMT
x-powered-by: ASP.NET
x-azure-ref: 0ttONYgAAAACxIT9l3rSoRp2xGU5IiF+aTVVDMzBFREdFMDYxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 46ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb52539a684cf631d76bc4d40097e5683786355d69f088df9f360f2ae8047fe2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26788
x-xss-protection: 0
pragma: public
x-fb-debug: tZ599pj5GAATrdzdkNtSsToQY9IR8RbRKbB2urTE6P6dN60ejHnzgUUpiMmFLhST7B2i4yNVqqL2dpKK1cx80w==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 25 May 2022 06:59:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 80000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:45:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 129067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 19:07:55 GMT

GET
H2 200 nav-icon-sprite.png
indianexpress.com/wp-content/themes/indianexpress/images/ 2 KB
2 KB 18ms
13ms Image
image/png 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/nav-icon-sprite.png
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkltOxDAMRTdEGgJ0/hBLQRn3MknJo9SuSnePOwOoSEhMhfITP861cxU7D4ZqERSxEpDBNpYu+oL3YQSzZVkSrIBChAnwHcaGmG/sdaCfwTVjD3IZYgrmPRRLHZc9wEtNqc7PfpJQr3xSjjRWjqKFu4NxztKqliK9mnP/f1W++VgoTZ029NoOhZFUSAW3wZD8oj4lnDwtTY7lb1xr2/gH9LVznsyQplMsbN/y9lqPPUgMeQq47Lz6uM/yKr98n83EHjJ4tdPdNu15xmdiZZ7yozu09w+tHvcB9iwGIw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 630f0440ea30df602859f4ef93f16a21705cecc8a5bf6b30ce5344ad727baf52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/_static/??-eJylkltOxDAMRTdEGgJ0/hBLQRn3MknJo9SuSnePOwOoSEhMhfITP861cxU7D4ZqERSxEpDBNpYu+oL3YQSzZVkSrIBChAnwHcaGmG/sdaCfwTVjD3IZYgrmPRRLHZc9wEtNqc7PfpJQr3xSjjRWjqKFu4NxztKqliK9mnP/f1W++VgoTZ029NoOhZFUSAW3wZD8oj4lnDwtTY7lb1xr2/gH9LVznsyQplMsbN/y9lqPPUgMeQq47Lz6uM/yKr98n83EHjJ4tdPdNu15xmdiZZ7yozu09w+tHvcB9iwGIw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 118 54 3089
last-modified: Wed, 08 Jul 2020 06:34:29 GMT
server: nginx
etag: "5f0568f5-84c"
content-type: image/png
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 2124
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H3 200 va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 23 KB
23 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:09:45 GMT
x-content-type-options: nosniff
age: 467357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23600
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 21:09:45 GMT

GET
H2 200 fontawesome-webfont.woff2
indianexpress.com/wp-content/themes/indianexpress/style/fonts/ 65 KB
65 KB 20ms
14ms Font
font/woff2 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/style/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkltOxDAMRTdEGgJ0/hBLQRn3MknJo9SuSnePOwOoSEhMhfITP861cxU7D4ZqERSxEpDBNpYu+oL3YQSzZVkSrIBChAnwHcaGmG/sdaCfwTVjD3IZYgrmPRRLHZc9wEtNqc7PfpJQr3xSjjRWjqKFu4NxztKqliK9mnP/f1W++VgoTZ029NoOhZFUSAW3wZD8oj4lnDwtTY7lb1xr2/gH9LVznsyQplMsbN/y9lqPPUgMeQq47Lz6uM/yKr98n83EHjJ4tdPdNu15xmdiZZ7yozu09w+tHvcB9iwGIw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://indianexpress.com/_static/??-eJylkltOxDAMRTdEGgJ0/hBLQRn3MknJo9SuSnePOwOoSEhMhfITP861cxU7D4ZqERSxEpDBNpYu+oL3YQSzZVkSrIBChAnwHcaGmG/sdaCfwTVjD3IZYgrmPRRLHZc9wEtNqc7PfpJQr3xSjjRWjqKFu4NxztKqliK9mnP/f1W++VgoTZ029NoOhZFUSAW3wZD8oj4lnDwtTY7lb1xr2/gH9LVznsyQplMsbN/y9lqPPUgMeQq47Lz6uM/yKr98n83EHjJ4tdPdNu15xmdiZZ7yozu09w+tHvcB9iwGIw==
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
last-modified: Fri, 20 May 2022 11:58:43 GMT
server: nginx
etag: W/"62878273-10440"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2178497
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 66632
expires: Sun, 19 Jun 2022 12:07:19 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:15:45 GMT
x-content-type-options: nosniff
age: 31397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:15:45 GMT

GET
H3 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 22 KB
22 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:28:13 GMT
x-content-type-options: nosniff
age: 30649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22476
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 22:28:13 GMT

GET
H3 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:48:01 GMT
x-content-type-options: nosniff
age: 79861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:48:01 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,500,700|Droid+Serif:400,700|Fira+Sans:300,400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://indianexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 80021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:45:21 GMT

GET
H3 200 pubads_impl_2022051901.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 22ms
7ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127573
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:36:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 May 2023 05:52:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 769 B
304 B 30ms
15ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=indianexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3b0eec1af5eec7ffadb33cc1cc800073fac6ac0e1f26cc78cfc695b6fda5ecee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Wed, 25 May 2022 06:59:02 GMT

GET
H2 200 sdk.js Show response
accounts.indianexpress.com/swagger-js/v2.0.0/ 94 KB
20 KB 32ms
7ms Script
application/javascript 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.indianexpress.com/swagger-js/v2.0.0/sdk.js?v=11082021.1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

1a45a3e7b5bb591a8367c5b6cd65df366598bc48612118c6a954b35727e0c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: gzip
access-control-max-age: 86400
strict-transport-security: max-age=600 ; includeSubDomains
content-length: 20410
x-xss-protection: 1
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Aug 2021 07:01:47 GMT
x-frame-options: SAMEORIGIN
etag: "6124995b-1791b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=12735416
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Content-Type, Accept, Authorization, X-Api-Key, *
expires: Wed, 19 Oct 2022 16:35:58 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 45 KB
15 KB 45ms
7ms Script
application/javascript 143.204.215.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-67.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a69dcd566deb9aa452447b8c0ab461f1a8194d91e96f44e9ea8cecba1549054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 06:54:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 26 Nov 2021 12:38:11 GMT
Server: AmazonS3
Age: 293
ETag: W/"302b621b546dd41b7010d10f46b1937a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: gcQ95PYg53bqQtvljHyP4MP0aszJocZsqxpsykSayBZuNw7ORJ8s2A==

GET
H2 200 personlization-sdk.min.js Show response
ua.indianexpress.com/ 49 KB
20 KB 22ms
7ms Script
application/javascript 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/personlization-sdk.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

7927a1183c0f23c084bf30e351d51d2819735bd751071da09894a4bf9e47ee0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 07 May 2022 14:04:14 GMT
access-control-allow-headers: X-API-KEY
etag: W/"62767c5e-c265"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=600 ; includeSubDomains
vary: Accept-Encoding
content-length: 19948
x-xss-protection: 1
expires: Wed, 25 May 2022 07:29:02 GMT

GET
H2 200 arrow-link.png
indianexpress.com/wp-content/themes/indianexpress/images/ 226 B
408 B 14ms
14ms Image
image/png 23.205.234.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indianexpress.com/wp-content/themes/indianexpress/images/arrow-link.png
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/_static/??-eJylkltOxDAMRTdEGgJ0/hBLQRn3MknJo9SuSnePOwOoSEhMhfITP861cxU7D4ZqERSxEpDBNpYu+oL3YQSzZVkSrIBChAnwHcaGmG/sdaCfwTVjD3IZYgrmPRRLHZc9wEtNqc7PfpJQr3xSjjRWjqKFu4NxztKqliK9mnP/f1W++VgoTZ029NoOhZFUSAW3wZD8oj4lnDwtTY7lb1xr2/gH9LVznsyQplMsbN/y9lqPPUgMeQq47Lz6uM/yKr98n83EHjJ4tdPdNu15xmdiZZ7yozu09w+tHvcB9iwGIw==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.234.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-234-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 81d6892362bf208376ee5ef6cd873a2400833da59db548b8614ae52fe16dc6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/_static/??-eJylkltOxDAMRTdEGgJ0/hBLQRn3MknJo9SuSnePOwOoSEhMhfITP861cxU7D4ZqERSxEpDBNpYu+oL3YQSzZVkSrIBChAnwHcaGmG/sdaCfwTVjD3IZYgrmPRRLHZc9wEtNqc7PfpJQr3xSjjRWjqKFu4NxztKqliK9mnP/f1W++VgoTZ029NoOhZFUSAW3wZD8oj4lnDwtTY7lb1xr2/gH9LVznsyQplMsbN/y9lqPPUgMeQq47Lz6uM/yKr98n83EHjJ4tdPdNu15xmdiZZ7yozu09w+tHvcB9iwGIw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-rq: ams7 112 171 3121
last-modified: Thu, 18 Feb 2021 10:38:08 GMT
server: nginx
etag: "602e4390-e2"
content-type: image/png
cache-control: max-age=31536000
date: Wed, 25 May 2022 06:59:02 GMT
accept-ranges: bytes
content-length: 226
expires: Thu, 25 May 2023 06:59:02 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
21 KB 29ms
13ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:23:16 GMT
x-content-type-options: nosniff
age: 2147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 07:13:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
56 KB 59ms
33ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-dab.min.js?ver=23122021.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4830e8bde2681e4b30c3555095650109c79e1aa3855a817d63c876cb669f1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56848
x-xss-protection: 0
server: cafe
etag: 11025074230871502080
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:03 GMT

GET
H2 200 resolve Show response
ua.indianexpress.com/api/geoip/ 312 B
638 B 162ms
140ms XHR
application/json 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/geoip/resolve

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

0846a81600f1b6af9ee425a3686feb5fa93cab67d2e0ec2420cf1b4e50bae46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token,x-forwarded-for, X-API-KEY
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
content-type: application/json
access-control-allow-origin: https://indianexpress.com
access-control-allow-credentials: true
strict-transport-security: max-age=600 ; includeSubDomains
vary: Accept-Encoding
content-length: 215
x-xss-protection: 1

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 11ms
11ms Script
application/x-javascript 2600:9000:2315:7000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:24:09 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 00:08:30 GMT
server: nginx
age: 2094
etag: W/"625f4efe-8bf5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: -tkvfYHjAEMY7_RQLYgVBX1RuwqINpg9XnEUCWE33hPi6Ns30GGoEQ==
expires: Wed, 25 May 2022 08:24:09 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 14ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.5.1&blog=150893645&post=7887991&tz=5.5&srv=indianexpress.com&hp=vip&host=indianexpress.com&ref=https%3A%2F%2Fclick.checkpoint.com%2F&fcp=788&rand=0.17227293082949457
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:59:03 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8738137&ns__t=1653461943020&ns_c=UTF-8&cv=3.5&c8=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&c7=https%3A%2F%2Find...
https://sb.scorecardresearch.com/b2?c1=2&c2=8738137&ns__t=1653461943020&ns_c=UTF-8&cv=3.5&c8=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&c7=https%3A%2F%2Fin...

0
190 B

9ms
9ms

Image
text/plain

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8738137&ns__t=1653461943020&ns_c=UTF-8&cv=3.5&c8=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&c9=https%3A%2F%2Fclick.checkpoint.com%2F
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: E0K0DqnifeXQABPc1CAQLL3itLLAmP4yezaJSKPo_MSHVa1SZZCQHA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=8738137&ns__t=1653461943020&ns_c=UTF-8&cv=3.5&c8=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&c7=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&c9=https%3A%2F%2Fclick.checkpoint.com%2F
date: Wed, 25 May 2022 06:59:03 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: wy75lcT5b_xns2_-WCKoMp1mOTWG3qLASwQHkX0-aF01lqVE3X8Y9A==
x-cache: Miss from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1148075980&t=pageview&_s=1&dl=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&dr=https%3A%2F%2Fclick.checkpoint.com%2F&ul=en-us&de=UTF-8&dt=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=712628396&gjid=1909579071&cid=319277237.1653461943&tid=UA-1403607-3&_gid=826251246.1653461943&_r=1&_slc=1&cd1=Tech%20Desk&cd2=Crypto&cd4=April%2026%2C%202022%204%3A31%20PM&cd5=Regular%20Article&cd6=365&cd7=April%2026%2C%202022%204%3A31%20PM&cd8=7887991&z=1454909246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 444470064056909 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 233ms
225ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/444470064056909?v=next&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54e0f5c045aa5ef30df1c9db118f3a96d0b328ad9e686e087cea1404a3364946

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4VG/bQtz14cGYOv9L4wZVzzuEY3sFYGFefnFdUMzgfhbisW+aG6jfQLXd5GCJ2No4L++UCKXk/UWX3NBFCHG9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 25 May 2022 06:59:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653461943284
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 206 KB
51 KB 30ms
29ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/6bff223c6454901a4414857a7304f43fa28f5e67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543a22b8c0d880add43e0e042b92d0fcddce9adeaf5bfba181a44966920732e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 496727
x-xss-protection: 1; mode=block
last-modified: Thu, 19 May 2022 12:59:14 GMT
server: cloudflare
etag: W/"62863f22-33904"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 25 Jun 2022 06:59:03 GMT
cache-control: public, max-age=2678400
cf-ray: 710c62d82a6168e5-FRA
cf-bgj: minify

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 91ms
68ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-356047812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:03 GMT

GET
H2 200 ChineseIPHacksIncreaseRussiaUkraine-1-1.jpg
images.indianexpress.com/2022/04/ 106 KB
107 KB 184ms
184ms Image
image/jpeg 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.indianexpress.com/2022/04/ChineseIPHacksIncreaseRussiaUkraine-1-1.jpg
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-15.deploy.static.akamaitechnologies.com
Software: Akamai Image Server /
Resource Hash: 14f2d4e184dda6ccc16edead034118e54b43ee5522a3871250b136b95da3f983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-image-server-fetch-real: 16
x-image-server-store-time: 1653461943
etag: "34e3700519ac22fd"
x-image-server-cost-real: 24837
x-image-server-cpu-estimate: 53
x-image-server-response: request-187105-65643918-f959d04
x-image-server-cost-estimate: 14125
content-length: 108629
x-image-server-product: AIC
last-modified: Tue, 26 Apr 2022 10:45:23 GMT
server: Akamai Image Server
x-image-server-cpu-real: 65
date: Wed, 25 May 2022 06:59:03 GMT
x-im-result-width: 1200
x-im-original-width: 1200
cache-control: max-age=31536000
content-type: image/jpeg
x-image-server-original-size: 108645
x-akamai-im-skip-dlr: 1
x-image-server-fetch-estimate: 19
expires: Thu, 25 May 2023 06:59:03 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 71ms
26ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1403607-3&cid=319277237.1653461943&jid=712628396&gjid=1909579071&_gid=826251246.1653461943&_u=YEBAAEAAAAAAAC~&z=686274534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 06:59:03 GMT
content-type: text/plain
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 300 B
563 B 49ms
8ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=indianexpress.com&domain=indianexpress.com&path=%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js?ver=5.8.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bd26dc0cfe5563889ffbe6bc581a2ec16d0ec354229fdb2b6bc6f3eeb3b7d508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
x-cache-hits: 1
age: 1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 212
x-served-by: cache-fra19146-FRA
access-control-allow-origin: *
x-timer: S1653461943.153590,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 23 May 2022 06:59:02 GMT

GET
H2 200 clarity.js Show response
i.clarity.ms/s/0.6.34/ 53 KB
23 KB 323ms
97ms Script
application/javascript 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9unn02nf3n
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:02 GMT
content-encoding: br
etag: "1d86e81880f1354"
last-modified: Mon, 23 May 2022 08:46:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK a Show response
wzrkt.com/ 290 B
822 B 77ms
33ms Script
text/javascript 2600:9000:2315:5c00:1e:3056:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIABwAWEQFoASgC1p4gJzyArNJAEoAcwQBGLkAAA&optOut=false&rn=1&i=1653461943&sn=0&useIP=false&r=1653461943134

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5c00:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5bc3c38cd6a048c4bafa2c1f7a32e309a6adfd51e40e26273d9a0e701da3c53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:59:03 GMT
Via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: DUS51-P2
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: Q-fzNJ35U0AVGL4befYFW85DrjhUhoC3SibtkzcA68IZM8f9w8CY0g==
Expires: 0

OPTIONS
H2 200 resolve
ua.indianexpress.com/api/geoip/ Frame 0
0 124ms
124ms Preflight
application/json 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/geoip/resolve

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token,x-forwarded-for X-API-KEY
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
access-control-allow-origin: https://indianexpress.com
content-encoding: gzip
content-length: 215
content-type: application/json
date: Wed, 25 May 2022 06:59:03 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=600 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET
H2 200 resolve Show response
ua.indianexpress.com/api/geoip/ 312 B
638 B 124ms
121ms Fetch
application/json 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/geoip/resolve

Requested by

Host: ua.indianexpress.com
URL: https://ua.indianexpress.com/personlization-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

0846a81600f1b6af9ee425a3686feb5fa93cab67d2e0ec2420cf1b4e50bae46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/json

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token,x-forwarded-for, X-API-KEY
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
content-type: application/json
access-control-allow-origin: https://indianexpress.com
access-control-allow-credentials: true
strict-transport-security: max-age=600 ; includeSubDomains
vary: Accept-Encoding
content-length: 215
x-xss-protection: 1

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 303ms
97ms Image
image/gif 54.144.94.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=indianexpress.com&p=%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F&u=5G-7hD8whAVCnVAkp&d=indianexpress.com&g=65545&g0=Crypto%2C%20Technology&g1=Tech%20Desk&n=1&f=00001&c=0&x=0&m=0&y=5933&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fclick.checkpoint.com%2F&b=1221&t=BVVtACDPAtGEBuIH-0DaEwYaDJ-efT&V=132&i=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&tz=0&_acct=anon&sn=1&sv=CiDZRLDyo14ZD__ipOBdwfjTC8eXuw&sr=https%3A%2F%2Fclick.checkpoint.com%2F&sd=1&im=067b0eff&_
Requested by: Host: indianexpress.com
URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.94.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-94-26.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 3B5C 4 KB
1 KB 25ms
23ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1024666
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 710c62d92c8f68e5-FRA
content-encoding: br
content-type: text/html
date: Wed, 25 May 2022 06:59:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 25 Jun 2022 06:59:03 GMT
last-modified: Tue, 05 Apr 2022 12:00:20 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 41ms
18ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1403607-3&cid=319277237.1653461943&jid=712628396&_u=YEBAAEAAAAAAAC~&z=1945382997

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 51ms
26ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1403607-3&cid=319277237.1653461943&jid=712628396&_u=YEBAAEAAAAAAAC~&z=1945382997

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
ev.indianexpress.com/acd/api/3.0/authorize/ Frame 0
0 125ms
29ms Preflight
application/vnd.sun.wadl+xml 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/authorize/json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
allow: OPTIONS,POST,GET,HEAD
content-length: 357
content-type: application/vnd.sun.wadl+xml
date: Wed, 25 May 2022 06:59:03 GMT
strict-transport-security: max-age=3600; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 json Show response
ev.indianexpress.com/acd/api/3.0/authorize/ 911 B
1 KB 100ms
37ms XHR
application/json 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/authorize/json

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-em.min.js?ver=23122021.21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

57de575b32463704771942f5bbf664d5e0359962ea00b40e27dca68a99738863

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=3600; includeSubDomains; preload
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
cache-control: private, no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: content-type,
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/356047812/ 3 KB
2 KB 46ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/356047812/?random=1653461943222&cv=9&fst=1653461943222&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ref=https%3A%2F%2Fclick.checkpoint.com%2F&tiba=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8e79179d6c143c433b08464e0327fa20787b365720ec9636c93be7812e7b63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a Show response
wzrkt.com/ 278 B
831 B 34ms
32ms Script
text/javascript 2600:9000:2315:5c00:1e:3056:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wzrkt.com/a?t=96&type=page&d=N4IgTgpgZhaWIBcIDGAbAlig1gOhQBYQ4AOA9hgHYAu%2BZAtiADQgYAmSIAHACw8C0AJQBaw%2FgE5xAVmHMQJAOZIAjCxSLOBatRIBnRAHoDVNhgCGlCAA8SkXbrr0DZsNSxoIB6sQKUyaMgUATwMUMCCSajJQsAw3FDM0fig0MwB3fip%2BCAA3WH5dAFcwKH40xI9qfhQyQrQ2PP5K%2FjNtMxxYXQLvROrwyLIyiogqwmJsfnIqKrsIF0J%2BAHYuLkXJZQMAfnpsagB9KOwAXgA5AC8AVTSAGQvBQQBlAGEABmUAWQArBQBBP4BxACiF34CgATJ9KMpxMo9ABFbAARys%2FGUGAAUmkACJgMiAgDqaGo%2F3RaAACgQpGgrFYgmxrtcsQ9%2BP9%2BIDhGl8T8HmwTmDdABmPZQW4ANgCGBIAA0ABJnKw8J4ANXEUAAYjwToiLmQpdQfjwfgBpbAEcLUQTomVgp4ATTALwAkkEoE9ES9FgQrE8wUa0nJ8cJBEa9k8fu8yUhQGl6CQkC8WNQ0CgkABtAC6AF9M0AA&rn=2&i=1653461943&sn=0&gc=bfebff78a64347a2811979358913d076&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHEA5ARwGMkB7AKQEFaA1Aa0xABMIAXAZzgAYsbABb8sANzgBGLJF7xgAAgC%2BrbG3wAOACxaAtACUECXQE4TAVgSsAplzkCQAJztSAbOYDMW15JNaPSkAAA%3D&useIP=false&r=1653461943272

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5c00:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65d685f10c9a1a48f57701b06d78367bd2a495cd279ca2a1b7219cdc255fc8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 06:59:03 GMT
Via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: DUS51-P2
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: 2QMYPF5B7K0fIV_pjMpEqi_INmVwFBholVpC8VJDl_VLyUJBMS67Sg==
Expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/356047812/ 42 B
64 B 47ms
20ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/356047812/?random=1653461943222&cv=9&fst=1653458400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ref=https%3A%2F%2Fclick.checkpoint.com%2F&tiba=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&async=1&fmt=3&is_vtc=1&random=4204071627&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/356047812/ 42 B
64 B 39ms
20ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/356047812/?random=1653461943222&cv=9&fst=1653458400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ref=https%3A%2F%2Fclick.checkpoint.com%2F&tiba=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&async=1&fmt=3&is_vtc=1&random=4204071627&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 genfp Show response
ua.indianexpress.com/api/resolve/ 26 B
590 B 143ms
142ms Fetch
application/json 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/resolve/genfp

Requested by

Host: ua.indianexpress.com
URL: https://ua.indianexpress.com/personlization-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

0e8c8bb4dd1d77036fed3da82116273af23beabfe3d704345067b444610c295f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

x-request-url: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Referer: https://indianexpress.com/
x-requested-with: https://click.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/json

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
strict-transport-security: max-age=600 ; includeSubDomains
content-length: 46
x-xss-protection: 1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
last-modified: Wed May 25 12:29:03 IST 2022
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
expires: -1

OPTIONS
H2 200 genfp
ua.indianexpress.com/api/resolve/ Frame 0
0 135ms
135ms Preflight 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/resolve/genfp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-url,x-requested-with
Access-Control-Request-Method: POST
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
access-control-allow-origin: https://indianexpress.com
content-length: 0
date: Wed, 25 May 2022 06:59:03 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=600 ; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 28ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=444470064056909&ev=PageView&dl=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&rl=https%3A%2F%2Fclick.checkpoint.com%2F&if=false&ts=1653461943419&sw=1600&sh=1200&v=next&r=canary&ec=0&o=30&ttf=1443.6999998092651&tts=1072.5999999046326&ttse=1438.4000000953674&fbp=fb.1.1653461943418.33988419&it=1653461943050&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 25 May 2022 06:59:03 GMT

OPTIONS
H2 200 dwellTime
ev.indianexpress.com/acd/api/3.0/widgets/templates/ Frame 0
0 30ms
29ms Preflight
application/vnd.sun.wadl+xml 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/dwellTime?groupName=contentLogin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
allow: OPTIONS,GET,HEAD
content-length: 370
content-type: application/vnd.sun.wadl+xml
date: Wed, 25 May 2022 06:59:03 GMT
strict-transport-security: max-age=3600; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 dwellTime
ev.indianexpress.com/acd/api/3.0/widgets/templates/ Frame 0
0 30ms
30ms Preflight
application/vnd.sun.wadl+xml 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/dwellTime?groupName=myNotification

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
allow: OPTIONS,GET,HEAD
content-length: 370
content-type: application/vnd.sun.wadl+xml
date: Wed, 25 May 2022 06:59:03 GMT
strict-transport-security: max-age=3600; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 notifier
ev.indianexpress.com/acd/api/3.0/widgets/templates/ Frame 0
0 29ms
29ms Preflight
application/vnd.sun.wadl+xml 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/notifier?ev_sid=628dd3b7c14eec03614211dc&ev_did=628dd3b7c14eec03614211db

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
allow: OPTIONS,POST,GET,HEAD
content-length: 369
content-type: application/vnd.sun.wadl+xml
date: Wed, 25 May 2022 06:59:03 GMT
strict-transport-security: max-age=3600; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 notifier
ev.indianexpress.com/acd/api/3.0/widgets/templates/ Frame 0
0 29ms
29ms Preflight
application/vnd.sun.wadl+xml 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/notifier?ev_sid=628dd3b7c14eec03614211dc&ev_did=628dd3b7c14eec03614211db

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
allow: OPTIONS,POST,GET,HEAD
content-length: 369
content-type: application/vnd.sun.wadl+xml
date: Wed, 25 May 2022 06:59:03 GMT
strict-transport-security: max-age=3600; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 dwellTime
ev.indianexpress.com/acd/api/3.0/widgets/templates/ 0
0 30ms
29ms Fetch 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/dwellTime?groupName=contentLogin

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-em.min.js?ver=23122021.21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=3600; includeSubDomains; preload
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-headers: content-type,
x-xss-protection: 1; mode=block

GET
H2 204 dwellTime
ev.indianexpress.com/acd/api/3.0/widgets/templates/ 0
0 37ms
36ms Fetch 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/dwellTime?groupName=myNotification

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-em.min.js?ver=23122021.21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=3600; includeSubDomains; preload
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-headers: content-type,
x-xss-protection: 1; mode=block

POST
H2 204 notifier
ev.indianexpress.com/acd/api/3.0/widgets/templates/ 0
0 47ms
46ms Fetch 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/notifier?ev_sid=628dd3b7c14eec03614211dc&ev_did=628dd3b7c14eec03614211db

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-em.min.js?ver=23122021.21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=3600; includeSubDomains; preload
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-headers: content-type,
x-xss-protection: 1; mode=block

POST
H2 204 notifier
ev.indianexpress.com/acd/api/3.0/widgets/templates/ 0
0 43ms
43ms Fetch 52.209.143.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.indianexpress.com/acd/api/3.0/widgets/templates/notifier?ev_sid=628dd3b7c14eec03614211dc&ev_did=628dd3b7c14eec03614211db

Requested by

Host: indianexpress.com
URL: https://indianexpress.com/wp-content/themes/indianexpress/js/evolok/min/ev-em.min.js?ver=23122021.21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.143.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-143-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=3600; includeSubDomains; preload
access-control-allow-methods: POST, GET, PUT, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://indianexpress.com
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-headers: content-type,
x-xss-protection: 1; mode=block

GET
H2 200 websdksettings Show response
sdk-03.moengage.com/ 12 KB
3 KB 169ms
133ms XHR
application/json 108.138.7.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-03.moengage.com/websdksettings?app_id=4514OD0Q31D8DJFBD5SX06TR&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-82.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 31b79b4122993739f2296b34fc079e2ff33781513df97e430b441194d74e1510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kECeayS5UVyJkrgBJ9V79zsC0zExbkGcIjqu8A6nI45frYbtz_2MUQ==
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
expires: Wed, 25 May 2022 06:59:02 GMT

GET
H2 200 websdksettings Show response
sdk-03.moengage.com/ 12 KB
3 KB 419ms
385ms XHR
application/json 108.138.7.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-03.moengage.com/websdksettings?app_id=4514OD0Q31D8DJFBD5SX06TR&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-82.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 31b79b4122993739f2296b34fc079e2ff33781513df97e430b441194d74e1510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B6BhXWVeKIEHCI8s7cOUipQcr_slOPPQzjMeVDjO_0l5coD-bkoA2Q==
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
expires: Wed, 25 May 2022 06:59:02 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=9556C13907A34A369E37A4137141EA78&RedC=c.clarity.ms&MXFR=128CDF87BFF462A51E94CE28BBF46C11
https://c.clarity.ms/c.gif?CtsSyncId=9556C13907A34A369E37A4137141EA78&MUID=09E6A41BC37860F20EB2B5B4C2AA61D8

42 B
369 B

28ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=9556C13907A34A369E37A4137141EA78&MUID=09E6A41BC37860F20EB2B5B4C2AA61D8
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:02 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55CE0C2940764E568895552119C4A23E Ref B: FRAEDGE1221 Ref C: 2022-05-25T06:59:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=9556C13907A34A369E37A4137141EA78&MUID=09E6A41BC37860F20EB2B5B4C2AA61D8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 live Show response
sdk-03.moengage.com/v3/campaigns/inapp/ 68 B
590 B 361ms
360ms XHR
application/json 108.138.7.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-03.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.8.8&os=web&unique_id=000000000000000000000000&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-82.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: fb6dfd0a67ee5af92545a723bb223f3dd29929f2baba8733ec5f6096becf0ae6

Request headers

Referer: https://indianexpress.com/
MOE-APPKEY: 4514OD0Q31D8DJFBD5SX06TR
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
content-length: 68
x-amz-cf-id: 9Sp_aSvGe7UC7RDMUiAaOp3JqTewrv7Vz42eP_YUU0FOUXwIVB-TtQ==
moe-request-id: LUMhbDhZ

OPTIONS
H2 200 live
sdk-03.moengage.com/v3/campaigns/inapp/ Frame 0
0 377ms
377ms Preflight
application/json 108.138.7.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-03.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.8.8&os=web&unique_id=000000000000000000000000&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-82.fra56.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,moe-appkey
Access-Control-Request-Method: POST
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json; charset=UTF-8
date: Wed, 25 May 2022 06:59:03 GMT
moe-request-id: BpmCxYMI
server: nginx
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-amz-cf-id: zZPu_kTklGe8FFhHmXcfkNpT8SKx4e_wN9v6A28wTaD6uB0_9XpEVA==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

POST
H2 204 collect Show response
i.clarity.ms/ 0
94 B 96ms
96ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://indianexpress.com
date: Wed, 25 May 2022 06:59:03 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 4514OD0Q31D8DJFBD5SX06TR Show response
sdk-03.moengage.com/v3/sdkconfig/web/ 164 B
645 B 352ms
351ms XHR
application/json 108.138.7.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-03.moengage.com/v3/sdkconfig/web/4514OD0Q31D8DJFBD5SX06TR?
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-82.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 580d201c55eea2aa85095a5a1eb6cc0b6fde745396a200f2a9450c0e9ddd9667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zq8D0DxwZLfW-MuvTeqth_Le85Os3RxO41dLukOIHl5IO3VsYgzVzQ==
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
expires: Wed, 25 May 2022 06:59:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 181 KB
17 KB 271ms
271ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2001957427546074&correlator=1358896105449663&eid=21068766&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=1050432%2Cwww.indianexpress.com%2CIE_ROS_TECH_AS_ATF_1x1%2CIE_ROS_TECH_AS_ATF_728X90%2CIE_ROS_TECH_AS_ATF_300X250%2CIE_ROS_TECH_AS_MID_300X250%2CIE_ROS_TECH_AS_BTF_300X250%2CIE_ROS_TECH_AS_BTF1_300X250%2CIE_ROS_TECH_AS_OOP_INNOV1%2CIE_ROS_TECH_AS_OOP_INNOV2%2CIE_ROS_TECH_AS_SKIN_LHS%2CIE_ROS_TECH_AS_SKIN_RHS%2CIE_add_size_video_gpt_desktop%2CIE_Promotional_Slug_220x70&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13&prev_iu_szs=1x1%2C970x250%7C970x90%7C970x200%7C728x90%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%7C300x600%2C320x50%7C300x250%7C300x600%2C1x1%2C1x1%2C120x600%7C160x600%2C120x600%7C160x600%2C320x50%7C300x250%7C640x360%2C220x70&fluid=0%2C0%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2Cheight%2C0&ifi=1&adks=2251526292%2C4134857687%2C4148745706%2C2546336223%2C360954248%2C233481504%2C1375478841%2C287408384%2C2713915709%2C2006046257%2C2442178151%2C2343617545&sfv=1-0-38&ecs=20220525&ists=48&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1653461943979&lmt=1653461943&dlt=1653461942639&idt=474&biw=1600&bih=1200&adxs=0%2C315%2C985%2C985%2C985%2C985%2C0%2C0%2C170%2C1310%2C315%2C1360&adys=5933%2C187%2C684%2C1324%2C4104%2C5281%2C5933%2C5933%2C182%2C182%2C1719%2C43&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ref=https%3A%2F%2Fclick.checkpoint.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x5932%7C990x90%7C300x20%7C300x20%7C300x20%7C300x20%7C1600x5932%7C1600x5932%7C120x-1%7C120x-1%7C640x0%7C220x0&msz=1600x0%7C990x0%7C300x0%7C300x0%7C300x0%7C300x0%7C1600x0%7C1600x0%7C120x-1%7C120x-1%7C640x0%7C220x0&fws=0%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C516%2C516%2C4%2C4&ohw=0%2C1600%2C990%2C990%2C990%2C990%2C0%2C0%2C1600%2C1600%2C640%2C1600&ga_vid=319277237.1653461943&ga_sid=1653461944&ga_hid=1148075980&ga_fc=true&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C0%7C0%7C7%7C0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

59292d0d1e81870c97b8bf2affbb0243ae3855bc9df83995183db8334689d7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17292
x-xss-protection: 0
google-lineitem-id: 5557369645,4886414153,5218008420,5218008420,5218008420,5218008420,-2,-2,5018798761,5018798761,5218008420,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333640792,138269755687,138315962633,138316211688,138316015410,138315960155,-2,-2,138266160835,138316012509,138316211046,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 22ms
22ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

238adff5aa77613c448d9251a2f0f4ae2ecb4e75dddcf8407d4a021fb76e1f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10860
x-xss-protection: 0

GET
H2 200 container.html Show response
a73bafb454375ecf0d907670ae07f366.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5998 6 KB
4 KB 80ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a73bafb454375ecf0d907670ae07f366.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:04 GMT
expires: Thu, 25 May 2023 06:59:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4514OD0Q31D8DJFBD5SX06TR Show response
sdk-03.moengage.com/v3/sdkconfig/web/ 164 B
644 B 130ms
129ms XHR
application/json 108.138.7.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-03.moengage.com/v3/sdkconfig/web/4514OD0Q31D8DJFBD5SX06TR?
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-82.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 580d201c55eea2aa85095a5a1eb6cc0b6fde745396a200f2a9450c0e9ddd9667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8Zc15XuaFM9kxfnZNBFm4lGjITYw0Anuz1DMmskAw8Ik_q9LrzOadg==
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
expires: Wed, 25 May 2022 06:59:03 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D236 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://indianexpress.com
Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://indianexpress.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:04 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/356047812/ 3 KB
1 KB 78ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/356047812/?random=1653461944029&cv=9&fst=1653461944029&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ref=https%3A%2F%2Fclick.checkpoint.com%2F&tiba=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7300ac4805f7767a47bd72c30d4b14d33e1322e68ae80b35dca984f43441c75d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A026 13 KB
5 KB 28ms
10ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D51 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

562005062b41c99f16232c66e2df8c40c9cfa63dfcf4e175321b3f22e07cb658

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WAGR11HQLPhrmto_g9Vdbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-WAGR11HQLPhrmto_g9Vdbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:04 GMT
expires: Wed, 25 May 2022 06:59:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D51 0
0 70ms
70ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051901&jk=2001957427546074&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/356047812/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/356047812/?random=1653461944029&cv=9&fst=1653458400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ref=https%3A%2F%2Fclick.checkpoint.com%2F&tiba=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&async=1&fmt=3&is_vtc=1&random=1199772854&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/356047812/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/356047812/?random=1653461944029&cv=9&fst=1653458400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5n0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ref=https%3A%2F%2Fclick.checkpoint.com%2F&tiba=Ever%20Surf%20wallet%20flaw%20could%27ve%20let%20attackers%20steal%20crypto%20wallet&async=1&fmt=3&is_vtc=1&random=1199772854&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame A026 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H2 200 20220512052053646452TOTOW0Logojpegindianexpressmoengage.jpeg
image-ap1.moengage.com/indianexpressmoengage/ 2 KB
2 KB 91ms
12ms Image
image/webp 2600:9000:2057:1200:19:14ed:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-ap1.moengage.com/indianexpressmoengage/20220512052053646452TOTOW0Logojpegindianexpressmoengage.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:19:14ed:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 187fa38a2eb8f52989c02f094ee5fb66720e16aa754eedddcc766b4efe30315e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 12:15:06 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
age: 1017838
etag: W/"682-500nlPJzB3dvog4HMUIHMVYdDsc"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
content-length: 1666
x-amz-cf-id: Y2YSTdxbjoBVqxf90jQDXD87KKI-K5l0DPwNaSOcbbCmvlWKa9dRnA==
x-request-id: 40b5e92e-87ee-468f-80a6-7afacd743816

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A026 0
9 B 15ms
14ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XsIDyg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 412C 0
0 46ms
46ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2W2_K3z45NJUDWW68Ptd64C23SR3_k8VfvKbyP6_CROB7SZHDUb0XZr0TMN8qc_DUPI3lEdlKc65V6kgl-tcnrTkAuzgbKbnKrokoexpsZyqVQd2D1hnBWntoYoJBC_PYk-fgu4SvFgFxDSCz7DxisBKmS9aqclILR4L7IxnwwxiUQq8a-6v1ieO6Rw6hQnX8hC63V9L04nrx42qYQwrS4l6Nm3VaztKf1wk8dYV0vHppf3q50r49SJVqLINiE83kABiY1-FW4MXywsaCfPUppcbWsS3w8VF0llbKSyv3tTVvzxYlxEm0Wq79XH3WqlQIkne_ueGzNWVRhiRb4Q1CIfh2Bfia1zYFiUF1&sig=Cg0ArKJSzPOsW0LT-0c2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 generic.js Show response
pubs.contextads.live/indianexpress/indianexpress/ 4 KB
2 KB 118ms
7ms Script
application/javascript 2600:9000:224a:6a00:a:5b2c:b080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pubs.contextads.live/indianexpress/indianexpress/generic.js
Requested by: Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6a00:a:5b2c:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1660c7b9da05dbd944426f37f56de2c3a8fdfc23ea8bc6b62c7421c2a42b8887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:53:29 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 10:25:38 GMT
server: AmazonS3
age: 14736
etag: W/"98a967c0faa96df2069bcf5535e6af73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: mr6T8KbFHKjadqcA-2yVmQxD2gluBLGHrVz_O-Jsixs_Bqg5euL2_g==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 412C 136 KB
42 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D703 0
0 46ms
45ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1mLzRM4MwgN6K4JFGUWo1kazDOw1GaDR_OccpQfxVveR5lZjPGa2uWKkUk_RYw6t6kNnHYqKqfEUiSe3zsrEAS1YU2ik7lcCqBv72_myPkUb1QYk6ln1ZaRMv7d1Hq-7_7RzLr-F7YEcPjQtSccGQtMZT3OWOvpghPFua-sb_VSggdmb1wVj8p3O-EadRjGuf0RA6ebRKwaNwhgLJwkMHVnJsI1IcaqBnu63AO2-6SGdFCqyFi5TRpNz01ILsnxSMBktQ8H1LKwMlGNe93sTaIBzhkMDKcj8ju5Qh1CMdAXTNXl_bPiO5EYEwXHfSzaE8SLTBgT7iQ6frNJ-4aFZRiJ2EhCZAsxHgwJa&sig=Cg0ArKJSzMj_SZycthjwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D703 160 KB
56 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9c25d3cc62375afb000f8e230d5d7dff1f7d4b5a7d491e5d2dfb42387c8fb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56843
x-xss-protection: 0
server: cafe
etag: 1282683970203251684
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D703 136 KB
42 KB 68ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D36A 0
0 58ms
57ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSSJR61Vb1LmzgIiaZLN4Zo_HaA7diA6rkm606KDPBGD0ugBtQgYc83GW7BxErpfHFGdhj-r8bZOyrIihlPaRHQkBkmmld_cjINaoZye-Kdfkb2wxFWwQ9pcTa4Xegmuikg8_Yh33sSKDUQhg99QSvHFhFL2Fs7qWPwfbRyHCf52wM6ZDPmRoA0min_Fu3lxeuUW1gXkPJo3jyu11Rs81jP-HQ1IhnhBkp5eV4ImDMyuE2IipI-rcf1r7Wn3Eg5PuUptGo2kUUtdwdW7aSzLVyjST79x0yfxpFUD6k5JADvJQtUay9f3zkhfNfczzFBPaftFlGyjSrYi9jSyVofaQKVAs6LJilBHL1kbQkmQ&sig=Cg0ArKJSzE7QD2fTiuU0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D36A 159 KB
55 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

364dc28afff259ae21c51b6f55e7e0d4887004c11e6e58585077a53356c828c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56339
x-xss-protection: 0
server: cafe
etag: 3254901299660240707
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D36A 136 KB
42 KB 66ms
60ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AAA 0
0 53ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6O0PcPUt2mBY2yXwEX71269rDR0VWfmCrznF9CkqK15n2FH1hZkKX6GO2hgp8qylhOEXfVM2kCnuRWOpNk9QmOkAuVPBN64FdDVujju6N0kSealJm9c8VtiQrruPJRUz9voUvmUK_aTJoQvjcDnf9Nat2q9-HIHyoJMo4jMwd4vlJWWhlAGFqlxkDyTdTksmMMuwq0CZyKyvIT1EjimTBVsoMrNwwFp7WEihEoLg6F8_vo7oGYZ_KBiVKmtgMd38VObBDdqRS6Dof7mlXYH3wsCMahW4j6Ns3O_7Dz_vWyul539gV9pzE5Djed_-gYMHKl227trsCvYhOfMvMxjIkLekN-14kEH7_lsxm3A&sig=Cg0ArKJSzMqu2jiFCLViEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0AAA 160 KB
56 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

093d17e65be8299fec1b15008478b44f1b71bdd395c022266691ab503b1f4345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56848
x-xss-protection: 0
server: cafe
etag: 15831437379370938676
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AAA 136 KB
42 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B586 0
0 52ms
50ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIzwGLZzDUV-69NrfVpkIir5G3GfEthTdQvTWxuWyn89V-kwKtfTEAi6xzJVDr28GJS3FLH_YKocInqrbhHmjtRlrl_akU9eyRBbcpSWARHR5DpzRxTMaGvxUwr7awDuiWpyG3qUTSly8GcKP6XCd7lSMlQCCY_usPQkHWlkoTVzF8aYtCoeUSe3_Y4lZwYeOqMOtsFfcw1IJXO4yNkKnT6d9PZJez4CRGrU9rua4DalqnvKo2qSznH5de_ErgkoB-ourE_guA8G_HK8R2s8OEuUVdZeMH7HaTEHfu_pSqyVU_ZnVGz-c7OLFAo63C4oDyQ8HFcljYZFokfq26EUjCSKnb2upRvmi5TDkLwQ&sig=Cg0ArKJSzLd38SexTplcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B586 160 KB
56 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0915ccb965d70855cee2ac0accc591691a09fa8b01acac7da0b1894705b11705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56843
x-xss-protection: 0
server: cafe
etag: 7308123736813157333
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B586 136 KB
42 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B0C6 0
0 60ms
56ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssavtcG69aTz4qsyWZSHqacjLufXpuYiMHGVoQNbQiKH0NaqBnU181XT7cTwtFiN5V6gxPZ-P1TmS__rT6ZbUGCnAayHULS1-_9YTK81XMJ_g1At0ZGksJZPvnXnAMiRgWe7X4fkTkJ8RIjAWKu779TFNn-9hOLc6Me9BbQHFrl_UcN8ljdbuUpbqofUBDM0xFerUWshNOiZJ1LDZr_IFx0pl9TQV6pHY0lTD6ELSfnhE3yzRvvnJBHEqQiBglWcO_6FD-r9KAE-QarLBKUtX9TCxjcz58xsEt54nYArPWLKN_YWDpb-RzpQmRdUl4vSiTSqDvxiVhekpA5MaItI0gkMSUUeG-PuXIYidZgrbU&sig=Cg0ArKJSzFGyRqZzdIqOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B0C6 160 KB
56 KB 71ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b926c129e821a389d7fce9a3a4918bb4d6fe5ec9600a17266a9c03f0251e57c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56841
x-xss-protection: 0
server: cafe
etag: 8886660136019954895
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0C6 136 KB
42 KB 65ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 31F8 0
0 52ms
47ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul6VBOwvNtA0sJRNLTKcA5sYoCj4S9CcQpbhUFMusaY36niy2D-uyNSbnNQsDYvL4uQlmPoTxOyhU1hn6GGeWV-YgKgJDPJAVrtUjnQtGVXyXHwQQLsMDMUKebZwzi6rvI6enWWvlr4QdRFuJpBqQJ4TMX6rwS-0TVOE_Sofp44HgIhUH5MFKyLQIlvQUdIKupe9kdEPEQ_dszOIQNWqco5Xh0pPXPDHcmEbQ0mCqfVKYW3mFQFa7WXk9srO8fF_pckd6Ex2GQ7Gma0B1oP-5StQvabDRsW-ijes_QW6C3x2AL76s_9NnRO_fl8YhFg4_N2FJLf2o_0KVqNO3LGeEIn2E1iBE7GOMUyA&sig=Cg0ArKJSzP0oEJUnaOXHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 31F8 160 KB
56 KB 82ms
76ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00b3c9977b4737f3ae7551b462e4db11c3ad4a655d8bf89691943c6981044d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56842
x-xss-protection: 0
server: cafe
etag: 17578832824191790612
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31F8 136 KB
42 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E78E 0
0 49ms
48ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVkk1ND_0wtgrXQnpbX5iJYVxlDX4tLlTvFsaUehx6AJDQD0HKyBnw8QO33nEiB-yUqfO8RNIDXCtotKHvVKM94coP1ubuwMxxCn8e7fKyklGIpBYhp0DD4HRgeUn6q1TzNsNtHUNKoIUNN6wEiKLNv2f0flu_3l_avvCUx_sVuV1_bQQe2Z_ahMrOmUSwnXhW-O2xP223skzN6XgWpD66j9fpGfhmEXQ-NgiG6FEpG4pG6qlCS9xEy9W3EmghpB6Pq9MOJACZwRll8kcaX-JkmVKsGuHNmIY4YH_lXxba5sjuN_eu036mxKRswRW_v66YIYY74iYIZNEs1Z5pXPUSNx-zCZh-CFRoiw&sig=Cg0ArKJSzCCgmYfbfUv3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E78E 160 KB
56 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b52380f67399cd4eb8b169648461c28e873bc5e807a0b45388019be5fed6f71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56848
x-xss-protection: 0
server: cafe
etag: 2055668878198096707
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E78E 136 KB
42 KB 85ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCDA 0
0 51ms
51ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNGIVlP6pPYI_TEqbUIZ4aWZjbm6tGsuRE6AOhktghIRNhdzAkFuvJ1CvdhqC2RNTAnKGy8UxLqcPzQDEOCB6S4j1lIwIYzW9TuS-gcaZ7qssjTSsWUMoVHUsHj4zSLkg3tj_RNIIfmuaF4vETPeFEpeuINN31Y3QB0ycaAaabl3r6DBpHeK6ip9bc6Ta3nz6sH9xR0K_iRZSvuVuLVSSFYxjcAqYri35lIK8-lfgT8LUL_oG0r_guaIpnT-Ly9cOICp6NlC8HpcaMP6iA-NMIVU9iYlfElBoX1eRm0syQeNE_MFg0oiMSLxPgfydqvIcaXWAFjaoWskFG0kvH3XbMnLUGg4416-eQ1TTzyGh59w&sig=Cg0ArKJSzO5HMXPbNa2kEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: click.checkpoint.com
URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGEU-g2jqPXGH2PlcGnW25ZIzUzx5XYsAdL4c-FT5ZF8p1P_p7ybO29tihk86UM0nrVk5b6btc=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CCDA 160 KB
56 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab0aa9f252ec64053106f9101eea6a7b2647b1c175ce21b2c9df253d48cf6223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56841
x-xss-protection: 0
server: cafe
etag: 8509904961034001878
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCDA 136 KB
42 KB 85ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:04 GMT

GET
DATA 200
OK truncated
/ Frame 412C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b6f21385d8496a6d1edf2334aae64a86025d1ae907a12619557c9eef6a6e9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 412C 0
0 43ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstULjJwyIIkZnc0eoyJJGKs3IEgq_BxeiZ5Vf0YC9S2jQU4-_3EP1b9Blbd8H-2eNFoZYa1d2F3tFMEGkj88h7aodziZGOPbquMQEsz4Iubvv_tGpAezvsX6z-4fj6Zg-MF4xQKN6-8YU4LL_TgR-Z_9wUkoH9GiGQzHXMBk5IuajHfZN8fEgl5HwYsSxnNXFVpxb5o4vtkytrQxYKa2pUAf4r70bHn430InaJdQMbam3qVSw-tBi17oUvmZuH1wd0sXNGfMMN0eyG1DtUXnxgWbh0ZFkcjBGtwesoZlSF3VzytPZ8Z97vpWn63b0bMNPommAQQvBY4T_sLS7UDKHlFd09lBYnTWelFGHxg7cs&sig=Cg0ArKJSzGRS48RXJBg8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame D703 316 KB
113 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com&bust=31067737

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144a406c4b34df8711d6cc5469c03704e04ec60fe02e2bd340602aaca8e71b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115453
x-xss-protection: 0
server: cafe
etag: 8107743509184619349
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220523/r20190131/ Frame 5594 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220523/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 01:47:35 GMT
etag: 3347421328414474149
expires: Wed, 08 Jun 2022 01:47:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0AAA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 341601f897b556d84e1a9f5fad504e9380e017be7f2749571134ec0c7729ec17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D703 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de2a1dd235d596bbb119433115f1bf948d4a653a6715e59b9062281d029d9c06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D36A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3298023a809199b0a780c96dd1a390306172d15e303da0ebd53eb2b2f16af49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B586 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a73343597533593a690cfc745135790ac6156986352f1031055ba386b8923384

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 31F8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0562d0c721f4977e6a2e6313d064e153af7d4f96a93e40427684797666ad357

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B0C6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e70b8d0b42d035a42a681d50bbd62006122215bb3a6b01ac78a783bf05bf77f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame 0AAA 316 KB
113 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63eef6e11cf2a6f711ca39a160854ed0bb62f5b4a6c7b50d910ab9e71000634a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115453
x-xss-protection: 0
server: cafe
etag: 2733154968203421588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/ Frame D36A 314 KB
112 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com&bust=31067757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8da490d5c918aac19b79a0713434397b984fc4864c64c5ee36836dda1c69b8b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114519
x-xss-protection: 0
server: cafe
etag: 196062894635670738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame B586 316 KB
113 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63eef6e11cf2a6f711ca39a160854ed0bb62f5b4a6c7b50d910ab9e71000634a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115453
x-xss-protection: 0
server: cafe
etag: 2733154968203421588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
DATA 200
OK truncated
/ Frame E78E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15dccc473baed55cd47f7052f24073d24f8164eda51ba5c258fa7255d54ee51f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CCDA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33eba0a28b31cda67b8a56737757523516ba6c7ee15f140f7854befad26a9cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 impulse.js Show response
impulse.contextads.live/main/ 29 KB
10 KB 55ms
10ms Script
application/javascript 2600:9000:211e:2600:3:6e47:11c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://impulse.contextads.live/main/impulse.js
Requested by: Host: pubs.contextads.live
URL: https://pubs.contextads.live/indianexpress/indianexpress/generic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2600:3:6e47:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9c423376eb6a4a47225c9ac8aa802c3f5a73cfa0cb8ee581cb556ee7358a61f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 21:32:49 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 09:43:19 GMT
server: AmazonS3
age: 33976
etag: W/"af958f21629902e348696a46e58c27e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: KV0_5-e2x54pHOYygIBhCu3km68DF07I1osYkOi0aeq6ggu8aBxauQ==

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame B0C6 316 KB
113 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

522538812ef56c2f5aa389f3d876bd0a8be8e702b70f7051dfd121a3eb35c411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115464
x-xss-protection: 0
server: cafe
etag: 124276118048568245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame E78E 316 KB
113 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com&bust=31067737

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9b220b6e5eead3a0ea4a017f80cffdb7eb4a213978a9124b7f0a335f42153d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115452
x-xss-protection: 0
server: cafe
etag: 11665675041006777764
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame CCDA 316 KB
113 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63eef6e11cf2a6f711ca39a160854ed0bb62f5b4a6c7b50d910ab9e71000634a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115453
x-xss-protection: 0
server: cafe
etag: 2733154968203421588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame 31F8 316 KB
113 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63eef6e11cf2a6f711ca39a160854ed0bb62f5b4a6c7b50d910ab9e71000634a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115453
x-xss-protection: 0
server: cafe
etag: 2733154968203421588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 06:59:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D703 221 B
418 B 17ms
16ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=indianexpress.com&callback=_gfp_s_&client=ca-pub-9517772455344405&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com&bust=31067737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

74ce61114fe579b5b6da2ab89cceb7cf87c891f4b8077680bab22733e17daac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D703 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D703 107 B
122 B 33ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE31 74 KB
30 KB 351ms
351ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=90&slotname=4068205970&adk=2668761221&adf=3173046726&pi=t.ma~as.4068205970&w=728&psa=0&format=728x90&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944566&bpp=4&bdt=206&idt=338&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=2&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1997433642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=187&biw=1600&bih=1200&isw=728&ish=90&ifk=2440170843&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067737%2C31067768%2C31067526&oid=2&pvsid=1060439149467540&pem=626&tmod=175301254&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.v0rnrobqfh04&fsb=1&dtd=357

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d56b6594050ef7eeeb242e1b50cae9a315eaa2f01ad320e39dbf0a1c84558299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 30221
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0AAA 221 B
225 B 16ms
16ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

66c0d3dfd5686153bff5b0029bcc40732a205cd80c9cbbda27b0dcf58d870914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0AAA 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0AAA 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B6FB 100 KB
33 KB 204ms
203ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046724&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944719&bpp=5&bdt=344&idt=229&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=126749912&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1620&biw=1600&bih=1200&isw=300&ish=250&ifk=1685284269&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44760474%2C31067487&oid=2&pvsid=3888245929453611&pem=626&tmod=1318275688&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.y9ftxvckarvp&btvi=1&fsb=1&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44bef10439f7868aee499982a19f2d1373cd091d2d8452e811a9acf7a50d4388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 33310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D36A 221 B
225 B 15ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9517772455344405&plah=indianexpress.com&bust=31067757

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ff1925a67918a2f55ece17a8bd6b104905a4e65b57799a65181693646caa6988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D36A 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D36A 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE4A 25 KB
10 KB 150ms
149ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=6686286215&adk=2703873347&adf=3173046725&pi=t.ma~as.6686286215&w=336&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=336x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944740&bpp=5&bdt=373&idt=235&shv=r20220523&mjsv=m202205240101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1110079953&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=700&biw=1600&bih=1200&isw=336&ish=280&ifk=1241629477&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067757%2C31067488&oid=2&pvsid=1484438737876758&pem=626&tmod=2021561125&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.c6iyglq3ef05&fsb=1&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94b5a20d447ad3688f0dd408ac51d85c89ba599826e62c909358423dc0df2ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10286
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B586 221 B
227 B 15ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e51f4266a27127bafb462e818f78fda6ac66dc36f7e6ff9638b672bd5d1d81d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B586 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B586 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A21 436 B
231 B 166ms
166ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046723&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944762&bpp=4&bdt=380&idt=236&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1786783204&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=4650&biw=1600&bih=1200&isw=300&ish=250&ifk=2444015815&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067527%2C31067487%2C31067718&oid=2&pvsid=312738747088414&pem=626&tmod=1099106339&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.br1tp7q2xze7&btvi=1&fsb=1&dtd=242

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d9c609c5ba7296018dcf975019eea48811dd040b76a7574777c7577da20b466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dac.min.js Show response
dac.contextads.live/ 5 KB
3 KB 54ms
7ms Script
application/javascript 2600:9000:214f:8a00:f:b7c0:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dac.contextads.live/dac.min.js
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8a00:f:b7c0:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 850fb8cc3f5fa0cdbf059ee069f80f5079b96472f453ad5dd0cf57fea4a99f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 13:07:23 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 07:27:18 GMT
server: AmazonS3
age: 64326
etag: W/"07f3afcd1895e92b1d88def1789cddcb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: NDdBhKcTMqHHs-QYYvq869OI31vZm9YGE5w0k8v3_id0TNvpv6bmvA==

GET
H2 200 IMPL-INDIANEXPRESS-INDIANEXPRESS-RESP-GENERIC.js Show response
impulse.contextads.live/impulse3/config/indianexpress/indianexpress/ 10 KB
3 KB 7ms
7ms Script
application/javascript 2600:9000:211e:2600:3:6e47:11c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://impulse.contextads.live/impulse3/config/indianexpress/indianexpress/IMPL-INDIANEXPRESS-INDIANEXPRESS-RESP-GENERIC.js
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2600:3:6e47:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7792a6ac6c90fb406d1859c1d63ef68ada569d2ea7aa14794ab86251ffc51cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 01:59:48 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 08:27:58 GMT
server: AmazonS3
age: 18574
etag: W/"aa440b0dfb2e65f4a6f0e6d43604ce7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: o6OyxIyFbbp1lBgXZJv4FSq6x4sC6KyOmSN3kgyYwJ9bWOHRT7bV8g==

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B0C6 12 B
53 B 15ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=indianexpress.com&callback=_gfp_s_&client=ca-pub-9517772455344405&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B0C6 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B0C6 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BA7 25 KB
10 KB 121ms
120ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5c69012755329f77b2d04d328dac834aa112907bccd437d51ef2fa5a79f2aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10336
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E78E 12 B
53 B 16ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=indianexpress.com&callback=_gfp_s_&client=ca-pub-9517772455344405&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame E78E 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E78E 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6B5 99 KB
34 KB 320ms
320ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186319&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944844&bpp=3&bdt=433&idt=240&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1961895520&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=1230151253&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31067737&oid=2&pvsid=577011371732562&pem=626&tmod=259749370&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zgf9ega0ongu&fsb=1&dtd=253

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2415a19066fb2738ac70eeb2e874c15a753bf0c9eab17fee78359fcf5ea4e6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34415
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 31F8 12 B
53 B 15ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=indianexpress.com&callback=_gfp_s_&client=ca-pub-9517772455344405&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 31F8 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 31F8 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D18 99 KB
34 KB 332ms
332ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3512cb075b072464b429e479b81d6b522d403521e4da99e0886c2445733d6865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34393
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame CCDA 12 B
53 B 14ms
14ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=indianexpress.com&callback=_gfp_s_&client=ca-pub-9517772455344405&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame CCDA 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame CCDA 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=indianexpress.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8956 100 KB
32 KB 138ms
137ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c62953f655e21de8913b06f194575ef3ad2868ba95e73b687241b1c441e07dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 33232
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 blank.html Show response
dac.contextads.live/ Frame BC19 7 KB
3 KB 7ms
7ms Document
text/html 2600:9000:214f:8a00:f:b7c0:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&amp=false
Requested by: Host: dac.contextads.live
URL: https://dac.contextads.live/dac.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8a00:f:b7c0:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e012f370d3fc843b236c270d98bcc38d7b07f2f7dc0c63c693fd331debeb681

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82326
content-encoding: gzip
content-type: text/html
date: Tue, 24 May 2022 08:07:21 GMT
etag: W/"ed9ff6b240cd456bb05b0f826b5d8af2"
last-modified: Tue, 03 May 2022 10:01:20 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-id: ZcpMXv40ja00_IHNw2dRxuY_hpKcClGiSz0Kq0eWLhQlsJxvxq8mIw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame AE4A 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=6686286215&adk=2703873347&adf=3173046725&pi=t.ma~as.6686286215&w=336&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=336x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944740&bpp=5&bdt=373&idt=235&shv=r20220523&mjsv=m202205240101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1110079953&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=700&biw=1600&bih=1200&isw=336&ish=280&ifk=1241629477&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067757%2C31067488&oid=2&pvsid=1484438737876758&pem=626&tmod=2021561125&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.c6iyglq3ef05&fsb=1&dtd=250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:26:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE4A 136 KB
42 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame AE4A 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AE4A 0
0 15ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxpU7SDDV3oWXsjusWEyM0Pr4QDIOtYuIvS1nmMObc1D_gKp33hoQWmFkn0U_AKQP3jGBR
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=6686286215&adk=2703873347&adf=3173046725&pi=t.ma~as.6686286215&w=336&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=336x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944740&bpp=5&bdt=373&idt=235&shv=r20220523&mjsv=m202205240101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1110079953&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=700&biw=1600&bih=1200&isw=336&ish=280&ifk=1241629477&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067757%2C31067488&oid=2&pvsid=1484438737876758&pem=626&tmod=2021561125&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.c6iyglq3ef05&fsb=1&dtd=250
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 810878063665264710
tpc.googlesyndication.com/simgad/ Frame B6FB 28 KB
28 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/810878063665264710?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnijSC_exO-DbMHSwqvnzwX6ujDzw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046724&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944719&bpp=5&bdt=344&idt=229&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=126749912&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1620&biw=1600&bih=1200&isw=300&ish=250&ifk=1685284269&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44760474%2C31067487&oid=2&pvsid=3888245929453611&pem=626&tmod=1318275688&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.y9ftxvckarvp&btvi=1&fsb=1&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d9026a0adda8f4b5f68678d9ff5b4251f35b6787a5a1c8ab57f4d3e99a941d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 13:47:34 GMT
x-content-type-options: nosniff
age: 148291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28512
x-xss-protection: 0
last-modified: Thu, 12 May 2022 12:36:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 May 2023 13:47:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame B6FB 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:45:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame B6FB 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:26:19 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B6FB 67 B
91 B 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:15:01 GMT
x-content-type-options: nosniff
server: cafe
age: 45844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 25 May 2022 18:15:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6FB 136 KB
42 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame B6FB 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B6FB 0
0 15ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc29SMWEBoN_NuUGhOcT4WR8STsOEkiSaW9v6oK4BIJmI8pA7DkbHB_mDTWFcdJNfn3njO
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046724&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944719&bpp=5&bdt=344&idt=229&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=126749912&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1620&biw=1600&bih=1200&isw=300&ish=250&ifk=1685284269&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44760474%2C31067487&oid=2&pvsid=3888245929453611&pem=626&tmod=1318275688&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.y9ftxvckarvp&btvi=1&fsb=1&dtd=245
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame B6FB 32 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 01:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13007
x-xss-protection: 0
server: cafe
etag: 15107675193488962307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 01:00:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE4A 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8EJKudONYv6FAceygQfyrZaICMme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAiqsz0j59bE-qAMBqgSqA0_QNe1SH9skRDYLDE_JGAZwL59M88aceR9VQa8oIrRsB4KGtGsRP4HgpKxo0UFXsjeHl1u69ulC1zD5Nquc3oLCh4HQmf1K2a52QDNpkGcmqHfryGP2UO8X03q4VPgkS9RSiAXo8WE-zXE8dgtXJZ6JG6bsUX-xGEObWvmj4yiOw3qcdfp0-enT37izqC4I6XUecLNOIRSKd0T9xo-bZeRgw5cz7KA1pFkYVtmvq_IfACOKsmWbE7jMJZ-aQAfN_1V4Amk4niGCKk-1UVpqN9U0tPWBCymM2VQqy62eWiaE7XGRPUfKlp0Powv3JWIDanmzKrFWf8jZxegqr-2fsPCk4L6Z6kBqaTnsNalnWwwc2l7R7d29bjg0_85En2K9MqbH2jKy-Imvv16ALXTS9_GM14zPyOU_1c4j83DfVdMYPN-WoyTGc2WCdn0O2ZYcnyNgndAEEB_IxPR3wlILDj6ZceQWgqZaqk2P3SNIXeks7Vsh-r_vMksMaISaThZtkBdzEbHoCU0Su5hJp0APBAzgWNLjb0iCDpJVVVwB4Y8RJtIZsxiGiZ4R2oAGpY-0v_P7nsBXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTUxNzc3MjQ1NTM0NDQwNRgA&sigh=TBqrp_LY5x4&uach_m=[UACH]&cid=CAQSPACNIrLM1XdE1IVrLcQpnzHCOPOYZaNYSUH2MGlp4ohdOLRTl7p2CccygSTtj67_I8ge1uDEw5LNnLBSGhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=6686286215&adk=2703873347&adf=3173046725&pi=t.ma~as.6686286215&w=336&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=336x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944740&bpp=5&bdt=373&idt=235&shv=r20220523&mjsv=m202205240101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1110079953&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=700&biw=1600&bih=1200&isw=336&ish=280&ifk=1241629477&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067757%2C31067488&oid=2&pvsid=1484438737876758&pem=626&tmod=2021561125&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.c6iyglq3ef05&fsb=1&dtd=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame AE4A 0
0 47ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Esz6RNACyAGdg2ICAgAAABAVGJ9OmsM78Kc6mXKYq00QudONYvhf8jUhh3gQv_iLABIAAA&wp=Yo3TuQAAQv4K4FlHAAWW8h49Kclk_RwPfp8QyQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 187871
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A396 138 KB
46 KB 122ms
88ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3TuQAAQv4K4FlHAAWW8h49Kclk_RwPfp8QyQ&u=%7CUGqX%2BeomXONwI4%2F2NUZgdXLqXCfJQ1S%2FNI8yyxFZssU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4UCR1GnmPW4iMUx47ZizX0Y4aSGCN7nIEkwiC-jGZOmkW234zmh52fBVlpGAg-BIm1fjkCRO3NKb93Bx95kgpbLUC5rc0OR3DCbKifXgAKOxCwfW02eblu22oVGI1dkQyEOMZCbef7_7OnhWzZYah9_LCcm-o2WR6zEjURn_Tp1KPpVAmOSiSAX6QXL8n42a6aT0VG20LcNDQMY_hUCTqixEvZQjtu8Bxupxg--WDmjDgNQKKWXOABYB7l1fKH44sGZgs8FH9JYHg1Roqew1GYh56fMh3_9pThALfKbvFfdMehfm0Uk44Jex0xlf5tedo6gFCMppnW0VppBXu9ZheU-DorSqKuEKWbYLt9nOLWBJrvFjgIPx9rom3KzrYvNka1AdfoVJvcCDRkf792-T-wyWzoYljWVCYQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI6j1udONYv6FAceygQfyrZaICMme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAiqsz0j59bE-qAMBqgStA0_QNe1SH9skRDYLDE_JGAZwL59M88aceR9VQa8oIrRsB4KGtGsRP4HgpKxo0UFXsjeHl1u69ulC1zD5Nquc3oLCh4HQmf1K2a52QDNpkGcmqHfryGP2UO8X03q4VPgkS9RSiAXo8WE-zXE8dgtXJZ6JG6bsUX-xGEObWvmj4yiOw3qcdfp0-enT37izqC4I6XUecLNOIRSKd0T9xo-bZeRgw5cz7KA1pFkYVtmvq_IfACOKsmWbE7jMJZ-aQAfN_1V4Amk4niGCKk-1UVpqN9U0tPWBCymM2VQqy62eWiaE7XGRPUfKlp0Powv3JWIDanmzKrFWf8jZxegqr-2fsPCk4L6Z6kBqaTnsNalnWwwc2l7R7d29bjg0_85En2K9MqbH2jKy-Imvv16ALXTS9_GM14zPyOU_1c4j83DfVdMYPN-WoyTGc2WCdn0O2ZYcnyNgndAEEB_IxPR3wlILDj6ZceQWgqZaqk2P3SNIXeks7Vsh-r_vMksMaISaThZtkBdzEbGqC2yAPBfVtP-TEK8wZXQbZlyIuJh7Td61KbK31G0HnwADIxoCZRcreYAGpY-0v_P7nsBXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EdG8bWbPFAZVfgY4ORv9FWe5rQA%26client%3Dca-pub-9517772455344405%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c0e820796e0e21d9ced047309239364bab4496ad4bb0099b65700c8a9752aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5ebeBzm-yCB80C265pubhZRKLbw4sQ_GGj4Pqanqi6yL5A_haXOsJBfD9ba-KgLv9vUiN7Q7GqO5OmO-9pMvsnnoSmWaiCb7FyWYM36MBdX1HkqMr0Bb3KFTB2N_pmQ1X8ySEsk3PamwW0PkG3-xW3aEct4HdDy5OcSjKlLxotA5Jnkm4ENm530BYHlCHCbZ9nLYHgyXnBIApKm4zwD1JG-nf7bmr1dV2i54kGSqXK0UhqagpIiDTEUrYP5I-2ir4ihZMA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 70191622
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B6FB 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3FyXuNONYuS7PKrFx_AP9cm3UMzNiKFqwdK2_JAQ2tkeEAEggp3WDGCV4pCCoAegAfL7098DyAECqQJKUfIa4PyxPqgDAcgDyQSqBLkDT9AJ7om_Ie7Jl9ITbGuIkB7TfW0IRMEnxscJGXUS67KsldwODn_fapsig23e922X4GYl_yHOt_ZzTxr59KCPnt8foG4JQtfEtQ5w6mvnxwxs_J7B3JbqHREPhp52Nxm-R591KNcEjM83vPuVq4efJT8QtPpHU1RY4Tfu7LKbVM6sbRXf4E-4-zttv2CqgpplWtwJ-A80sEZf7Bw1K53EDU9ceF-UQwBcmUieJefElc1ZBpoiAm3wijCz88Cq32pHCUa7CmEGkDO7cJbHyG_SrW6dMgq4zV1ZMAfGtIEEf9CFB4qrvkL2KFQZL03ZPEsUuJd7Zxmgk9cB8v2q6SIf156MGk_7bMuP2TptwtPhrFKQpsvt5ZKrkw8WpgOR6rGzVr-CHPNPS7J2j0bs51Y_jcJPj-INmdbcnUU2aonfcl7Nahlsj2Q7rYR0EkxtrKZPVct1RRbbrGfz6_14TpVijDf75RYeUfegocoU2dA8tOdvCs1M215lmCXGQ0lAQD6qpUuzyD-2fHfpUyfJALbKI0wQtKfqJYxW1_0xzRWVQCStUaDqQ-ezJ7UxC1bjNrDJT13kCmHBigxWwASAqobWtAOSBQQIBBgBkgUECAUYBKAGAoAH2eWyJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENTVAtIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NTE3NzcyNDU1MzQ0NDA1GAA&sigh=KF31aK6vTp4&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046724&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944719&bpp=5&bdt=344&idt=229&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=126749912&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1620&biw=1600&bih=1200&isw=300&ish=250&ifk=1685284269&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44760474%2C31067487&oid=2&pvsid=3888245929453611&pem=626&tmod=1318275688&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.y9ftxvckarvp&btvi=1&fsb=1&dtd=245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5BA7 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:26:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BA7 136 KB
42 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5BA7 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5BA7 0
0 16ms
16ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjeJWM51CAcllDL43vrY2uSueNODyT-HBtbEdcgMUacO-zHt9gqwxXsx2iPghgoDwRwmmD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 client Show response
cengine.contextads.live/ Frame BC19 2 KB
1 KB 187ms
130ms XHR
application/json 2600:9000:214f:9c00:19:be69:b800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cengine.contextads.live/client?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&device=desktop&product=audience
Requested by: Host: dac.contextads.live
URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&amp=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9c00:19:be69:b800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 / Express
Resource Hash: 6cea4816943c8f001235867026295878c62214f13c95b9fe00664cd844978ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dac.contextads.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
etag: W/"7fe-A2BvHyCa7b2r74aR1FAYVhkuQPU"
server: nginx/1.17.10
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: F6b7s3DiB7cuYW6zoK2dW1BBLiQDzFOD_9lHPSRvwtTsF-QvEJsc9g==
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B586 0
0 42ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst54fDPvSR0QKu4eo_G0WypTg-7X22R29cug98Es6wx5hvvTbbazWFnscKPmneYLpU_xCZuATp7ipEETwlsaEurJTOk3q1ZOT63QHeiwrd00MZbIeSZiC-Ita-oLVRzcJjO36Fbj8UZvcTxyu6Ol-A2PDsDQ3N_dvjySxA5GJ-1ZYra5nOO8ZMuB73KGf81jNyPHlEJOXKBKxE3ysigUewv8jK09yvLsQv_a1fwPsNbj7IcFgnvcFCQhhtr5ItRnQKfhlWL9vQ7nQua5WRKJZBeczzGSUQaaZypKmmZxsl-tR_7K1og3yiM4kKycgobJ3vD_UzFFWPo0D_OUdmyxXqWITQqJBUIFN9aBneXJKCC&sig=Cg0ArKJSzD1OcK2sncu_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B586 14 KB
10 KB 23ms
23ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f73280ae7d7de0ebf562eee0eb438980f2cee4aa69e499052b8f1911ab242b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10722
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051901&jk=2001957427546074&bg=!Li2lLWnNAAZ4vKt9WLw7ACkAdvg8WigrtuXqjRjM_YrDN7DyYszIvjLWtoTctl4kuuEwj44RBGoXDwIAAAGJUgAAAAFoAQeZArGzl3FFzZM4zOM6kW5dqplC6cHQOhkrwotV4IsERIsj8ETSBI19J5FiCCaPbyI30E-FrbKEuUyR17pCcQYolFwHx_3pXYkchpW4Fs-UDOWh1Ov4iGi19LuYQD4OZslCLK37-mwScyGn_53QXPHWMbV4JQu6yMW5KvetowczZeoavwRLWPCpD2pKc6R6To_Cd0kn7khNVr7kLStyZ4PKdONdFIBVrl-vzYbKaTtzGrGuMn-dlUN1Icmov-AVijws73egeOCUF8UfBXZvDB6Ut4f3lc1sRSkGJo5rETXckiRqXMN6Dh6jCFzONjfLbodw1_j8HjRLfFgvJcxu6cGGjuM8s27-FT676MQ8PEAvl2D2kJVmbldOCVxnYrOriNQUOsf5CiEFQIKJzFo8HPLzFX-E39CmiyMPln7RDMadIJqZMCB9DIGxk9Td1DC7Ve91TCHnDGDKqvXC9yElTW_YYU6akLeOwchm0HGGd22Umd7tet68rB1BvAnA78MwTLTI6Im-H0AStrQqmJV2SXy_XmX7faoTWiLOeG4iuPWE9WXYmZQ1D_gXqe2G5G6GEsKOhgRoucFOQEGUU198LEOHB0CvdLV_vXWh8u0CQ5M460sINUlptnvmlkqypZPzVXAbak3b1pdRWLulpgdVwFDMpNX5qsRpdyzfvXEmxIR13E6ags-Nm9DMnZ5885m__B1hvf-2k26FeI9YArx_5KOKxaQCP3HK_yh-msCNoElNclxh1WbBo1C0O0SaZnTQ03f8A6vQOHkB0ULtm_Ntyn8F39ZqlBr3n1XOyNaNHrU2eLIgSHw6PVcSLcnrX3zE7MdL4Lp_ibuiqNvb29gkJtD6hHw-tvhGdzB0SU2EcvP05VUUEJqAWvdJ1HEGrigdWVOzr1TNk_grmZrmWyQA9RH9qJFZVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5BA7 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK4lfudONYs6QBrG7gAfytbY4yZ7SsVy1mOPWkwHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAjQrXO8s-bE-qAMBqgSwA0_QkO6DjjAv8SkKiE34DblTVzXItrUZyAlPt_Dh5-wd17aeR_tqry42zk79h3PdreiE-Q2SAYs7tDwo4qWVSJ1tNQSV6SW8YDJxljIys5-lW6I19Iw0v0wXGWkPkH4mmGvQOKmkqP2Uvzu0Q09baoc3XX2IHXQELfp2UB5VCvRwPVc0LxfQHVsHK-RDDNwdtj5Isu4jF7rB_xe1EgGxnrhSJ3Gj8G6oWFTPxZR8-bexY7EKSFpN_q3aZ1VXyfOCqCyN48yOP8bzVBN4HMF-egNcIRm7uPU8Ukv3MU3SSUCfYVxot3qoflak4R4DniOGbWwhFEiN0WA_I2ZYeikTPPjVOWhQk1VKVXBpm-Pi2rdl8KYyJ2tMAok8FeARf56qZcgGcc7AT7D_-7gwIJ-r_vd292m7yiRVui3iBh4O1AApdDCSJd91sNQ3MsFteYK0IWNkEIHs-12jRp21FH5ud-8h6dmj3rcjztyYupvATKENb_Ln4QgtsU53TafE8mCfGlQeRr-joC4GVvJJhNlMLdFfL0fu9lnFuOhyVhSsH0AuDTrkEIfBsS-jkzwTB4jYqoAGpv6GhpiRjLuMAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk1MTc3NzI0NTUzNDQ0MDUYAA&sigh=-snaZyqidOA&uach_m=[UACH]&cid=CAQSPACNIrLMVVF8a3eNH1bVHZKaKOFDNIGgIdi1CfwZixv1KxtQmupIPRCoZjRnugjeWJc9blz5HTzVgVPlWBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5BA7 0
0 14ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k6mKE8jHMKwCyAGdg2ICAgAAAELvh5hKdgVf8Kc6mXKYq00QuNONYnbyUEIR2qFUgHY1ABIAAA&wp=Yo3TuQABiE4K4B2xAA2a8qxf2-UR2fY23dsatg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 223205
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B977 131 KB
45 KB 117ms
116ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3TuQABiE4K4B2xAA2a8qxf2-UR2fY23dsatg&u=%7CUGqX%2BeomXONrWJwyT%2FN%2BgzeoNzfZICWRRHy9JInBRwk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoI1Nb-TXZrXOCYQLm9qLuhr7z8Iti4yQ3J4AkqekfEm7MA3iqvTeMFkukbETIeL6b2yR5wJ6dVV7PNgTaIpf3vO7CK-NxwjsO7FGkOgudUJ1whJsfIRw22LM8sZfRGNlmc8TD1vzZdS29LXME3do7y0RefTTLeL96EVVCdQw2jxMmURKHFYsGoQWP5AHdc9SfGkuVPJT9HS1iGFgkbBAdZG4CzPgd4UmmvrrQQoQVFdpjb5VNKzJNspMK4iPS6W99yzzydJhdGgJzvajsrOHvQuWD_xSxwVPTewD8Kxuhhr5JqGbyThtVhnJWqJlxA3dKOVeuIKEdQY37zXaGDWsoAknxKumU1g6DCp1-uKkrVqekEQqL-_jnQMyciAr_Z76GiPlFYmClEqyQBsFTUk8cDU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlOCudONYs6QBrG7gAfytbY4yZ7SsVy1mOPWkwHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAjQrXO8s-bE-qAMBqgSzA0_QkO6DjjAv8SkKiE34DblTVzXItrUZyAlPt_Dh5-wd17aeR_tqry42zk79h3PdreiE-Q2SAYs7tDwo4qWVSJ1tNQSV6SW8YDJxljIys5-lW6I19Iw0v0wXGWkPkH4mmGvQOKmkqP2Uvzu0Q09baoc3XX2IHXQELfp2UB5VCvRwPVc0LxfQHVsHK-RDDNwdtj5Isu4jF7rB_xe1EgGxnrhSJ3Gj8G6oWFTPxZR8-bexY7EKSFpN_q3aZ1VXyfOCqCyN48yOP8bzVBN4HMF-egNcIRm7uPU8Ukv3MU3SSUCfYVxot3qoflak4R4DniOGbWwhFEiN0WA_I2ZYeikTPPjVOWhQk1VKVXBpm-Pi2rdl8KYyJ2tMAok8FeARf56qZcgGcc7AT7D_-7gwIJ-r_vd292m7yiRVui3iBh4O1AApdDCSJd91sNQ3MsFteYK0IWNkEIHs-12jRp21FH5ud-8h6dmj3rcjztyYupvATKENb_Ln4QgtsU53TafE8mCfGlQeRr-joC4GVvILhvjeql7DPPhy4voVhU6KXwCmqUoAFbhQ2LpnQ5C9vySWrQzLFZnh5oAGpv6GhpiRjLuMAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QnrOYqCW5DBa_Czov_wiiv0PKVg%26client%3Dca-pub-9517772455344405%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186313&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944818&bpp=5&bdt=431&idt=241&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1520163529&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=6077&biw=1600&bih=1200&isw=300&ish=250&ifk=4148363982&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067719%2C31067721&oid=2&pvsid=2486711979769719&pem=626&tmod=941560358&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.s10do895xu5w&btvi=1&fsb=1&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9549a77adb695eceb9f02a6a1845fedd66e634b79e44e4615c1c6141dc0e0d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7Dv-Fjm-yCB80C261_nxJWlxwAmm1ovwe5dhHoKU-4C_c4DYjSCOPyjezQLMlBXsQ8tbsinl7CZ9ULwq1XwIh_w11bITsBVuDEi8C2DVDmYJaU9zYi7geFNQFpusNjsft8_VfiM5ongKzi76QbGM52m7yVzWmiqWTrM39kmuoSz6j-dkoirDaV456q1BqfoTWGXHZfRAmD18HHdFbLIPIuXuWcKQ-SZWXrUHqot3cLvp8qQtuTi6y998y1RsOviwlwZ1jQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 95072487
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9802 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=3173046724&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944719&bpp=5&bdt=344&idt=229&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=126749912&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1620&biw=1600&bih=1200&isw=300&ish=250&ifk=1685284269&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44760474%2C31067487&oid=2&pvsid=3888245929453611&pem=626&tmod=1318275688&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.y9ftxvckarvp&btvi=1&fsb=1&dtd=245
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B586 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
DATA 200
OK truncated
/ Frame AE4A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ce8c646512896ca79194eb63ae8ea2620fc9d9f57a86287de0978ee244379ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 810878063665264710
tpc.googlesyndication.com/simgad/ Frame 8956 28 KB
28 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/810878063665264710?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnijSC_exO-DbMHSwqvnzwX6ujDzw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d9026a0adda8f4b5f68678d9ff5b4251f35b6787a5a1c8ab57f4d3e99a941d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 13:47:34 GMT
x-content-type-options: nosniff
age: 148291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28512
x-xss-protection: 0
last-modified: Thu, 12 May 2022 12:36:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 May 2023 13:47:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 8956 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:45:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 8956 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:26:19 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 8956 67 B
91 B 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:15:01 GMT
x-content-type-options: nosniff
server: cafe
age: 45844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 25 May 2022 18:15:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8956 136 KB
42 KB 220ms
220ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 8956 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8956 0
0 15ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVb2eYeFOB-0cEnP-Jdkk-HAiri40XINagReHKFtglN983FABdAw_x7nc7epBq1_RQ4nYr
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 8956 32 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 01:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13007
x-xss-protection: 0
server: cafe
etag: 15107675193488962307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 01:00:52 GMT

GET
H3 200 14093175792309155173
tpc.googlesyndication.com/simgad/ Frame FE31 7 KB
7 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14093175792309155173?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmYhyCMCEKVomwheUtvPuvQlRw87Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=90&slotname=4068205970&adk=2668761221&adf=3173046726&pi=t.ma~as.4068205970&w=728&psa=0&format=728x90&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944566&bpp=4&bdt=206&idt=338&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=2&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1997433642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=187&biw=1600&bih=1200&isw=728&ish=90&ifk=2440170843&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067737%2C31067768%2C31067526&oid=2&pvsid=1060439149467540&pem=626&tmod=175301254&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.v0rnrobqfh04&fsb=1&dtd=357

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9b1d3d33a55818a04e252c75b012725805e896ef6f4e3bca46147bd37b11b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 12:21:12 GMT
x-content-type-options: nosniff
age: 412673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7263
x-xss-protection: 0
last-modified: Fri, 20 May 2022 12:01:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 12:21:12 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame FE31 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:45:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame FE31 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:26:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE31 136 KB
42 KB 220ms
219ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame FE31 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FE31 0
0 16ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWxU4BA-LstRJAGoUzBNFdW3-WSpvHw24oD61AC89Fd4Dh7A2GplUKEymyN0k35Jm59npJ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=90&slotname=4068205970&adk=2668761221&adf=3173046726&pi=t.ma~as.4068205970&w=728&psa=0&format=728x90&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944566&bpp=4&bdt=206&idt=338&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=2&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1997433642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=187&biw=1600&bih=1200&isw=728&ish=90&ifk=2440170843&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067737%2C31067768%2C31067526&oid=2&pvsid=1060439149467540&pem=626&tmod=175301254&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.v0rnrobqfh04&fsb=1&dtd=357
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame FE31 32 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 01:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13007
x-xss-protection: 0
server: cafe
etag: 15107675193488962307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 01:00:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8956 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKf96udONYv2nCbK3gAe_0K74AszNiKFqwdK2_JAQ2tkeEAEggp3WDGCV4pCCoAegAfL7098DyAECqQIqrM9I-fWxPqgDAcgDyQSqBLkDT9DHW5amgJh458sscJR4p1wxfrB6FSPQg6kD4_WYe8v6oh6yUJkusOGEfn27286CjBORLQMNZnMhL1av-00wSZDymcWDyT6q3Ye8vwa2VwvNnO88MbT1b3NdjXR2JeeoFi8jo2JIj81RjiK3n55P59eD3oSzC-TBR2LaH_KNpj2PGS00OHZd-JneSkprl3ifTS4lIW6C-QzyFoeQQZt2QWOntJEvukpiC7WkhBYIz9eSW6OL__Z8lhA5pG7nD1Xo644bUdYZ5YC-xoSR60SNioSScMX6MObLNR0XQcHe8kKuUIuJA-aSZhVn1r7c1crmhewM5KkFmoLXiKHhmZH1Ngqg9pLKs0jS93V_zbO4WDvEl4I2J8P1YQcD68aUjeMS8SQCdYPqrzCrfUzXHutnWyNleKHuMXWtzgfSAJ55IKFtDunP5anVKb7AIdL1PSpSAiW_SGRj6h0fK82Aibnv7Pq8lskZbOKgl2uuJ7VeD51ABr6Th0aQ5-j394arcGl9PegU2x2VzMQvCS6ZuaLDz2AnXaW_1wPPQ34Qq9ERnvuAU7JzRvHzoyAqIspvcY7Or8hCPK4rWEcewASAqobWtAOSBQQIBBgBkgUECAUYBKAGAoAH2eWyJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKTGBtIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NTE3NzcyNDU1MzQ0NDA1GAA&sigh=iR04hAH5728&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B6FB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 455625c4f1438144d7420ae9b6b112f91f99999cdaeda89f13cbbe05a9b93058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FE31 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0xdtuNONYpamOsjjgAeqio2QB_b0yqFqn92_6MUQjJ2ExP4OEAEggp3WDGCV4pCCoAegAYrN1JooyAECqQI0K1zvLPmxPqgDAcgDyQSqBLkDT9B7nJ3yI0VmpRNV4paeCDg1y8Joa4Uz3drarnOOGrYClYs5XYEBMIT3F-KmSShoHqTR2I1BVDYKibkwjx_edhzJhrnFPTByV1zotu4QfYmgOJW3xWQ_H9EpbdOKH-0Kg0_-uu-RibNuAydE1nGtseQ6wsDV4BLhGO7lrho7huZvs1OIbYJiJpp-mCdQ5TOWy-co_5GCg6bhjoF8ZmXvcy1y88yhK27bDh_nYGNC_B83ala6ZzkO4Gl3VFwMgpBhWyt1b8k1XVNl092fMU2g66dRmbACTWOVGTdfxV9tNcUuQSVKm4tOSZ_fU7anuvz4V8bO86Df0zAYArnwj1jkO6vz7_5U5inN6pAE2BUaRp4pQzjxodh1ObYmuykFL7y_SNd-XdtXw-TsPU8GS6xK4dcDLAfEmGUKEl7L04UksvfjM3jphxGJ5nsHg7OOvGpEE2nEQxWhQaVRwEOjubgH_URrDRSdkmAEVbiHcOg1_4rPbquGPkx99K_DF72fAVLfR_kO0jgkuoUI3QXJwbHFZIOOe-BJaI5v4nBISa4zsE2kI4hwWrAloGrJtyCFQVbSZEfqbyxLLIW_wATK1LX96gOSBQQIBBgBkgUECAUYBKAGAoAHioWl-gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD4kAXSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTUxNzc3MjQ1NTM0NDQwNRgA&sigh=p5H82z7du-Q&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=90&slotname=4068205970&adk=2668761221&adf=3173046726&pi=t.ma~as.4068205970&w=728&psa=0&format=728x90&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944566&bpp=4&bdt=206&idt=338&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=2&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1997433642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=187&biw=1600&bih=1200&isw=728&ish=90&ifk=2440170843&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067737%2C31067768%2C31067526&oid=2&pvsid=1060439149467540&pem=626&tmod=175301254&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.v0rnrobqfh04&fsb=1&dtd=357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A396 2 KB
1 KB 53ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3TuQAAQv4K4FlHAAWW8h49Kclk_RwPfp8QyQ&u=%7CUGqX%2BeomXONwI4%2F2NUZgdXLqXCfJQ1S%2FNI8yyxFZssU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4UCR1GnmPW4iMUx47ZizX0Y4aSGCN7nIEkwiC-jGZOmkW234zmh52fBVlpGAg-BIm1fjkCRO3NKb93Bx95kgpbLUC5rc0OR3DCbKifXgAKOxCwfW02eblu22oVGI1dkQyEOMZCbef7_7OnhWzZYah9_LCcm-o2WR6zEjURn_Tp1KPpVAmOSiSAX6QXL8n42a6aT0VG20LcNDQMY_hUCTqixEvZQjtu8Bxupxg--WDmjDgNQKKWXOABYB7l1fKH44sGZgs8FH9JYHg1Roqew1GYh56fMh3_9pThALfKbvFfdMehfm0Uk44Jex0xlf5tedo6gFCMppnW0VppBXu9ZheU-DorSqKuEKWbYLt9nOLWBJrvFjgIPx9rom3KzrYvNka1AdfoVJvcCDRkf792-T-wyWzoYljWVCYQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCI6j1udONYv6FAceygQfyrZaICMme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAiqsz0j59bE-qAMBqgStA0_QNe1SH9skRDYLDE_JGAZwL59M88aceR9VQa8oIrRsB4KGtGsRP4HgpKxo0UFXsjeHl1u69ulC1zD5Nquc3oLCh4HQmf1K2a52QDNpkGcmqHfryGP2UO8X03q4VPgkS9RSiAXo8WE-zXE8dgtXJZ6JG6bsUX-xGEObWvmj4yiOw3qcdfp0-enT37izqC4I6XUecLNOIRSKd0T9xo-bZeRgw5cz7KA1pFkYVtmvq_IfACOKsmWbE7jMJZ-aQAfN_1V4Amk4niGCKk-1UVpqN9U0tPWBCymM2VQqy62eWiaE7XGRPUfKlp0Powv3JWIDanmzKrFWf8jZxegqr-2fsPCk4L6Z6kBqaTnsNalnWwwc2l7R7d29bjg0_85En2K9MqbH2jKy-Imvv16ALXTS9_GM14zPyOU_1c4j83DfVdMYPN-WoyTGc2WCdn0O2ZYcnyNgndAEEB_IxPR3wlILDj6ZceQWgqZaqk2P3SNIXeks7Vsh-r_vMksMaISaThZtkBdzEbGqC2yAPBfVtP-TEK8wZXQbZlyIuJh7Td61KbK31G0HnwADIxoCZRcreYAGpY-0v_P7nsBXoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EdG8bWbPFAZVfgY4ORv9FWe5rQA%26client%3Dca-pub-9517772455344405%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A396 2 KB
1 KB 65ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A396 308 B
636 B 18ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A396 293 B
622 B 15ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame A396 43 B
348 B 56ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=u11nPxFmQ0aXkbqymCTlEtxoLgkjm1Zc_xLlX2MBeymWkU5oD72z8nJ3-FL2s1W2v3N0bJ7TYcLTxH9o26oaQA001EjtzQ2-OCDlVvxrx4qqluSZuy4TR1N43tCFVsdDaOJfK6Y28U8-SvojbD1K5SdObGU8t0fKvnRrcMMe-mi8Vs9YUuAVn6fByFNxwGSGo64dXicG5TcxeZ-vg5t4csD1uRBeutwk0SbL6STdynEwGhcKspdivTocMt1mvyCnD09shf1EFHRkf_hjKnYMUGoxHhKwu19xU42UqNbMjFrxIrJFXqqmf06SWDshm8UZSCBO0N1dssGwxCZvJdmWwzwz2-NbYNL_0WWC6J1cM0GxDcKfaB1Gzw8qaTEiFvCcc4VflLC5TlIzz3oj1Fnx2nxx5N98pq29cj-Iu6-OLjSk3YlR6x58jPfQu8aWtffpi2Y5lg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:04 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2883594
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5BA7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4d4773cfafbddd42051b07821ff1f317a73860e7d2387e46bf3e523009792aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C77 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 947D 783 B
536 B 20ms
20ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5617b876fedeedc3f196ef91780fa8077b80b15a6b8a304827fe9ac2e424fcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DokcFBFTxURyZE4OwTkSpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-DokcFBFTxURyZE4OwTkSpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:05 GMT
expires: Wed, 25 May 2022 06:59:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B977 2 KB
1 KB 29ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo3TuQABiE4K4B2xAA2a8qxf2-UR2fY23dsatg&u=%7CUGqX%2BeomXONrWJwyT%2FN%2BgzeoNzfZICWRRHy9JInBRwk%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoI1Nb-TXZrXOCYQLm9qLuhr7z8Iti4yQ3J4AkqekfEm7MA3iqvTeMFkukbETIeL6b2yR5wJ6dVV7PNgTaIpf3vO7CK-NxwjsO7FGkOgudUJ1whJsfIRw22LM8sZfRGNlmc8TD1vzZdS29LXME3do7y0RefTTLeL96EVVCdQw2jxMmURKHFYsGoQWP5AHdc9SfGkuVPJT9HS1iGFgkbBAdZG4CzPgd4UmmvrrQQoQVFdpjb5VNKzJNspMK4iPS6W99yzzydJhdGgJzvajsrOHvQuWD_xSxwVPTewD8Kxuhhr5JqGbyThtVhnJWqJlxA3dKOVeuIKEdQY37zXaGDWsoAknxKumU1g6DCp1-uKkrVqekEQqL-_jnQMyciAr_Z76GiPlFYmClEqyQBsFTUk8cDU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlOCudONYs6QBrG7gAfytbY4yZ7SsVy1mOPWkwHAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTUxNzc3MjQ1NTM0NDQwNaAB1bbS6gPIAQmpAjQrXO8s-bE-qAMBqgSzA0_QkO6DjjAv8SkKiE34DblTVzXItrUZyAlPt_Dh5-wd17aeR_tqry42zk79h3PdreiE-Q2SAYs7tDwo4qWVSJ1tNQSV6SW8YDJxljIys5-lW6I19Iw0v0wXGWkPkH4mmGvQOKmkqP2Uvzu0Q09baoc3XX2IHXQELfp2UB5VCvRwPVc0LxfQHVsHK-RDDNwdtj5Isu4jF7rB_xe1EgGxnrhSJ3Gj8G6oWFTPxZR8-bexY7EKSFpN_q3aZ1VXyfOCqCyN48yOP8bzVBN4HMF-egNcIRm7uPU8Ukv3MU3SSUCfYVxot3qoflak4R4DniOGbWwhFEiN0WA_I2ZYeikTPPjVOWhQk1VKVXBpm-Pi2rdl8KYyJ2tMAok8FeARf56qZcgGcc7AT7D_-7gwIJ-r_vd292m7yiRVui3iBh4O1AApdDCSJd91sNQ3MsFteYK0IWNkEIHs-12jRp21FH5ud-8h6dmj3rcjztyYupvATKENb_Ln4QgtsU53TafE8mCfGlQeRr-joC4GVvILhvjeql7DPPhy4voVhU6KXwCmqUoAFbhQ2LpnQ5C9vySWrQzLFZnh5oAGpv6GhpiRjLuMAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QnrOYqCW5DBa_Czov_wiiv0PKVg%26client%3Dca-pub-9517772455344405%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B977 2 KB
1 KB 16ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B977 308 B
636 B 28ms
27ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B977 293 B
621 B 12ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame B977 43 B
347 B 21ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vqSY_wGL_4HonVeZ1CpysfUcDfSGNI1ydAnbsE_5WSprpaTfWzrGQ9SAseXKeRVbfCiq47bLvmjuf235mhqQVo7QQmPstaUGVlKEzFoOzXsymHghiKznpK-GpjJc_r1LdJr6F49l2hA3-p4usniLF4b6hhvCRaFgBY_5GYPSVOUnkbZW--jKVMViv6-Z4ayfw_SHBvvY50mgBpQWRq1hlm0SvyzZyAMnZV0fZH1gyLne5VEoMcHwgxx6Fkos5W870puJpHmyjj50lYA4AJ7Fd0ZVEMrbPzG0kjZDJnIfz0Xla93SMifS2M18ATGb09_bx51u3OavlN3Lq69UqKW0kVJz1obUEj_YZZqFYVBirZzbv44dwlQ2YlqSF6uRtBJ3nK9t-xOoXTWgwTfZriAh_LyTTxKbW7ahpA3MS_Cy-e5ojbNPijsahO-XVt3EUpSBWOz8-g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:04 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2990636
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FEA 143 B
163 B 9ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AAA 0
0 42ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth7M-hJ0NYARJGXNUr7xSC_ieLIEk8cq6hC-G4cS5S9tnI52feeYKaPdTgFXMR61ekRYjHpWPF0Eqm69rEhSypoC5ilj0aQZ3rjF-cXp0cCzveCArIqXiKRmAGQRKPer4oisGpIs-Ex4IQkV-Meq8vU1V9KAdpu-uyVm9Lc9KIjf_MJMuhUhx1XX9b2A5WCe7glp45AYz5Vo2A2WB-yWiK7lsww6CM12G8-bKLoe4RiI9Uw5ASFMSG6Yok_d3ZW9TooEkXS11UEPVV4GaHRbJ6bow2usIj1MImT1xfWsuZwm3uTPi2nynSx_Tk49sSpJrl3seUrMyBC_QerG8OUQsvyeX108P6ehejDI2n_9Ze&sig=Cg0ArKJSzP7Xt7zxv4McEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0AAA 14 KB
11 KB 20ms
20ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

fa3156db029436cac0784abf54572079577ccff55981c1f6a55597b771df03e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10772
x-xss-protection: 0

GET
H2 200 ping Show response
audience.contextads.live/ Frame BC19 645 B
905 B 1153ms
1129ms XHR
application/json 2600:9000:214f:9c00:19:be69:b800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audience.contextads.live/ping?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&category=science%26technology&device=desktop
Requested by: Host: dac.contextads.live
URL: https://dac.contextads.live/blank.html?url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&amp=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9c00:19:be69:b800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 1b0bc51b29cde2d8a6c075d7e0ff82691ecb271addda3840a38341c40a0fb4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dac.contextads.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
server: nginx/1.17.10
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: *
x-amz-cf-id: nkjmYjeygXgI3jNIc1EPQjVXfqnZTpHTx83pkJSQYaUJNornPeiXfg==
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F24 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=90&slotname=4068205970&adk=2668761221&adf=3173046726&pi=t.ma~as.4068205970&w=728&psa=0&format=728x90&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944566&bpp=4&bdt=206&idt=338&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538%3AT%3D1653461944%3AS%3DALNI_MYMWfbpyslS66tnoSaGjFAjBDYQow&correlator=6633330513117&frm=23&ife=4&pv=2&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1997433642&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=187&biw=1600&bih=1200&isw=728&ish=90&ifk=2440170843&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31067737%2C31067768%2C31067526&oid=2&pvsid=1060439149467540&pem=626&tmod=175301254&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.v0rnrobqfh04&fsb=1&dtd=357
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 96ms
95ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://indianexpress.com
date: Wed, 25 May 2022 06:59:04 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A396 12 KB
5 KB 38ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2750222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49bMFvBVAG0I5a7agUk5MppsxQ6umHs5%2FFzpgkU6k%2BdzXQoHVYiJBr9fn64VJLq7bUczhlB338yB44U2t5ST3lLSm4tmUNalNXSIipBqKMkZdxnwsW63gImOGvzqQj7VDHXO9Q8RIExAXxBEGH5oo%2B%2Ft"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 710c62e77dbe90e0-FRA
expires: Mon, 15 May 2023 06:59:05 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A396 12 KB
6 KB 13ms
12ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame A396 56 KB
56 KB 61ms
22ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame A396 58 KB
58 KB 103ms
65ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A396 11 KB
11 KB 47ms
13ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2F38915ce5a9014305aa822c2099e328f0_square-white2.png&v=3&w=196&s=9o3m67GO2HSvvdWn2EEFxAmf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bacf174040d2531a85c8b458c6f2e2cc3856fb73c9a5ae05440a38eb8abdab84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28596636
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11331
expires: Fri, 21 Apr 2023 06:29:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A396 116 KB
116 KB 68ms
34ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2Fd62afb5e0aee42948007147eb3e87c82_img_vertical_1.png&v=3&w=1200&s=WLqKrbX08tEhVti6crCiUBZE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e285a682b03da689303b5c67f387ab0517ade17b3295d67b0568082b8dc42b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29123115
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 118320
expires: Thu, 27 Apr 2023 08:44:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A396 38 KB
38 KB 80ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7865e9e3-7f69-4799-8388-00d873fe870e_da728b7c-9233-4b0f-9e66-8edf570fb440.jpg&v=3&w=400&s=UZgR-oFP0VXSyoi7v97vyPGO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=368542
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 38416
expires: Sun, 29 May 2022 13:21:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A396 37 KB
37 KB 58ms
25ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fb2e11661-b20e-4828-a072-a1d919ba832c_e4b2427a-8751-481b-abc0-8e8fe8802561.jpg&v=3&w=400&s=P9BEQrvcVjKdXsXMpChdvDPE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d679e8edf16f18e378442ba57c1983c696d17ee9e1d08c52139985f20fd187a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=353305
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 37914
expires: Sun, 29 May 2022 09:07:31 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A396 0
128 B 49ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5ebeBzm-yCB80C265pubhZRKLbw4sQ_GGj4Pqanqi6yL5A_haXOsJBfD9ba-KgLv9vUiN7Q7GqO5OmO-9pMvsnnoSmWaiCb7FyWYM36MBdX1HkqMr0Bb3KFTB2N_pmQ1X8ySEsk3PamwW0PkG3-xW3aEct4HdDy5OcSjKlLxotA5Jnkm4ENm530BYHlCHCbZ9nLYHgyXnBIApKm4zwD1JG-nf7bmr1dV2i54kGSqXK0UhqagpIiDTEUrYP5I-2ir4ihZMA&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A396 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A396 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 rtb_ajs.php Show response
delivery.contextads.live/www/delivery/rtb/ 10 KB
11 KB 528ms
470ms Script
text/javascript 65.9.63.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=919&cb=40766073605&charset=UTF-8&loc=https%3A//indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&referer=https%3A//click.checkpoint.com/&containerId=impulseadcontainer0&product=impulse
Requested by: Host: impulse.contextads.live
URL: https://impulse.contextads.live/main/impulse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-107.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a764cfa29858990e578dd14b9f47a94d52fc6909931df37f6cf625052af2a7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
p3p: CP="CUR ADM OUR NOR STA NID"
etag: 18fbfe02d61e057e2e977d01846b64a3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
x-fmg: 43.232
cache-control: private, max-age=3600
expire: Wed, 25 May 2022 07:59:05 GMT
x-amz-cf-id: kWuzWjxfpZ7OiACZyXOL9DSObQH_6e4pP1UPlNJmOoBa9VkaKiHLgg==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9802
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
20 B

66ms
66ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:59:05 GMT
expires: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:59:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame 23E4 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C6B5 6 KB
670 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186319&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944844&bpp=3&bdt=433&idt=240&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1961895520&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=1230151253&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31067737&oid=2&pvsid=577011371732562&pem=626&tmod=259749370&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zgf9ega0ongu&fsb=1&dtd=253

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 06:05:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 06:59:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame C6B5 2 KB
907 B 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:56:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame C6B5 21 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:45:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame C6B5 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:26:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6B5 136 KB
42 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame C6B5 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6B5 0
0 16ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrFQEePKsUG6jQ8OuLgefrZ1t4KRPIXL4KzVm3a3GbeZZHW00aI1rkN3Fxp1bOX1N1G2EL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186319&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944844&bpp=3&bdt=433&idt=240&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1961895520&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=1230151253&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31067737&oid=2&pvsid=577011371732562&pem=626&tmod=259749370&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zgf9ega0ongu&fsb=1&dtd=253
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 937d951ae0167fdfcf48a5545b1fd715.js Show response
www.gstatic.com/mysidia/ Frame C6B5 30 KB
13 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12375
x-xss-protection: 0
last-modified: Thu, 12 May 2022 07:58:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 14:13:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AAA 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B977 12 KB
6 KB 14ms
12ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B977 41 KB
41 KB 27ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=94347&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94347%2F220510%2F9861ac33dce54977bb2bbb12c4c01c8b_img_vertical_1.jpg&v=3&w=1200&s=zMtrpRwU4pUeiqCX73FMURvA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

413849e3f0b86572e1e6382c673efc411afa7018d2495ea11dd9039c3ccc49e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29819259
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 41792
expires: Fri, 05 May 2023 10:06:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B977 5 KB
6 KB 30ms
30ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94347&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0577%2F7398%2F1861%2Fproducts%2FSTW_PDP_Motive_Freisteller_1200x1200_LH_HS_500ml_Front.jpg%3Fv%3D1652265264&v=3&w=400&s=4FFDkzQIMEBYFPS9vCrrl7jC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a6d15d99e2b992b717b263a00ffed29dd18082c9aa3658b255355cf56ffac762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30400723
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5426
expires: Fri, 12 May 2023 03:37:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B977 7 KB
7 KB 30ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94347&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0577%2F7398%2F1861%2Fproducts%2FSTW_PDP_Motive_Ingredient_1200x1200_DFM_1c85a6f9-b5cb-4275-aa83-5ebbb6682a4c.jpg%3Fv%3D1651053310&v=3&w=400&s=dffsrnBJihSQYN6oBQgPybj9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ac7303c805af0335a95fa23a6c72aaa24ddd88358b1c143d0cea3289b07d3d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29191416
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7390
expires: Fri, 28 Apr 2023 03:42:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B977 6 KB
6 KB 30ms
30ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=94347&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0577%2F7398%2F1861%2Fproducts%2FSTW_PDP_Motive_Freisteller_1200x1200_RG_S_500ml_Front.jpg%3Fv%3D1652266006&v=3&w=400&s=eT0hiLNUBGKYqKACRMA5PxzD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

71ca2c06ae704a7f92397060d87ec5a420b731d6cf29794fb6e3a7e4444780ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30487044
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6298
expires: Sat, 13 May 2023 03:36:30 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B977 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=7Dv-Fjm-yCB80C261_nxJWlxwAmm1ovwe5dhHoKU-4C_c4DYjSCOPyjezQLMlBXsQ8tbsinl7CZ9ULwq1XwIh_w11bITsBVuDEi8C2DVDmYJaU9zYi7geFNQFpusNjsft8_VfiM5ongKzi76QbGM52m7yVzWmiqWTrM39kmuoSz6j-dkoirDaV456q1BqfoTWGXHZfRAmD18HHdFbLIPIuXuWcKQ-SZWXrUHqot3cLvp8qQtuTi6y998y1RsOviwlwZ1jQ&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B977 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B977 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 06:59:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1D18 6 KB
670 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 06:03:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 06:59:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 1D18 2 KB
907 B 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:56:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 1D18 21 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:45:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 1D18 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:26:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D18 136 KB
42 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 1D18 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 06:57:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1D18 0
0 15ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQl-rHOOIj7bM_ny77MqOFfcQ8CkJZoS9i-KDaOMXNi_bjuNw5vIWd32zJ5exu5hnMrcOUl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 937d951ae0167fdfcf48a5545b1fd715.js Show response
www.gstatic.com/mysidia/ Frame 1D18 30 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 14:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12375
x-xss-protection: 0
last-modified: Thu, 12 May 2022 07:58:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 14:13:07 GMT

GET
H3

200

B25164142.293005020;dc_pre=CNr5rN-J-vcCFUzydwodzJMC4A;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=440377857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= Show response
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/ Frame C6B5
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005020;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=440377857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005020;dc_pre=CNr5rN-J-vcCFUzydwodzJMC4A;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=440377857;dc_lat=;dc_rdid...

43 B
64 B

48ms
33ms

Fetch
image/gif

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005020;dc_pre=CNr5rN-J-vcCFUzydwodzJMC4A;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=440377857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Protocol

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005020;dc_pre=CNr5rN-J-vcCFUzydwodzJMC4A;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=440377857;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6B5 0
0 50ms
48ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKNJCudONYoLJB4atgQfBs6GgDO_g-_Rp8e-lltgM2tkeEAEggp3WDGCV4pCCoAegAZTW7tUDyAEJqAMByAPLBKoEugNP0FfJKaoV4hj-CvY3NcbA_mflHhFj6IBIWAddCigHWskxCBi9gqFB79DlO3qq6kwGp3ZVMyVUXZ0UJdaaPSH7XPinG4kgX3sMVIFaULRmky1XefWb-p4dFzVUCUlCFdkuDyBpvEgZX8HllLw1CjQNGGd82BaPATA54kc97K8yWuvC1T7-6G5oBisOd7ru4fbVulnpi6ZV5uQ-ccI8yiFkZUvG7eUNM5POOLkDL6bRDHUREWqwH8O_nmXg_w5sGTp4hFJJojZo9G-G-SxV4aB5dlLMmVIq5RxXojISMe08iDvCZwPc6wdFBYER80VE5k2oRV1RBzLJsN4Yy6UhMAtEqfCdfVGREyEIyBFEpiGU9Jab7Mlx788gEePE64S7zQ-5HfIo-NeMTmSG98N_sA8yB0zf6Jb0dXFUFUglI30MGAM6AEe9icgtrfUAWAO9iFFqYJRBRgg2liWtotE7wkC-8gR26DbFhoPSvk5VZ8B-GNuLlJ9d3yikArck-ruhSHmvOA1aWT3SofrXYfe8gVE9CZNTHfO-ZdDhssSVle1OYrako0ELpzNK_qbFbRHtRBVaeh4NUmRPhiTuwASUmuC7ugOSBQQIBBgBkgUECAUYBKAGLoAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIbrBtIICQiA4YBwEAEYH4AKAcgLAdgTDIgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NTE3NzcyNDU1MzQ0NDA1GAA&sigh=rruR-GKSoX0&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186319&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944844&bpp=3&bdt=433&idt=240&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1961895520&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=1230151253&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31067737&oid=2&pvsid=577011371732562&pem=626&tmod=259749370&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zgf9ega0ongu&fsb=1&dtd=253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/7675176525192851844/ Frame C6B5 29 KB
30 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7675176525192851844/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aeeb82071d5cf55b3b8435b319ad0fa4f9742ca0070a295e3796fe27b144314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:39:44 GMT
x-content-type-options: nosniff
age: 418761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30188
x-xss-protection: 0
last-modified: Tue, 18 Aug 2020 18:58:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:39:44 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13949630039595074571/ Frame C6B5 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13949630039595074571/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cdb3d5483b3e94c0ec7a37ad6d0c2efe5985ec59d4ac70768f5f6bab94b3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 06:06:36 GMT
x-content-type-options: nosniff
age: 89549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2096
x-xss-protection: 0
last-modified: Fri, 06 Sep 2019 19:31:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 May 2023 06:06:36 GMT

GET
DATA 200
OK truncated
/ Frame C6B5 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

B25164142.293005005;dc_pre=CKaIrd-J-vcCFQeTdwodoI0IDg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=1914432199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= Show response
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/ Frame 1D18
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=1914432199;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CKaIrd-J-vcCFQeTdwodoI0IDg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=1914432199;dc_lat=;dc_rdi...

43 B
64 B

41ms
27ms

Fetch
image/gif

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CKaIrd-J-vcCFQeTdwodoI0IDg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=1914432199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005005;dc_pre=CKaIrd-J-vcCFQeTdwodoI0IDg;dc_trk_aid=486104933;dc_trk_cid=142460235;ord=1914432199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1D18 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnUFaudONYvKpCIm8gQehw4ioDO_g-_RpgcmkltgM2tkeEAEggp3WDGCV4pCCoAegAZTW7tUDyAEJqAMByAPLBKoEugNP0Hac9pe_RAHCW-3JAOKXSudOmueUjjD6VNSUg6ws1XtFWeN6qwEDbZAIoYewFY0Ad2kilkpv2mJNKNMgvxP1B8XNfDhFFLJ7DOCOXVvEz42kMpjfMB0fAN436MSvbp-czmrQMZvjG0S0GhTwKjUtOhCHQDJfbrabHAwBHQKSAJKG5ADdJc02d2zmQsSSzZ0WijSIwkfigK0kzeVoGI9GO_9KxlJtT2LlyPoyKzu-rMbOKdf4YtootgOxz5-T4huhF2-huLDSzj9Z6MGPWaKu1-BxVHYk0fAjFaFil9LtTYKenyJOiHoY8L5qM4GsXC_iVwD8dzcsMYskWjubV_r70W0QpzJMyZzL8PoGPwyczRsNKQHz-FBvLc_Ec7Bc-DQitdwrmkKQgGqOOtEhnHQsM76mmAPGbWXIFf1WgXtXQ_khyeVnZg0kRl9nlSuPT0SxZpLPQFWd3OW6mu9JQWZHbIDs8MYrOywQDj9nO5vXnECLiLrmLfG5f1TvueKVoEaRXimbo4OiBTX1YHOGoGeKF0hS3PUmCglBTh6QFRxhpPB0ctpX8tO6w2YRp0KG_86qfXE5vfF-mkeJwASEnOC7ugOSBQQIBBgBkgUECAUYBKAGLoAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ3kDNIICQiA4YBwEAEYH4AKAcgLAdgTDIgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NTE3NzcyNDU1MzQ0NDA1GAA&sigh=4rNf7BO0P90&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/7675176525192851844/ Frame 1D18 29 KB
30 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7675176525192851844/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aeeb82071d5cf55b3b8435b319ad0fa4f9742ca0070a295e3796fe27b144314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:39:44 GMT
x-content-type-options: nosniff
age: 418761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30188
x-xss-protection: 0
last-modified: Tue, 18 Aug 2020 18:58:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 May 2023 10:39:44 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13949630039595074571/ Frame 1D18 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13949630039595074571/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cdb3d5483b3e94c0ec7a37ad6d0c2efe5985ec59d4ac70768f5f6bab94b3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 06:06:36 GMT
x-content-type-options: nosniff
age: 89549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2096
x-xss-protection: 0
last-modified: Fri, 06 Sep 2019 19:31:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 May 2023 06:06:36 GMT

GET
DATA 200
OK truncated
/ Frame 1D18 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 947D 0
0 71ms
71ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=312738747088414&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FEA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
20 B

84ms
84ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:59:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B666 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F05C 783 B
535 B 15ms
15ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

765627508947180a42829190500cd0098e7d06b955d6df83ab8f610ca4f8522f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-elcsKv4Rz1vsW2109KawSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-elcsKv4Rz1vsW2109KawSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame C6B5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52570bd0b8fa7183066d23d49cc73d2cbb0fea8e7d556bf6d525498b65e6c18a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B0C6 0
0 42ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ4HNDQXRR_W_135s3agaZ8FGH2bYGHspT1YWX3Kg2OpDXZDTSfjkObG442p5f4Qf4EmCAUBOXAQQN6bZD3CWDsIDsoms3sHNzP4V7p4mNiQWP3oXgBPmOKXc-RntkJL6wiVMKt5EVJ4jTRjUoN4DzW1td0oOFziwcnDoNyJ50ak5ErkcBli0sSw17LzYN-v7nAhqH5eQ36H6e0btl9YN34M2KKfi4MMKnLeL6DoNIwO_1Y6ufaOWVypEkTZnfM8LPgg2IUmZA0ered3g_CS69CH5XKfKd5t9TnJ0jBtZOchofv0PldccbkGpM5Yhi7qlM0MiTwq2LnGAsPOBJY0jzHOHSuJQ3YYGmDsn7Vr1EmQ&sig=Cg0ArKJSzM3ZOgtVqA3uEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B0C6 14 KB
11 KB 21ms
21ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f53af5078efd5243e37c019f2c3cf77c6bd3b50c3fbf3a613d9bdf1cc88058e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10746
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6B5 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 129070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 19:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6B5 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 80003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:45:42 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6B5 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 137960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 16:39:45 GMT

GET
DATA 200
OK truncated
/ Frame 8956 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbba7edb0f9837917860836f386d2fe390c8bc3c8c6a4a569ba839906ec443d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F24
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
20 B

84ms
84ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 06:59:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1D18 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6795a6f66814b046bc9bb218cc3fe4e8bdf28f53be8c2f19a6e9d3310e9cfc5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FE31 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ad57c3065ac0de4072e40b23890156cc75ecc4d589013f31cf440f694306a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D18 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 129070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 19:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D18 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 80003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:45:42 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D18 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 137960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 16:39:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D36A 0
0 42ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYUPxy8bL9Tgw6ifzvnFvsIrfnB96VgT5HUprZY55oB3ROhZ9kRZ4dC0K1n6XPO1X0K3lXuYRshfapk8Cyy94VN3AHXPYbUDfN2StKc4P59lhnAOvHiG7Cgkzik4cbFSVDr2cj6TsVWcS7D2KlQbeTD-KMoVwBKTVb1qTrQd9oMPNcTifN-D-KbiXQ2pOmaoPhVZYCU8YuxupjMWdjzVvEs_ndJZfIS-780tOw2yoK1-c0BJV70WJ8lEcQtByA82Q4OQZOLdxh2Wu1ohoL6rhc75fXtUQQyB1Kn80bGRyJ8E76FJ44PTYQ3AIe8zA0qFncaDsWq4WFK0aO4TGA761c_dQ3XuFB_5gH3WEBrvAv&sig=Cg0ArKJSzKnt6Arn4HiqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D36A 14 KB
10 KB 28ms
27ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b0c9d06cd9d9aa2fa520ff290116193df9eafa79e7489d123a0de6b62080230c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10675
x-xss-protection: 0

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C77 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E78E 0
0 42ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqpKGXrCHeLVN9jvEzaIaNzd2O_x4BJnt31Ycn1SGsmIXOW3rbzwkAKGBBmAjBl5JcaYmfZ7jDErbUkLNxdL63O3GI3rzRlIZzs82-u-6J4naFDwkPX8A5F4NDOIcpb9fxlyNtVPrmy3thI-Z75tt6fBqdw_vOEhN6DDeAXEOz30UZBORNPmT80SllvcqXo1HSdtxbf4TopnYYjo-qboqSeisxXM2JFgJwo2OM0txzCTd_xYyPw2rk6Mo4AYiQyY_HvJDywWzhAFluQnKYoIwp8aiPRsfqfkkdEO4YPkquwIeVbkgYwTxGJbyGEEnl_aUgRicyqESqL2CgAD-B5ucdT2jfpPGaj8SlJAQv&sig=Cg0ArKJSzEQrlE3_GqnHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E78E 14 KB
11 KB 21ms
21ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

094db16fea40bb486e075a7012185caf6853230e828bf2b0780d059526ab3989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10833
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 31F8 0
0 44ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhH2Si-0Q0O6p0tAPC5fDtRjfXfwwYiqRoZ48IVrDgr4HzkoNOYFRqrujdVD0yud6ExAutJEakrmdPvdZ3kDCzluVfbu2v72H803reFAY9BWw1iWTGMMDgXy24JYdoMzbA6zOxBsEs9It91TEaXjZi6sJjmP3lGVgS2u2FSnL5ODgObkZkMru-SEOoi0uKgpYtjt_y6luLmc1mG4vous5cDim6qh_VSJ4VjIzZLZKlSEy0pjO2sW3e09dYg5shoN9xHA0hCwkkTmjrBMvJRSR5bKheGAKj-e73T7VXpSV3l2WNOb7Gd0MeYiQYBu0q_bzKk4V5aRb4BpeqXvjMQEdhTAXvSixp0aXYW6pF&sig=Cg0ArKJSzFKTtQJ-spR6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 31F8 14 KB
11 KB 27ms
27ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f02eecea0a2fa8b1fcadbfbff62f851802e7225a4a21693e94dbf8ea7d86862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame 479A 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame DB30 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

POST
H2 200 rtb_ajs_l.php Show response
delivery.contextads.live/www/delivery/rtb/ 3 KB
4 KB 845ms
845ms XHR
application/json 65.9.63.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs_l.php?zoneid=919&cb=40766073605&charset=UTF-8&loc=https%3A//indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&referer=https%3A//click.checkpoint.com/&containerId=impulseadcontainer0&product=impulse
Requested by: Host: delivery.contextads.live
URL: https://delivery.contextads.live/www/delivery/rtb/rtb_ajs.php?zoneid=919&cb=40766073605&charset=UTF-8&loc=https%3A//indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&referer=https%3A//click.checkpoint.com/&containerId=impulseadcontainer0&product=impulse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-107.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e0193b97613a437f76ed5c73987dc456a001b64cb156bc23d2a53dd8f80095b7

Request headers

Referer: https://indianexpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://indianexpress.com
x-fmg: 41.181
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-amz-cf-id: zyhCQDtGObE6eFhDi-IztSuSMebm4kFi4ZFlmnOe5xL1SKOLMCokYQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B0C6 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D36A 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E78E 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 31F8 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE4A 42 B
64 B 42ms
42ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstThnkyRY_6qNTha8PKnFoIg9V7KBytncN2K5W7t7IpZXXkREtRXQJk7QQFmd_B_SlFnaRPOGOaJDa6Zil85s7r&sig=Cg0ArKJSzFuJnSHQ0HtqEAE&cid=CAASF-RoSbFF7_pc7Nuen2SsxT9z5IQMyNA-&id=lidar2&mcvt=1116&p=0,0,200,336&mtos=0,1116,1116,1116,1116&tos=0,1116,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&vu=1&app=0&itpl=20&adk=2703873347&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653461944991&rpt=282&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC4D 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5274 783 B
536 B 16ms
16ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35fabca43a7ad61688737989b5a052c2b83934ac7182a94fc8bbaabef17e2fca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H6oa7hCQWXcB5hwv6pjPGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-H6oa7hCQWXcB5hwv6pjPGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02C9 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5EFC 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dbfd29bb7cf663257119ff8d2afebb46925a6a41251ecf65d477a5b6e0ccff4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q3immAFemxisjuHMhQvMXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-q3immAFemxisjuHMhQvMXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3988 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0779 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

853fc85b6e395a7b33fb925f919211725a357a96bae0df0f0c2af9d92e8f207e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ukb6ecKTf9cEuUKjyhXcAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Ukb6ecKTf9cEuUKjyhXcAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F05C 0
0 55ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=3888245929453611&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame B666 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FD7 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2EA1 783 B
536 B 16ms
15ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f5054751073d6c5035f9a65b78214b4be8f8323504161f705399c42e079e24e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1rXSsF5gkKWDLRuUgbBa5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-1rXSsF5gkKWDLRuUgbBa5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCDA 0
0 42ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxOU6Pvn2IKrknYMq7UrErcpcjM6rF36zjolMckMxrSns61vVnKgQKhbyREGNcdNQEqqYvdPWBeP-VPO_HTYnOT7pDu-5_r0tyo9cYXc_Z1-JoX_biH0GQY1z8JmOQ_-Vo9Mz7Xby8T51lR_Qp5vJmnHRBjU6lPSZROvFZSxGoYvihHVWIvCfgp5wqYkOtxrSpsLkVj_Q5RFI3t7xr96Ex_mhsSjgm-Wwx65DwIjqxmkxjP0RMQRhc9xf-drfns_SYuRWgwhi9MCQamtNQ6KAR8JfQrp9YSOa--chUCSeZBUO4zJh9F-yTknZNjXTz12c8dEMtPYD5vnHYhamM4oxKL8ZGZ_vq5nkgcXUlxI1_Q1Ig&sig=Cg0ArKJSzIBzaVh0e3zDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CCDA 14 KB
11 KB 21ms
21ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

08590a5798d083bae61a9e150f5d3c1528e8e1bb881ed249c971d9d6fabfe0fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10730
x-xss-protection: 0

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame D3A8 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=200&slotname=4951621119&adk=1023093403&adf=776186318&pi=t.ma~as.4951621119&w=300&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=300x200&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944863&bpp=4&bdt=445&idt=255&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1422693399&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=485&ady=1735&biw=1600&bih=1200&isw=300&ish=250&ifk=4024368262&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060566%2C31067526&oid=2&pvsid=1551451338840537&pem=626&tmod=213751737&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.x81udrqi55iz&btvi=1&fsb=1&dtd=263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CCDA 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D703 0
0 41ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse9TWPEFXqj1cuSKqRX0j0HbvG6gFu2VeSsBvyABjLU10qs4pAzDxJ4MLAScrTYVkeOt4h9pBsJcjcI1uv_Z_GHTfiUxNieHTUZRxns1eZCmJo1dkvg_xboWlRwqYKPLgT2oCtTj-_GcaP1l4H0nI0LbdgxDhuG037HDLQdsOOgt1LNz6fwE99luARBvq-6_m6I7r3ixz6yM-5RLO8EGql9vpuL_4oUfgOYY9knkIBYe9PTxvaTpXkS5w73VtuA5IKNaX9KkW5ejwg4lTdPd5aamrJaT98PwlEGgSHYbATVaOsWQAZV9NFVeAM_M6nCrc-cZa8NcHCmmarWzU97N9DZ2OqqDz7P3eLmTqrpXQ&sig=Cg0ArKJSzLKZNAzVyV5MEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D703 14 KB
11 KB 21ms
21ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

be16fe46642593fa74b79b49e543ba273fd0c88f4a41e5245dabb07c6ee58156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10745
x-xss-protection: 0

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C99 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 11:16:47 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0C77 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NkRnCQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D703 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 06:59:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5274 0
0 55ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=2486711979769719&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5EFC 0
0 55ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=1484438737876758&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB80 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 039C 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4774d4e399c7a42233a64388a9c4a7f57c14aef1c87435776ccfcb39be2c333

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_RnL0IHZaijyNDAsmGQgFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-_RnL0IHZaijyNDAsmGQgFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0779 0
0 72ms
72ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=3994957088664466&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2EA1 0
0 47ms
46ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=577011371732562&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame A396 0
127 B 14ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 06:59:06 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 uatpmap Show response
ua.indianexpress.com/api/resolve/ 35 B
523 B 141ms
141ms Fetch
application/json 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/resolve/uatpmap

Requested by

Host: ua.indianexpress.com
URL: https://ua.indianexpress.com/personlization-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

69f765a8e81f52d7f7ade69e07c946f97f9b6ccc07e3f5cffd67825ace0d9c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

x-request-url: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw
Referer: https://indianexpress.com/
x-requested-with: https://click.checkpoint.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/json

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
content-encoding: gzip
strict-transport-security: max-age=600 ; includeSubDomains
content-length: 53
x-xss-protection: 1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
last-modified: Wed May 25 12:29:06 IST 2022
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://indianexpress.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
expires: -1

OPTIONS
H2 200 uatpmap
ua.indianexpress.com/api/resolve/ Frame 0
0 134ms
134ms Preflight 104.90.139.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ua.indianexpress.com/api/resolve/uatpmap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.139.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-139-15.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-url,x-requested-with
Access-Control-Request-Method: POST
Origin: https://indianexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-request-url,x-requested-with,Content-Type,origin,authorization,accept,client-security-token
access-control-allow-methods: POST,GET,OPTIONS,PUT,PATCH
access-control-allow-origin: https://indianexpress.com
content-length: 0
date: Wed, 25 May 2022 06:59:06 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=600 ; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame AC4D 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 02C9 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3988 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FD7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B53C 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:26:40 GMT
expires: Thu, 25 May 2023 06:26:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 43E9 783 B
537 B 17ms
17ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d30c0c1c7318265a3491d7abe7b14c418639676b60e86c6cacdf19ea2bc827d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LTVJQ7ER9sk2MKIg9mLX4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://indianexpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-LTVJQ7ER9sk2MKIg9mLX4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:59:06 GMT
expires: Wed, 25 May 2022 06:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 039C 0
0 47ms
47ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=1551451338840537&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE31 42 B
64 B 43ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPFFjg05HEjYdRYS85YgcsotmT_5VSA4YrzYPt8RILXYbhoU8zuo8pr0RsmZz3t9GoEhYtOuACPhKmRyeSr3aUapfOlQAhlVBthxXTU3y4gpyRxXtBYI_ORA_o&sai=AMfl-YQZpFhMpbPriQux5qVlhTLC3KF0aEoI-f5sDyzOH7771df23le-WrN-c1uoXIlzCesPLU5Nk4ooWM--G-irZuL4EZYmML_UH2N9yejOlBAQw2r-H7SPjcyykpgN&sig=Cg0ArKJSzJM5ibtc6RaDEAE&cid=CAASUORoC7j-xd9E_9-4o3uYzP5a-E3CTsD1skrz5wbGG0gXJuSAXwqPWvvPQJocxzlDiweeLYiGQesfI-mqAQx4Ub7DMXJ1TLzLL1mB1FdAPNZY&id=lidar2&mcvt=1060&p=0,0,90,728&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2668761221&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653461944925&rpt=825&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B666 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pGlNjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E78E 42 B
64 B 40ms
40ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9bR3uIO4DPZqPFoFX_s1dt-uwOfVO174wDfNVt_vvM0O7tg34XjK0ROvTOKJ83QvViedpnOOIknjQXgKxY_tPn-BTC5bvonsCI-TWOHcoeDrTSCkJ&sig=Cg0ArKJSzARHc4TWGeviEAE&id=lidar2&mcvt=1028&p=182,1310,782,1430&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20220523&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2006046257&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653461944412&rpt=1433&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D36A 42 B
64 B 40ms
39ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurK8nYdNsPRcn7G38Am85nvUpeLJQqz6c01ll5tWLhpUHi9X-tpvA5vzEUlw56GeMl9kpM6o4TlyLzkfEbrp_eXtM9IiTnIFNlFcvgYiFbBmql6Xep&sig=Cg0ArKJSzLXZj1Ct07W4EAE&id=lidar2&mcvt=1030&p=700,985,900,1321&mtos=0,1030,1030,1030,1030&tos=0,1030,0,0,0&v=20220523&bin=7&avms=nio&bs=1600,1200&mc=0.92&vu=1&app=0&itpl=19&adk=4148745706&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653461944367&rpt=1464&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6B5 0
0 47ms
45ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4B-UudONYoLJB4atgQfBs6GgDO_g-_Rp8e-lltgM2tkeEAEggp3WDGCV4pCCoAegAZTW7tUDyAEJqAMBqgS6A0_QV8kpqhXiGP4K9jc1xsD-Z-UeEWPogEhYB10KKAdayTEIGL2CoUHv0OU7eqrqTAandlUzJVRdnRQl1po9Iftc-KcbiSBfewxUgVpQtGaTLVd59Zv6nh0XNVQJSUIV2S4PIGm8SBlfweWUvDUKNA0YZ3zYFo8BMDniRz3srzJa68LVPv7obmgGKw53uu7h9tW6WemLplXm5D5xwjzKIWRlS8bt5Q0zk844uQMvptEMdRERarAfw7-eZeD_DmwZOniEUkmiNmj0b4b5LFXhoHl2UsyZUirlHFeiMhIx7TyIO8JnA9zrB0UFgRHzRUTmTahFXVEHMsmw3hjLpSEwC0Sp8J19UZETIQjIEUSmIZT0lpvsyXHvzyAR48TrhLvND7kd8ij414xOZIb3w3-wDzIHTN_olvR1cVQVSCUjfQwYAzoAR72JyC2t9QBYA72IUWpglEFGCDaWJa2i0TvCQL7yBHboNsWGg9K-TlVnwH4Y24uUn13fKKQCtyT6u6FIea84DVpZPdKh-tdh97yBUT0Jk1Md875l0OGyxJWV7U5itqSjQQunM0r-psVtEe1EFVp6Hg1SZE-GJO7ABJSa4Lu6A5IFBAgEGAGSBQQIBRgEoAYugAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQhusG0ggJCIDhgHAQARgfgAoByAsB2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTk1MTc3NzI0NTUzNDQ0MDUYAA&sigh=uqNVAVHjsL4&vt=1&template_id=484&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186319&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944844&bpp=3&bdt=433&idt=240&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=1961895520&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=1230151253&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760475%2C31067737&oid=2&pvsid=577011371732562&pem=626&tmod=259749370&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.zgf9ega0ongu&fsb=1&dtd=253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6B5 42 B
64 B 50ms
49ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRL7xpk6StHLypkhKuC9oBC2qN3u7HsVDJSxV-h_kKimcaDAbnYl-2HFlgy5GTErJHldSrDB40meBmD2IL3J50zSNyZulMF1Ya4nvgAX4AQ95jX7GZYe5L5duUdRW6Gbzug4ZIJCUVe9DkOMaYLt8&sai=AMfl-YRvoaednzv-uVtoSy7QooBHgG8Z8OBbu-VRLBuNVQB8ier63QZoZIRg1RmpOguBdz29OhAz37BGxGyvoyO9AuIF2elwBvhN0UiJf6mHijoruWmA7cCJzifZ_iuo&sig=Cg0ArKJSzAxJ6CMLepMREAE&cid=CAASUORoOTBpfUjZDY2CT9WjQQWBKSdIhja41VHRzro2iKoGKGtu9WBORKvvNwPeJzOd441aaxZQVyZ6-0qWqfIWQtgx2xhVbaS9WttoG30GZLn6&id=lidar2&mcvt=1031&p=0,0,600,120&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1201059360&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653461945099&rpt=744&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame FB80 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H2 200 lg.php
delivery.contextads.live/www/delivery/ 43 B
396 B 124ms
124ms Image
image/gif 65.9.63.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.contextads.live/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=919&loc=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&referer=https%3A%2F%2Fclick.checkpoint.com%2F&cb=9617b7adba&bid=&request_id=467524957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-107.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
x-fmg: 36.49
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-amz-cf-id: k3Ii53Pk_bYSFqwx3F6-JeaWlaZ-fpHRGAMAIdYlDkV190VMtgYb8Q==
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 31F8 42 B
64 B 40ms
39ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstP5dxT7cxnZ5SkRAT3iK9vHETlWWcmUiAde-QuS7CxP6jswfl7wprsVAJ7-mWPK8Lq0LhBuC_Lnv-jQDFv-m1J62SCy-_Lp1jEJPrhoG0x3LohtTa-&sig=Cg0ArKJSzO-7msDZUz_VEAE&id=lidar2&mcvt=1028&p=182,170,782,290&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20220523&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2713915709&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653461944395&rpt=1478&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1D18 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPhS4udONYvKpCIm8gQehw4ioDO_g-_RpgcmkltgM2tkeEAEggp3WDGCV4pCCoAegAZTW7tUDyAEJqAMBqgS6A0_Qdpz2l79EAcJb7ckA4pdK506a55SOMPpU1JSDrCzVe0VZ43qrAQNtkAihh7AVjQB3aSKWSm_aYk0o0yC_E_UHxc18OEUUsnsM4I5dW8TPjaQymN8wHR8A3jfoxK9un5zOatAxm-MbRLQaFPAqNS06EIdAMl9utpscDAEdApIAkobkAN0lzTZ3bOZCxJLNnRaKNIjCR-KArSTN5WgYj0Y7_0rGUm1PYuXI-jIrO76sxs4p1_hi2ii2A7HPn5PiG6EXb6G4sNLOP1nowY9Zoq7X4HFUdiTR8CMVoWKX0u1Ngp6fIk6IehjwvmozgaxcL-JXAPx3NywxiyRaO5tX-vvRbRCnMkzJnMvw-gY_DJzNGw0pAfP4UG8tz8RzsFz4NCK13CuaQpCAao460SGcdCwzvqaYA8ZtZcgV_VaBe1dD-SHJ5WdmDSRGX2eVK49PRLFmks9AVZ3c5bqa70lBZkdsgOzwxis7LBAOP2c7m9ecQIuIuuYt8bl_VO-54pWgRpFeKZujg6IFNfVgc4agZ4oXSFLc9SYKCUFOHpAVHGGk8HRy2lfy07rDZhGnQob_zqp9cTm98X6aR4nABISc4Lu6A5IFBAgEGAGSBQQIBRgEoAYugAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQneQM0ggJCIDhgHAQARgfgAoByAsB2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTk1MTc3NzI0NTUzNDQ0MDUYAA&sigh=-vlzBX1bcA0&vt=1&template_id=484&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9517772455344405&output=html&h=600&slotname=7445661160&adk=1201059360&adf=776186312&pi=t.ma~as.7445661160&w=120&psa=0&format=120x600&url=https%3A%2F%2Findianexpress.com%2Farticle%2Ftechnology%2Fcrypto%2Fcritical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991%2F%3Fmkt_tok%3DNzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653461944880&bpp=3&bdt=485&idt=224&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dc1bf5bc09f3a3538-2206ae619dcd00e5%3AT%3D1653461944%3ART%3D1653461944%3AS%3DALNI_MYNqNPfeB61RS9UmDzxd9Dg4dFn4w&correlator=6633330513117&frm=23&ife=4&pv=1&ga_vid=319277237.1653461943&ga_sid=1653461945&ga_hid=141322764&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=170&ady=182&biw=1600&bih=1200&isw=120&ish=600&ifk=3488850134&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067488&oid=2&pvsid=3994957088664466&pem=626&tmod=367534854&uas=0&nvt=1&ref=https%3A%2F%2Fclick.checkpoint.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.is0io45kwbz8&fsb=1&dtd=232
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 06:59:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D18 42 B
64 B 56ms
56ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTXShHT2u3bhEgpSlAne5k1prrWZdiQwt5cWDozo7nE9yabm26NUMbuPHNCz7-UzcqomhWt_kWLrpYa_KfVRu9otcDQuaufc3VGW21TRYu8XtzrwukGwKM_GE6HoG_7T9f7O1cx19jmUCQgfeCO0o&sai=AMfl-YS_RL2orD1jwP2CfxJWDasG8fGNa39WvOgQ-8F9wADQrfqHvr4GATVLs4EYeBqrLRCUfWqPh2IL24zdO-oc7jbq9auBHXRYtPen4rH8CiUaM97buVbgXNeRsUbj&sig=Cg0ArKJSzHfs1u7m7zSnEAE&cid=CAASUORo_dvdaE_bhFExg4DfRXBXiF9ksbutwa50ABg3K36swgJbHh-cNx4dZKKhGCp-8ntIb_7H6Bp5VaK1Gck7boYQhGwCQD-KB0iy6BqL54Mu&id=lidar2&mcvt=1029&p=0,0,600,120&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1201059360&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653461945113&rpt=758&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 43E9 0
0 46ms
46ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=1060439149467540&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame B53C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 20:42:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AC4D 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ANC_-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 02C9 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Rq9wyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3988 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mrimXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7FD7 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jH3gpw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FB80 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6sbmZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B53C 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FICyTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 06:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B586 0
0 74ms
74ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=312738747088414&bg=!qqmlqe3NAAZ4vKt9WLw7ACkAdvg8WtQJ1UdlOomsoeeB9p3tTXD6RNbAewcF3NhP5rOyrW82p-RLQQIAAAGmUgAAAAJoAQeZAtFasl8vaj3Mt9wOboDap1s3YZBos13X5A8P3Y-ISj6xiZKGuOgm-jJTi-00t_fh3g4tZS2MdfFwsPsSAON8Fwfquv6Fl4GuIQ_7PnklczadzBjirZY6FRRPhZjOSrgEakpCjkGZxvjgmiIcRPd1XXRC9nF62gKpgn-hDRR91Ph1lg5dFnquT0h100kTdusljHc4fGO41EygLAAwNV8JKCuGGHv7CCeREIivfOp1kH0b2IG0KpSBtO8ziXS94MDHaf9XrcD2zsq1BIjJgO3SYHgb0dYi7VoD2COqs-ggxkBl7rvABBTAxKfA9lw6UlHJRxPSW6-IN1LRXLspVQmQ3H2fshsg0mn6SPhJsBZh8q0C-cSC5oyJkU0M0jmZa1KWfJ-TuMl3vL49PB-D_5gQ012gjsv4PMIwnSvon_sr1IHwaOvV-MaMJun-qJ9-HATmTq-j0lvO68zT4IFeqD1p7c9eq2pkKbRnlz26RepI8zA5gQbmNSmv57x-zDmRlNnzZpdx0dVAMMPA5NLFdfx0zaD-f8G8gLUyqZE1EOwKWpaXAmqgtEeGGoepCPfLW2DWSDGyTwoyIMOWPB0Eg876RCrOdB1x2TLBoEvQhDH3Ra1xsSUQjW9jnhoEMwtI62KowGY8ZL8e_j_YLqlCFykJ5lJRyaMhMbJRDuOwQ-b2Nxnd_eIKcdVR-Q8lvS8GtfuLBonERDNOwMLVWXD9OKcYWmEv1JXZKGxfxBKC_VgAJXc5BatIVb7eFZB3dGla2p_snle8gz1KUUXpY-sq_Ws3ZelZ_9sJPI8YS8txl_W4oCskXGzN9nCXPDjHjEY5rzIV1qr2YWEj9r3sRYMmiBsvkhCk-FEgT7EZFt-gKbdrf4rXuX5xat5E7QEB8cMqFgLl0x-3zdEoDpAM3eMDxxuRFrDsoeEcizHKW9BL0ocp89icgc9BYDNDSveYuC6VQ46Tkf3b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0AAA 0
0 51ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=3888245929453611&bg=!NDelN3PNAAZ4vKt9WLw7ACkAdvg8WgWC5oxIS89glp3Aa2yt3LA-E4Q8mweQ_9nx-zkbD8oIS9cmbQIAAAFzUgAAAAJoAQeZAsATNL4lPh20ISBjll2XYynlaTlgYPi6b0kcN3bnHmjXx0ommYRsetPiaNzaBHbSzswjn4qhwPqheJ3nWuSqt0Muul7jk9C5YxtgjC2j6WnJftMD8a4RvtUkgyxCs2VuS0EOG8EDJxl2nAvWttap4Sax-6u8aj2vh4KoJxDh-bTMM1SP-Ctu5XBm4cCDyJoT4tT_PpNgN1oiEWpcwdXOVcwXjEUPfwsvbtqk1X2xn-K38YHuQZTdzYTf157v474A-kA1zW5Fv6TOEDi70iyNPAyrpWrP7QwsKmVHkYNIM1IWmuiHeYOXtM4ufLwuBTNvwVgxF-WZjsDcLD8-XhSFjFkmbKaXhznAz4PLeOaDklDOU1peMyZDHcS3vA_qmlF9GtPVf39OcEAqZb_kicfiZaKiNMomh-QiZab2aBsljMeLIEDbGB-8bTWpX2FtYcOtY7UTttk2jfQu2cuppOQVY_GT5mWs-W9sAg2TiFBwVuhQazgTF77VBwtVj-8YdsHYVRqqc4AVvPnAhGVyKOKzotJH2TbNzK1xJzEevXJ0791YNEwJ8wxcL7g7XWpiWvVL9JxNDU1Gbht7HadMLTUoBIFGUzJcn0Xr1uEaZXs2LCWv9wx0Ul8YWFUhctL3OSMiAZ66jy5iHOfvGpivguX90c0XxjQrtpVz0cpFNt7BQj2eNcVVmQFiIQCIgDODcPC9nH8pqTJHQim49neP4rd0LtOMnn8exwLZJmLAbiPFYJcAXsA92G-oCHhTuZCkpaITuMbIPAUc0ewVuj7fGAnJvVX8h9DWJpa2v1IddDR1mNG_1AyguEcuD8Ftwi6wV1dHqfr-2fxyyOWHvFgfzCki0kAVl9SZTSISPeiPYQLBQ4t2ONOA6AIddbTe7AlzSY0AKxxKNK1dp0lAo3aQdb-y55TV2ScATc6mjI8EcMr8EocxVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D703 42 B
64 B 44ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstj4Gywoe3ARlC6oIzN5CyPbd_wYZ02AXJ55WZPuSdCAcPngqUt-ukSimHGKDPpG2nyfsHQoEcssfcgldHImUAFp_VK4kqaFrUS27nke0sATbccpth1&sig=Cg0ArKJSzD8VluYCpb4xEAE&id=lidar2&mcvt=1000&p=187,436,277,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220523&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4134857687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653461944359&rpt=2163&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 06:59:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D36A 0
0 58ms
57ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=1484438737876758&bg=!f3ylfDjNAAZ4vKt9WLw7ACkAdvg8WnT0TlMoDFKfRINcc6UolTWIv36OtWNqT1sXrym_sg4U4lo6lwIAAAEoUgAAAAFoAQcKAIpGuuPQcbzI0uWb3q4qLFMuWYdlAcqHVjwWD2W-p85XSe5Sb_fBUG4Nh9t-xT4MvO-HehPedkPcMNFMLDjdcU4NiH7z1G9rfiYvX84OK1CsMFRj9TdQWLIbwi0aFp_MwvX-bUKlEqDjZ5LvYGU3epUUkfU_MosP2ucpjCXu9MsmSECLkFtBtrgPXCqZAr5-F8IeSj5Q1gNurWK-VArzolZZBmv6GBiAVT6QtxIM3-Y9nEpHTxgMZyiZ1I7La3xTs4acG8i3tzyIsVGEsKEzxnxOiXsDXnCKRCWT_-5BFfzUZegC-6pEHc7W5KVRjCGUvWOjfIp2MK6lLlSXafltAC0cPKrcEqywkknFk9hgivu4jdMvv633YRSkJVWPiy69k3R4Ww_kM_FNdvY4D126Z93ncU_hUlotzlJeNTujkrKCHK1OW0zJ6OJ5Xk_lOjABvveOQCQn7Cl6Ea_AmDiXEZpfjrPbFDZ0ogMsDrXeM9yDk74cQZRnR4io29rGIR8azv1fRlGB2nygAnuedmQwW4mHyebb6Gk5DxF067MjFoJcZPi7_EzA2wtXCYoEKngFdKsK1bDbElNDJ9IkXUhGP7NGkN6CxhNuyitec1mUQz8LeufpgrmR75DKe-ounl5UwUrADxKIvrtbuLZNe_hkccS9xNbzXjvNtxyAYG1G2D_n0a5BitZzI8FhOwR-2Qehl2AWxhP6eL-PiKlIQHVMaH43nzD6yabsQ-t_wvZu9JzntD8vg5GM2z2WVnAJpXXlulruOGbSkyRD8DFVyTsGWse7eJLOV7iylwIpM-saqvpxmkxdqARW9N1MSgk63dydjOhAHsGauupujrrmob_WmzAcpdIFACMBPq29dM_gqEC_wVK3y97E5okJn1OiSzNOKoo-2afg-0agtldBC9MMX68lak89vAZDUwhRBnHKOPpaAO23rxGUc_X-TSwzyfM-ekKHEyRljf-etmzQkG0w1jo6fPvB4wtaq3-mCTR3pIfGt1LnGXhp4boSEOMzBkHLLt76eSCxc3ksc8-Sp9kEiaAfTyz95P-dsF7rjJtzj-LKXqM7leS1eyJQnXgv8m6C4R6aZTdT5RMwnXFaMjR-iYZlb2X214WfybUS1ss
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 31F8 0
0 77ms
77ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=3994957088664466&bg=!NDelN3PNAAZ4vKt9WLw7ACkAdvg8Wqk1uukXFKAJHQYXgBxHgCfAUM4K8GCtvetoh7Tv5ETqwNM6wwIAAAEaUgAAAAJoAQcKADTfw6OXOaZGgT2Mo0PJTJRBWcqmZSyRJY2aQCtbON1jTr7Sb07fzzWfSpCT58Cnw-RPwgYymQK2GdIBpTDuUF7xmMidTRqwau_kmQF_-3lIEwWW1T3tnOxfL5pGDa1fU8ciIwzWGIoyswQHK2gOiAQueWZQ15R7AsXsVP9QCiH2-2mWAJUiQGwfIuG1fZhYgZh618XV5f-1x_-2SpcFci77B7gvnP-wr4lFzIGqTj4ITnZ7eSfXyGPtt9853VZZR_exAEkm0LCXTYNzRnoYU8z1e73nBg6LLD3dgWfrwn0jBo1dzr2w93NHkzOXPMRYm1iaxW4Sv11_OMauhGRgYawBztjB6tLmj2qgew502Z8NhaJ6-4WfRDGPR9nuZZdBnCqrrX_AHSr8IUrMbk_N5hiJ0xaiptDfZnfDTF-nys_R4ewZbVX2U4zY1UIM0WZ_kuni6BYlauyxghED416K2OpgxfG-j84gATuyNnrUd1GdyJHMxicim9iMUBuyngQSNlKX0kVIvKYUz989CD7cSVFhO0a-mfHV1z8KkjbeA3tGm-2fMGkFk8BbsjS7fzyfTmFVNP2jtWl94LdXIz5u8K8SHtRz4tDxRq35eVnd0ZChjW-RY_R0qW-C4YFq3OHLfTseGgypB3z4dGNTng_YRH6_FmuEKSyGgRXbkQO_dVcIQvUdTaY6914S3X_1jEUeo580wcEaPr6cKMSQAsrjvv6xo4MwfRmeHjrryOmG5nK8q4LjMXeusbHWfpxs4otBV62_1LdwHYEzmNI36h-37c_RVuTVDiJU_mvecKiWWTezrcE9exRUf8Uhpb9b99lzzavcQ0TUOhkiNdcy9cdOwPbxvrkf26EJGmy6y8JtqZSvVENsp3d3Zlm-FrEqnNd2ZXs0n3qt6bJdGMEz3AHY3yqfTQ4BrStl9YqTw61b9tDRV_tGeiOAnAC7QSP-eQj7pS4Awg1vRHUqM7VH0N4bAUnXuYKm3Cmto4pvKnZIQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B0C6 0
0 74ms
74ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=2486711979769719&bg=!vr2lvfnNAAZ4vKt9WLw7ACkAdvg8WizHeMLFzhgfUQyiyrRKUeS_2JleZ9lQQqFeNK8lqKv6sf22ggIAAAFKUgAAAAJoAQcKAHUsnPonIp16XEwRJtzYv1Hke2B3zUy-iGqB9W6YiGrP3pbuQeEVH4oPWLQmH_FHgHOIgXAqUkHIo30gAu6SaEMBKVVqhFO9Bs7EMZFTIdmlL9PbtcXr_njBL8lFunWlOJcdepdCtE_E2zm8cE-W-s78Sz_twkqZAs-lrkzQbR_qlisFxGwLyGiV2wdc_S1DM5QJyY-1Pe1E-EEKbhc2-xnr5zRgZvuv-bIjZc5pfOa-VguVfJmpzC9XLedvDz2BSgkFT20kPOunwWcisTZwzdxBBn7td4YHKjnJP_7NYHQ9QmVSkrFRToBQHVX2W2D_VpkC2q_NEIORFmmIsFOkZ850gNMqDbUWK79GbJKnhr5dF-hceTr6IhYGDz2WzgKXFSbmkDyJpCDnXKPhMtU3p51QWwu249E2-Q01hZeHNRA3Z3hx2OLnKd391lHXmg7uacyFElbx67hDmRSGgNU3E9li7GKV84m1pXSMn1kcFl8Cl_t2xIeqqgylP4sKGa3joHRkU3NWNoTX1q1SEVbOBJ2bG_GIItKrDMEdvO7XS-eGRfpLB8Jr1hq8xFq4MGLr4oK7JgzKtZXO7mxQK8gTNEwbTX1Ubvg5mgHDFsClXmVSIsP8DvetEBAYJhc362zyI3e52OF7D9kt4geIsoT75XzdFr0DumfvJQrBJxkLZreIPia1rpabCwb_z7GcRjtwUa6vWUNJ2-pWJUr9EhrKOm7VUMA3IZ8zHgbT01FdFILyfpekDKzKaPNo6mdK_9AD66ESGMdWMzHjXqx3WlZRHerJnTrm8JV1-wbFhSMbnrdOMPvzgUET3Csnt7b8_IXUP_lcZgujr5Z-x-1SP9_onmtVQI9t7TW3MOyLot6cjVpILw8-AC43oXAat0E06rRiHyL5T5lmLG2m4tXYk3JjaD0FAcQkq57nvR5JPcXERuMl_RwOIY3r7pzfFjQ1ih5rCZoOQpmt1_9gW6VIbZbhKYsIDrIsiONdIKRivjxSLl0V-G6wqknntuolnR56KVD_h-kdqHNgDykds4h5zwfqhaj-rHzQ5t4mCdnRLsQhjgSOZ8xDLTsrksHckdER-1aJt0J1LMEKMFYyfWnc7W44scKe94YOuC_vLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E78E 0
0 74ms
74ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=577011371732562&bg=!-vml-b3NAAZ4vKt9WLw7ACkAdvg8Wi2LGzTcHsi0uctoPSkUKRB999T0fzdGrfDWYqLXIiFEIEozgQIAAAEKUgAAAAJoAQeZAsLkrpdWQIe9X-5CEWr8Ze6nOcUhhFpneC-grY9okepvW__wCnhotswMRPO5sksxmOQNR4FzL5Cx-rtbjMaPtBreeNweK36Wevq-52IdgqEsiKxxFojaXs-ZZFSTlWq8byxGbcuT39w0hASnJK1kazbVJ3iZ3yiW6v_csL5_zgnHMl-r4sRlo3D7FAAWfos1q54onPgo28G3YmfLFgK4xywE9GTYDcEXD63yPHJbnHaHrKa4-vYz_FKyuNFatERBrn4HInBYAW3A_ZwFfx0TC69poJLgogugD8leeNNG0YJIhz_h7gGqRIMSoHEF8M2bTtPrY3xJaHGvjkx4Q9S2BJ9pW5m37jhVyaAH2gIZEyiQZDwXPUOMErD7_mX7OASG8hZqzTicNBO-SmkxrsNujXkVt82oqL4LYmOaFcVdlmhhzXuXja5EUaIzqpiahFUCeubL1f_h_XWYQzjdXm50HT9y07HW0rRCgOpckiwWf6MOXDTeCUi5bnvYGeaS5DY9hyvwNk2wC_KvCIOZw9IFsKkt18KOUinwsUXWkGuTBp9-LTb2ZGjv9_60Mdblg6rFWJQBRVvzR0g275ltx-Phhl4Y85MhwGSV3yfNfa9pP3WHtisId4L9egYyh6Nk3WiUd4Ba9p7NTY22nCLW02n0ZD6Q09myl1h1N_UF1dk3I4TKjoTf5AhgTDFKnK8xwxOCS9lInEIjk-yjfoxGMgvtTG4eEdyfIY3LR47fgHhL21QWMb_StJ3UL19gvOxz0ZtHs0YwrqUPBljToK9LWZReg33SqX1qp6ik-VWnwLelj5DF1qp0zys6P_zojLvNEslRSMV01MVyiPlECTFYeYqY6cx2jwxQSH1NYsl1KTK1NlgooBzUJAPAQyQG9WJTETuodXpZ05s4UwZUMDIn4FhCk_cF-UoNls9KZK-dD2OYRNxsBf-8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CCDA 0
0 75ms
74ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=1551451338840537&bg=!bW6lbirNAAZ4vKt9WLw7ACkAdvg8WorlhMmj1itRWCsWUtApDxzlVOppP9eoVxYiwIvhFQ7myYB4-AIAAAC3UgAAAAJoAQeZArkvS65BhHbavkKINwmrR7iOI4MMHpy5kd8u3Di-GPwEolu953YAkmUChjRbiKZBk0Mdf9MfWmZAjwq9IEgRuVqwo_tIyhJYwQK52FsrDCGpXbtjAckM1mdFVa3E2X1CMso5Ols9CaPypGz52HufomOC_u2MhuBBfgWZSkbwhNKPEsvz2tmUUZcxa-DferoGCoUrGG7wQrWMRyOdNvbIHkNRlNEPOFXYFSeyOSjgrb99jyE6zhYVVECzKKTSMFIX0Sw099-0IwzUnCJjngTZ8iSOTWGTq8Plsn0Kblj5SJ0Y_LInmQ-59RPfErMd4iMSV69ojRCUaSb-yHxOMzk6anlfd4b2bfexHMq-r3lKlj8Y_cTKwR1hbhFuD8dY3KBI9yapRD_LnEpE4sJfUTR_xSZ4o2s6Kk_WJ26GUZQKsHhqOsE4MxPZudWe89c4OsfEL3-ZPoJZhhvH4BmwVo_xI2qd9LxuA3VvZxJIpO5IuLFyoxwjYOHGidGmR_u3elb0qzY_vqHchHnL494fJeDp7F32gA7vSC2ySJndNEh4BAmJb0foQh53iNyvtjVDIkv1RwhH3WO6BWpl8asinp993LAZj-om4H_55g1eUCi9ZGm1_nTOKvs__yyrnPRnEjWGOrSIT6IO372-r6AP4mKSvFwO5NclB17Cmch4Km5JI-Gz4YIahTvQsMI0VnpTARVBqvRDMC459nK85mqnGXQxhFmPkl5Hs1DLN3iqCcCNE1Ajzb7_i33cPKnB5rYxPBIS7EceZEwuPOwH6_gHKD_De_uW1ANvexfRAvCH-Jcu3j3x313cBV1_MPYtCUPAXbwk89VmDLUqTxiOJLWZ5z-ygdt6Eqr0Icej3dJI6U2zBDQXXV0zdXQgcoaoSneMg9DzObzknNA-GNAnKj2WXdOOEZzKE-uaY5wbFOUm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D703 0
0 50ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=1060439149467540&bg=!DQ6lDkrNAAZ4vKt9WLw7ACkAdvg8Whjw2i9wEvvCGSu-2GqlXrDk2vF1dMqPSJ6xvOgmgi4rmPcgQgIAAACHUgAAAAFoAQeZAr6hzc5gl8jHMEJeE3zeQPlG2Rwzq_A-HJSp32LfH6jjtjCvRAopomegEAElrrKPX4jvTqMBvzmHEqFVsMfeANP4fS9UnR2U3DRQYTnsT4BOxxVocU4Fy7kk6agqfkWhW2N3tb4kVzPi2ydg-pqE4HkzXkh6sdP6hpL8CdQz-33pvbPVrs2X7eSICwrxdYyzeMH2UGsr3NnQQYhTLz-QvVeEPerg2GCuc8RB1zDTFp096wS5MlO-1RR9IopANlMmmvlwzdFWqwZWzp2XZ8qvZx1yjkz_xloDtVBqmd9y38qa062G3GrBb-FgmwTxPwMfw5XD0GQWhR53BXKyUgqjD2Je1gJ-wWuOe3hsX7EMhwo5zNC0NJNQ0xt9gy6_uAtH0dp-81MYU2AqQSyffiUTEvEoZNVs3jBWTU1nkAh7s-ZGavhX2tymqfdsf7kJc_D_oPLIwqquqPu3-9bycOIflYAkco7gnZqq-Wy50bXKXntosnxbjlAusswSKeKrYX7UjNIluTsLMQx3V4qCjyP0cWZMG6ABgEU3RS6_sBNdzMf-EkUaZ00u8XTduFDwiLsioD5ZfNOkQOCZxAdopEHivb2QOwVfjODwIDGPXvK5OX1qCRI6N3-f1Ko7A15Y843oDn28l0iCrszziqupFexDhcW6z9LnKneZ7LY5kXfv0kj4CZ76iVrrK8YTZsKIbnNcv2PxhFjuyxAIwu3H9CUZSZTWFkUJZRkHyIGQOXtlzp7RyPUuP3ofAUDw2tt_JxdrNxdCsj7MqW_1KdoAbH-gmZDFCraMdBGBNUKgC1hsO1xZWMucQ8zHo9XGie_JLIV2lnDBXQn22FelHj41Z7IkXpkvml8mOUS3Mkm4vNqbSGgD2qOOENhlLizoKsZ3djj09JS17bGcXYEw_BFlb7YTBWlUt3AXMyql4cWPQajlEPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://indianexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

366 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.click.checkpoint.com/	1970-01-20 03:17:43	Name: __cf_bm Value: HXcIQjLCH8xlZtYVfZCBXco1HOhkkg02xeF4AuPkMFU-1653461941-0-AaudHjo81EZQew7MCwfxDYs5AxdyUzW/L0rjfFGgceuFaJG0WlOL6uxgvgVRRaJvwLy8TDgId6f4d7GCzXyTY1c=
www.clarity.ms/	1970-01-20 12:03:17	Name: CLID Value: c9f603bac6d645a3866883fb3802663b.20220525.20230525
.scorecardresearch.com/	1970-01-20 20:34:29	Name: UID Value: 19046759cd5b95b02980c4c1653461943
.indianexpress.com/	1970-01-20 20:48:53	Name: _ga Value: GA1.2.319277237.1653461943
.indianexpress.com/	1970-01-20 03:19:08	Name: _gid Value: GA1.2.826251246.1653461943
.indianexpress.com/	1970-01-20 03:17:42	Name: _gat Value: 1
indianexpress.com/	1970-01-20 12:46:29	Name: _cb_ls Value: 1
.indianexpress.com/	1970-01-20 05:27:17	Name: _gcl_au Value: 1.1.2003215335.1653461943
.indianexpress.com/	1970-01-20 03:19:08	Name: ssostate Value: vJrl74
indianexpress.com/	1970-01-20 12:46:29	Name: _cb Value: 5G-7hD8whAVCnVAkp
indianexpress.com/	1970-01-20 12:46:29	Name: _chartbeat2 Value: .1653461943176.1653461943176.1.CiDZRLDyo14ZD__ipOBdwfjTC8eXuw.1
indianexpress.com/	1970-01-20 03:17:43	Name: _cb_svref Value: https%3A%2F%2Fclick.checkpoint.com%2F
.indianexpress.com/	1970-01-23 18:53:41	Name: WZRK_G Value: bfebff78a64347a2811979358913d076
.indianexpress.com/	1970-01-20 03:17:43	Name: WZRK_S_844-RZZ-995Z Value: %7B%22p%22%3A1%2C%22s%22%3A1653461943%2C%22t%22%3A1653461943%7D
.izooto.com/	1970-02-04 03:17:41	Name: IZCID Value: 7582b519-f8ac-4bf8-9b6f-0ba3ac2f94b3
.indianexpress.com/	1970-01-20 12:03:17	Name: fpid Value: bad1f14be8ab5db67a6a2c2290a5ebcb
.indianexpress.com/	1970-01-20 03:17:43	Name: upssid Value: bad1f14be8ab5db67a6a2c2290a5ebcb
.indianexpress.com/	1970-01-20 05:27:17	Name: _fbp Value: fb.1.1653461943418.33988419
ev.indianexpress.com/	1970-01-21 14:21:32	Name: ev_sid Value: 628dd3b7c14eec03614211dc
ev.indianexpress.com/	1970-01-21 14:21:32	Name: ev_did Value: 628dd3b7c14eec03614211db
.indianexpress.com/	1970-01-21 14:20:05	Name: ev_sid Value: 628dd3b7c14eec03614211dc
.indianexpress.com/	1970-01-21 14:20:05	Name: ev_did Value: 628dd3b7c14eec03614211db
indianexpress.com/	1970-01-20 12:03:17	Name: ie_userdata Value: {"subscription_plan":[]}
indianexpress.com/	1970-01-20 12:03:17	Name: ev_user_state Value: guest
.facebook.com/	1970-01-20 05:27:17	Name: fr Value: 0RI6Eyg4J4slAVnBX..BijdO3...1.0.BijdO3.
.indianexpress.com/	1970-01-20 12:03:17	Name: _clck Value: 1gx32o4\|1\|f1r\|0
.indianexpress.com/	1970-01-20 12:03:17	Name: fpuuid Value: 210798707347950
.indianexpress.com/	1970-01-20 03:19:08	Name: _clsk Value: 7h36mx\|1653461943730\|1\|0\|i.clarity.ms/collect
.c.bing.com/	1970-01-20 12:39:17	Name: SRM_B Value: 09E6A41BC37860F20EB2B5B4C2AA61D8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:39:17	Name: MUID Value: 09E6A41BC37860F20EB2B5B4C2AA61D8
.c.clarity.ms/	1970-01-20 03:17:42	Name: ANONCHK Value: 0
.indianexpress.com/	1969-12-31 23:59:59	Name: moe_uuid Value: 0253aad8-ce3a-4ccf-b4af-462fd547c997
.doubleclick.net/	1970-01-20 12:39:17	Name: IDE Value: AHWqTUnBQzK5ij1vYY-wNQWWRu12uSjJrpnCiFxNBEowE_FrVwZSZPMophgSI52NWWA
indianexpress.com/	1970-01-20 12:03:17	Name: forkrtg Value: {"generic":"29112019"}
.indianexpress.com/	1970-01-20 12:39:17	Name: __gads Value: ID=c1bf5bc09f3a3538-2227a3ec9ccd0089:T=1653461944:RT=1653461945:S=ALNI_MZ6HEAnotomavtyAFdxVjBdAYcf5Q
.doubleclick.net/	1970-01-20 03:17:45	Name: DSID Value: NO_DATA
delivery.contextads.live/	1969-12-31 23:59:59	Name: OAGEO Value: GB%7CEngland%7CSeacroft%7CYorkshire%20Electricity%7Cnorthernpowergrid.com%7CThis%20parameter%20is%20unavailable%20in%20selected%20.BIN%20data%20file.%20Please%20upgrade.%7CThis%20parameter%20is%20unavailable%20in%20selected%20.BIN%20data%20file.%20Please%20upgrade.%7CThis%20parameter%20is%20unavailable%20in%20selected%20.BIN%20data%20file.%20Please%20upgrade.%7CThis%20parameter%20is%20unavailable%20in%20selected%20.BIN%20data%20file.%20Please%20upgrade.%7CThis%20parameter%20is%20unavailable%20in%20selected%20.BIN%20data%20file.%20Please%20upgrade.%7C%7C
.contextads.live/	1970-01-20 04:43:44	Name: fmgctxuid Value: {"id":"29e7xnEfUuXEZLtA1snsZV5o5Ts"}
indianexpress.com/	1970-01-20 04:43:44	Name: fmgctxuid Value: {"id":"29e7xnEfUuXEZLtA1snsZV5o5Ts"}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://indianexpress.com/article/technology/crypto/critical-flaw-in-ever-surf-wallet-couldve-let-attackers-steal-crypto-wallet-check-point-research-7887991/?mkt_tok=NzUwLURRSC01MjgAAAGEU-g2jn191psQkqx-1iJwDroEWltGJlPh5lxxydLLDS-G-EZwWASdN2s3_fLU6loipXHzx4CV9fF4NqUoXtA4AKkhrytRJH2CYr0IyfCq07hxC2Kw(Line 18) Message: <link rel=preload> must have a valid `as` value
javascript	error	URL: https://indianexpress.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0(Line 1) Message: Refused to set unsafe header "origin"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-caS5CpCBau3IbO53Dm3ThPWHvwbXDlHJaPxVow3GbDk=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a73bafb454375ecf0d907670ae07f366.safeframe.googlesyndication.com
accounts.indianexpress.com
ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adservice.google.de
audience.contextads.live
c.bing.com
c.clarity.ms
cat.fr.eu.criteo.com
cdn.izooto.com
cdn.moengage.com
cdnjs.cloudflare.com
cengine.contextads.live
click.checkpoint.com
connect.facebook.net
csm.eu.criteo.net
d2r1yp2w7bby2u.cloudfront.net
dac.contextads.live
delivery.contextads.live
ev.indianexpress.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.clarity.ms
image-ap1.moengage.com
images.indianexpress.com
impulse.contextads.live
indianexpress.com
mab.chartbeat.com
news.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pix.eu.criteo.net
pixel.wp.com
pubs.contextads.live
rtb.nl.eu.criteo.com
sb.scorecardresearch.com
sdk-03.moengage.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
ua.indianexpress.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
wzrkt.com
104.17.72.206
104.90.139.15
108.138.7.82
13.32.121.72
142.250.184.194
142.250.185.230
142.250.185.98
143.204.215.67
178.250.0.160
178.250.2.135
178.250.2.150
18.66.2.128
192.0.76.3
23.205.234.32
2600:9000:2057:1200:19:14ed:c7c0:93a1
2600:9000:211e:2600:3:6e47:11c0:93a1
2600:9000:214f:8a00:f:b7c0:a340:93a1
2600:9000:214f:9c00:19:be69:b800:93a1
2600:9000:224a:6a00:a:5b2c:b080:93a1
2600:9000:2315:5c00:1e:3056:9b00:93a1
2600:9000:2315:7000:18:1fcd:351:7bc1
2606:4700::6811:180e
2606:4700::6812:d841
2620:1ec:27::cafe:2093
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::714
52.142.114.2
52.167.85.21
52.209.143.133
54.144.94.26
65.9.63.107
00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140
00b3c9977b4737f3ae7551b462e4db11c3ad4a655d8bf89691943c6981044d85
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
040f199e2a426e829e7dc4d557ead78c86d4de8514d6ab7b1e97af7193d52d90
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa
0846a81600f1b6af9ee425a3686feb5fa93cab67d2e0ec2420cf1b4e50bae46f
08590a5798d083bae61a9e150f5d3c1528e8e1bb881ed249c971d9d6fabfe0fc
0915ccb965d70855cee2ac0accc591691a09fa8b01acac7da0b1894705b11705
093d17e65be8299fec1b15008478b44f1b71bdd395c022266691ab503b1f4345
094db16fea40bb486e075a7012185caf6853230e828bf2b0780d059526ab3989
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0e8c8bb4dd1d77036fed3da82116273af23beabfe3d704345067b444610c295f
0f955d2b647fe1afc37181568788598adaea288dde8d4de08a5881fb8126a257
0fddae6379e4fb4746079a8f493c11097efd6fece8f580ff5c8802676d73c1d4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144a406c4b34df8711d6cc5469c03704e04ec60fe02e2bd340602aaca8e71b54
14f2d4e184dda6ccc16edead034118e54b43ee5522a3871250b136b95da3f983
15dccc473baed55cd47f7052f24073d24f8164eda51ba5c258fa7255d54ee51f
1660c7b9da05dbd944426f37f56de2c3a8fdfc23ea8bc6b62c7421c2a42b8887
170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187fa38a2eb8f52989c02f094ee5fb66720e16aa754eedddcc766b4efe30315e
19b1550783a6edd06c485a3d0c86ed3cd3f3912c43c65032311cfae2bda553f8
1a45a3e7b5bb591a8367c5b6cd65df366598bc48612118c6a954b35727e0c2ab
1b0bc51b29cde2d8a6c075d7e0ff82691ecb271addda3840a38341c40a0fb4bd
1b6f21385d8496a6d1edf2334aae64a86025d1ae907a12619557c9eef6a6e9c8
1c3fffe143ad0ce81d60e95e6f6c72b8799587e0211c49e6c4b7efb25ba6c016
1dbfd29bb7cf663257119ff8d2afebb46925a6a41251ecf65d477a5b6e0ccff4
1e70b8d0b42d035a42a681d50bbd62006122215bb3a6b01ac78a783bf05bf77f
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
238adff5aa77613c448d9251a2f0f4ae2ecb4e75dddcf8407d4a021fb76e1f12
2415a19066fb2738ac70eeb2e874c15a753bf0c9eab17fee78359fcf5ea4e6ab
2ad57c3065ac0de4072e40b23890156cc75ecc4d589013f31cf440f694306a7d
318b47c0042bbc1bdee2d50b37d8d8b1c2a592978855b9de235dbd1a23ecbab8
31b79b4122993739f2296b34fc079e2ff33781513df97e430b441194d74e1510
31fef500bebe0b5feda04d394c31813a86ae9167c0ec15bf179209e3d5a72fff
33eba0a28b31cda67b8a56737757523516ba6c7ee15f140f7854befad26a9cf1
341601f897b556d84e1a9f5fad504e9380e017be7f2749571134ec0c7729ec17
3512cb075b072464b429e479b81d6b522d403521e4da99e0886c2445733d6865
35fabca43a7ad61688737989b5a052c2b83934ac7182a94fc8bbaabef17e2fca
361dd4a342a8d35a6f9c8709d38cb49b36aace29e7cb458e3966a70dc8721708
364dc28afff259ae21c51b6f55e7e0d4887004c11e6e58585077a53356c828c9
37620a21f2c57e24796a04610065e1c73d00476563915c8f068967114ccbfddd
3b0eec1af5eec7ffadb33cc1cc800073fac6ac0e1f26cc78cfc695b6fda5ecee
3ce8c646512896ca79194eb63ae8ea2620fc9d9f57a86287de0978ee244379ff
3d30c0c1c7318265a3491d7abe7b14c418639676b60e86c6cacdf19ea2bc827d
3dee579082b075f323ebd0d5309ac8aa86df82118da75c8b27296acef81229b9
3f17c23993365af88be276e6cc2c89df0e64cf2e14fd4e5da5fef589e61ceb62
413849e3f0b86572e1e6382c673efc411afa7018d2495ea11dd9039c3ccc49e8
42e3da6105a22bdd590fdd545ce0887bc841b8f4b78084ea0e370c50929caf95
44bef10439f7868aee499982a19f2d1373cd091d2d8452e811a9acf7a50d4388
455625c4f1438144d7420ae9b6b112f91f99999cdaeda89f13cbbe05a9b93058
45a447aa2dc11f10715a355af579ef5d7bad0c0292d2539bfa8d28fc63bb2484
483e65485ab2b4ace5cc93061d7ff131c1f7e8b084564289692a4b65e6cd7f73
4984a12a4e2268fb4e8104ec4b208d4ceb597fa6ebc3529924eed8602a29ba49
49919cdd76bb75af97102773b75d9b766922863883afcc28ad868b31d4beb6ec
49b6a0ef3bf62a8eee20471a1983fbdfde28f2d0f6ae59541394e9d2302b358b
4a0b6fba8bd2c878a2af243d2e3b426b5325abb008f09e63a06c89b014862c66
4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a
4c62953f655e21de8913b06f194575ef3ad2868ba95e73b687241b1c441e07dd
4d9c609c5ba7296018dcf975019eea48811dd040b76a7574777c7577da20b466
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e264ed4468be1772bae20991be1e2b733b0af0b856d1c1313fc969cc3c8b355
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
50547ca5c3b598f0bb3c18b3d5a540c345bea338a1c9d263c6a5d184e91d83c0
520431acbac185f8b35068f3473103ce85a60ad74088bb4ea33a74b79180c4c3
522538812ef56c2f5aa389f3d876bd0a8be8e702b70f7051dfd121a3eb35c411
52570bd0b8fa7183066d23d49cc73d2cbb0fea8e7d556bf6d525498b65e6c18a
543a22b8c0d880add43e0e042b92d0fcddce9adeaf5bfba181a44966920732e6
54b1f1a011f102d2c6581b702a4351f9baf8f32d9925c5b8f89359da728790f6
54e0f5c045aa5ef30df1c9db118f3a96d0b328ad9e686e087cea1404a3364946
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562005062b41c99f16232c66e2df8c40c9cfa63dfcf4e175321b3f22e07cb658
57de575b32463704771942f5bbf664d5e0359962ea00b40e27dca68a99738863
580d201c55eea2aa85095a5a1eb6cc0b6fde745396a200f2a9450c0e9ddd9667
59292d0d1e81870c97b8bf2affbb0243ae3855bc9df83995183db8334689d7ed
5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81
5bc3c38cd6a048c4bafa2c1f7a32e309a6adfd51e40e26273d9a0e701da3c53d
5c0256669a1cfdf80a805400cd9379b7e450dc08ce037ef446745707fd8cd243
5f22b1c1c49822e34c6d676214c55d8e52e514c19ccf11f4efe78b1dc7ef82f9
602e2957e78a25c7ab8533c71b6bb587fca967a11bb5b21463cbb36d93b1b3d2
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630f0440ea30df602859f4ef93f16a21705cecc8a5bf6b30ce5344ad727baf52
6317ff3996862074b0c999dcf3745042f6146283b715259939235a1266aba6ec
63eef6e11cf2a6f711ca39a160854ed0bb62f5b4a6c7b50d910ab9e71000634a
64e3db9c6c869414d70f242bb353a2773fdf9a9bd132884b4c1f32c4ba54a8a2
65d685f10c9a1a48f57701b06d78367bd2a495cd279ca2a1b7219cdc255fc8c8
66c0d3dfd5686153bff5b0029bcc40732a205cd80c9cbbda27b0dcf58d870914
67247b5cc3929dc20447c5740d39df6d8d3947a51d0f0fd9ada6ff3a6aa0c227
67dd353d1a77cd00fcb937ba3ad7a6b4f9095547c35682ce4fde80ed6332fa4c
69f765a8e81f52d7f7ade69e07c946f97f9b6ccc07e3f5cffd67825ace0d9c5f
6a1f7a22635852e7bc951f63969f071ef13e43a63ce63466844e8dc46a0525e0
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6cea4816943c8f001235867026295878c62214f13c95b9fe00664cd844978ed0
6e13531bc8204971bc7e7e0b271a32bf604637aad85e5d086dd9c3b10eab914a
6f5054751073d6c5035f9a65b78214b4be8f8323504161f705399c42e079e24e
700cce9653935e3e2561589c210d915dd785f937eacf572344941e982ea799db
71ca2c06ae704a7f92397060d87ec5a420b731d6cf29794fb6e3a7e4444780ea
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7300ac4805f7767a47bd72c30d4b14d33e1322e68ae80b35dca984f43441c75d
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
742dbc7d27a84eed3e863ede50b9c805e8dd100de0bca8350aa19e0b7ae6c469
74ce61114fe579b5b6da2ab89cceb7cf87c891f4b8077680bab22733e17daac8
765627508947180a42829190500cd0098e7d06b955d6df83ab8f610ca4f8522f
7792a6ac6c90fb406d1859c1d63ef68ada569d2ea7aa14794ab86251ffc51cf8
77de8880782b1239866c64bbba1d2d7529e300b8628f6a23f0dd9580260bc706
7927a1183c0f23c084bf30e351d51d2819735bd751071da09894a4bf9e47ee0d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7aac0d9430e944f82379fba6fb642aec2e7e7ae2595c112d48037b1215c749a9
7aeeb82071d5cf55b3b8435b319ad0fa4f9742ca0070a295e3796fe27b144314
7c0e820796e0e21d9ced047309239364bab4496ad4bb0099b65700c8a9752aee
7d1239195ef549be88e61188ee28cd16a049f8165812509d6ae4548c95aaa6fd
7e4285fa48b87b19b5aa32313ef2be0ec5e75e8a688ea99f89c0a77fb73c2495
80b110bd2739c684f764fc9440cd2685591af18f0d8dbf3efe7b5c13c0ac459d
80c9b87046ea6ae32fa5c9347485ad042420de4041524aeeda380166c6b7b15f
81d6892362bf208376ee5ef6cd873a2400833da59db548b8614ae52fe16dc6fd
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
83080d33c145ea7b3266fe88d307d8b6dbb6ada102a7334f416d445b7f07da98
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850fb8cc3f5fa0cdbf059ee069f80f5079b96472f453ad5dd0cf57fea4a99f90
853fc85b6e395a7b33fb925f919211725a357a96bae0df0f0c2af9d92e8f207e
85ac28707b76f118496dd5da0df04e9fc623e4b7613af3a9a80d4dded48051a8
888627d62154b6e7d81e60055f1ec8b9241ba400088f2377c13b38765d60642e
89254a22a265b79e6519da6c24261a7674d83927dd9f557a6321c55f2b7b7256
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d9026a0adda8f4b5f68678d9ff5b4251f35b6787a5a1c8ab57f4d3e99a941d4
8da490d5c918aac19b79a0713434397b984fc4864c64c5ee36836dda1c69b8b8
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fe8b87d02127b04c62c7d68b9f64131c98407cc1354e1fc6f1a969d827a2a6c
9027c08fab8b14e38e1b2148efc47da27cef607a11109c07c2f8ed583ae853a0
93ea77cfbc5c67a34b8e3503c7eb24d17e1d9d4f58c6ff1a32aa4c9e278f1db0
94b5a20d447ad3688f0dd408ac51d85c89ba599826e62c909358423dc0df2ad2
9549a77adb695eceb9f02a6a1845fedd66e634b79e44e4615c1c6141dc0e0d22
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a69dcd566deb9aa452447b8c0ab461f1a8194d91e96f44e9ea8cecba1549054
9b0ac7450c1b5a96493c9a1e8a5aa0901a65bddb920971a47048f0c898d8dfbf
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9d472aada2312e10e81b8bb06f3ce1d59bd11ace70fe553626422fc8b3505230
9e012f370d3fc843b236c270d98bcc38d7b07f2f7dc0c63c693fd331debeb681
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e
a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d15d99e2b992b717b263a00ffed29dd18082c9aa3658b255355cf56ffac762
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73343597533593a690cfc745135790ac6156986352f1031055ba386b8923384
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a764cfa29858990e578dd14b9f47a94d52fc6909931df37f6cf625052af2a7b3
a8ba66d5e0cc38107ffab4352e68d139570aad3d1aa7eeb8457c0518ba52cb2b
a9c423376eb6a4a47225c9ac8aa802c3f5a73cfa0cb8ee581cb556ee7358a61f
ab0aa9f252ec64053106f9101eea6a7b2647b1c175ce21b2c9df253d48cf6223
ac7303c805af0335a95fa23a6c72aaa24ddd88358b1c143d0cea3289b07d3d3f
acf8c914a144367e2406a598cf26b14ba5f556c7ea28fb38d5fe4cff6f140759
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
ad59e21b381880e57cf20a8fde6a6308e3cb252ffb32367228644c0fa86493c8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b0c9d06cd9d9aa2fa520ff290116193df9eafa79e7489d123a0de6b62080230c
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b30132c70cb4020f3d9a78e99f3612dfed77573407108d8c8784adde1c642bf0
b3298023a809199b0a780c96dd1a390306172d15e303da0ebd53eb2b2f16af49
b4beec436298c5fc7ca3dc18d075b329f338ec6abd611f085173871d7ec148bb
b52380f67399cd4eb8b169648461c28e873bc5e807a0b45388019be5fed6f71b
b5617b876fedeedc3f196ef91780fa8077b80b15a6b8a304827fe9ac2e424fcd
b5a1af791ec023e728b22becae9372c0526b647c4d959cdfc47053f32a520f15
b6d791a798646b7ca067a07062142454cf67b0b0d1b1ed9743632a4c45660702
b8cdb3d5483b3e94c0ec7a37ad6d0c2efe5985ec59d4ac70768f5f6bab94b3c6
b926c129e821a389d7fce9a3a4918bb4d6fe5ec9600a17266a9c03f0251e57c4
bacf174040d2531a85c8b458c6f2e2cc3856fb73c9a5ae05440a38eb8abdab84
bd26dc0cfe5563889ffbe6bc581a2ec16d0ec354229fdb2b6bc6f3eeb3b7d508
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdae3376dec1dab9828d6c0ddaebd9f7e6dabd7d65bdc6d3d4ef7613106400ea
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be16fe46642593fa74b79b49e543ba273fd0c88f4a41e5245dabb07c6ee58156
be7a0d43b9d11f65be9372ff5106512f9bdce581ae2b224a9b89123b20a44882
c2457ed91b16d9dbf7a21917fd4f8c47da415054f1c93354749ed075ad211fb4
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c4ce4b392c8a1bff303749d78e93ee01d56160bcfbaf48b9eb51a80e00396f65
c4d4773cfafbddd42051b07821ff1f317a73860e7d2387e46bf3e523009792aa
c5c69012755329f77b2d04d328dac834aa112907bccd437d51ef2fa5a79f2aad
c65c924ebf76dd38ad7a36dd70d6af92723ba0302b0b1e5e0b86e17468ea2953
c97ccb301c4f17329a72cca32c49b7cfa9a4015d3a108f27c954808b18fbf2ef
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cadb9b06567b10b75aca7bf4cefe3dbad81888b8d0dadb187f8c2555bed2a470
ce5aa4fd22242dab728c7f9455cfa02c40139ffa4706678f69ec59b390543f4c
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4774d4e399c7a42233a64388a9c4a7f57c14aef1c87435776ccfcb39be2c333
d56b6594050ef7eeeb242e1b50cae9a315eaa2f01ad320e39dbf0a1c84558299
d679e8edf16f18e378442ba57c1983c696d17ee9e1d08c52139985f20fd187a0
d72976626d32773e6200410b353da9fee771f7c69b5cd4d6c1781d2946628bc4
d86a6065ecd6bfa453211689af94579b5f93bf0c6bf8761045c4d13b688ef4ae
d9b1d3d33a55818a04e252c75b012725805e896ef6f4e3bca46147bd37b11b87
d9c25d3cc62375afb000f8e230d5d7dff1f7d4b5a7d491e5d2dfb42387c8fb11
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbba7edb0f9837917860836f386d2fe390c8bc3c8c6a4a569ba839906ec443d2
dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16
de2a1dd235d596bbb119433115f1bf948d4a653a6715e59b9062281d029d9c06
e0193b97613a437f76ed5c73987dc456a001b64cb156bc23d2a53dd8f80095b7
e0562d0c721f4977e6a2e6313d064e153af7d4f96a93e40427684797666ad357
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1f887a65e7ac59e33e7ad5e0dc6330d3abcf742d3111fd59c7522cc5a537447
e285a682b03da689303b5c67f387ab0517ade17b3295d67b0568082b8dc42b7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4830e8bde2681e4b30c3555095650109c79e1aa3855a817d63c876cb669f1ea
e51f4266a27127bafb462e818f78fda6ac66dc36f7e6ff9638b672bd5d1d81d7
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f002a1169985148fa2dadff4fda87dbc16de1390417fa2cf7dfa166d955c1b7b
f01981d8f1a5bd929956aa43132045d327af6cd0ec09ac50d824a668d272f39b
f02eecea0a2fa8b1fcadbfbff62f851802e7225a4a21693e94dbf8ea7d86862e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b0ab7ac23f90d09462d4220fbef156c720bb3088fcf3c5b26667e56caa96ef
f53af5078efd5243e37c019f2c3cf77c6bd3b50c3fbf3a613d9bdf1cc88058e0
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6795a6f66814b046bc9bb218cc3fe4e8bdf28f53be8c2f19a6e9d3310e9cfc5
f73280ae7d7de0ebf562eee0eb438980f2cee4aa69e499052b8f1911ab242b47
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8e79179d6c143c433b08464e0327fa20787b365720ec9636c93be7812e7b63f
fa3156db029436cac0784abf54572079577ccff55981c1f6a55597b771df03e6
fb52539a684cf631d76bc4d40097e5683786355d69f088df9f360f2ae8047fe2
fb6dfd0a67ee5af92545a723bb223f3dd29929f2baba8733ec5f6096becf0ae6
fb9b220b6e5eead3a0ea4a017f80cffdb7eb4a213978a9124b7f0a335f42153d
fbe13738ab064499c52a7a865a1a82fa306f117793828f841294fffea21fe89d
ff1925a67918a2f55ece17a8bd6b104905a4e65b57799a65181693646caa6988
ff305d664ec6c12ad16d8f10b6f57f90274c619d902ca293d7ca12c8e40dde15
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

indianexpress.com Open in urlscan Pro 23.205.234.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

434 Requests

99 %HTTPS

61 %IPv6

28 Domains

57 Subdomains

49 IPs

6 Countries

5056 kBTransfer

12658 kBSize

40 Cookies

31 Outgoing links

Page URL History

Redirected requests

434 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

indianexpress.com Open in urlscan Pro
23.205.234.32 Public Scan

Screenshot
Live screenshot

Full Image

434
Requests

99 %
HTTPS

61 %
IPv6

28
Domains

57
Subdomains

49
IPs

6
Countries

5056 kB
Transfer

12658 kB
Size

40
Cookies

434 HTTP transactions
19 data transactions