a.bollyfun.in Open in urlscan Pro
2606:4700:3033::6815:4010 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://a.bollyfun.in/
Submission: On November 10 via api (November 10th 2024, 7:17:46 am UTC) from US — Scanned from GB

Summary HTTP 43 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 10 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3033::6815:4010, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.bollyfun.in.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.

This is the only time a.bollyfun.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3033::6815:4010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
2	77.235.50.164 77.235.50.164	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c15::5e	15169 (GOOGLE) (GOOGLE)
43	14

6 2606:4700:3033::6815:4010 (United States)

ASN13335 (CLOUDFLARENET, US)

a.bollyfun.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.235.50.164 (Cyprus)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hb507.bfconsulting.com

api.publytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sorbet.adxguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c15::5e (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	72 KB
8	googlesyndication.com 526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	45 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	246 KB
6	bollyfun.in a.bollyfun.in	72 KB
2	adxguard.com sorbet.adxguard.com — Cisco Umbrella Rank: 513300	37 KB
2	publytics.net api.publytics.net — Cisco Umbrella Rank: 120560	1 KB
1	gstatic.com csi.gstatic.com	523 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2041	296 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	107 KB
43	10

	Domain	Requested by
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
8	securepubads.g.doubleclick.net	a.bollyfun.in securepubads.g.doubleclick.net
6	a.bollyfun.in	a.bollyfun.in
4	526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	sorbet.adxguard.com	a.bollyfun.in sorbet.adxguard.com
2	api.publytics.net	a.bollyfun.in api.publytics.net
1	csi.gstatic.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	api.ipify.org	sorbet.adxguard.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	a.bollyfun.in
43	13

This site contains links to these domains. Also see Links.

Domain
wordpress.org
generatepress.com

Subject Issuer	Validity	Valid
bollyfun.in WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.publytics.net Sectigo RSA Domain Validation Secure Server CA	`2024-04-11` - `2025-04-11`	a year	crt.sh
adxguard.com WE1	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
ipify.org WE1	`2024-09-15` - `2024-12-14`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://a.bollyfun.in/
Frame ID: 0B05218C8CBD109C728F97BE260A3B94
Requests: 35 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 2249C05730877FD6FC29916F992FB2E8
Requests: 1 HTTP requests in this frame

Frame: https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31CF667AA91D939894196E42EB23FF4F
Requests: 1 HTTP requests in this frame

Frame: https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 118A9E1083515B875D35733C487D546D
Requests: 1 HTTP requests in this frame

Frame: https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8BA0D05B83CCE4E05B9EF821E0F0E0A9
Requests: 1 HTTP requests in this frame

Frame: https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9A1C7469DDFA394EFB9069AA4F4F7B2B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 1898D3B135BBAF25DBC3D1E38CCC676C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F36085991B3A45737BF6D3BCDBA8C8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top Hospitals

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

43
Requests

95 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

14
IPs

5
Countries

582 kB
Transfer

1794 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: A WordPress Commenter

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
a.bollyfun.in/ 142 KB
43 KB 725ms
523ms Document
text/html 2606:4700:3033::6815:4010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.bollyfun.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:4010 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

183547ec92c9aacb23e49377440275f18d7fecdf72ff8fccedcfd37fafa83e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8e0443903bd4940c-LHR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sun, 10 Nov 2024 07:17:38 GMT
link: <https://a.bollyfun.in/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpJyPaAyQih6J7qus3%2BbIIwqTZob4qkN9xW%2Fht7xvxi6LShai4AqVhfgkoTRehH7yyQ5gVEbXMRMmmOIW%2BnwAV7roUf3pCn6AKdu5mO99UX29k9vIzFH1KCXBjX5jbJeEB5Zn7YZ4cuWQ%2F1B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=37162&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4207&recv_bytes=4474&delivery_rate=353&cwnd=12000&unsent_bytes=0&cid=c8efd1e01fbb8e8f&ts=607&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-tag: 0f3_HTTP.200
x-protocol: HTTP/2.0
x-ua-compatible: IE=edge

GET
H3 200 style.min.css
a.bollyfun.in/wp-includes/css/dist/block-library/ 110 KB
15 KB 78ms
74ms Stylesheet
text/css 2606:4700:3033::6815:4010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.bollyfun.in/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2

Requested by

Host: a.bollyfun.in
URL: https://a.bollyfun.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:4010 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66d88f8f-1b72b"
x-protocol: HTTP/2.0
age: 233854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKwlb1RB8aH3WlOk1C%2FOBpIqLq7pdX%2FlY2Zxgf7tLTxvPCrtyIYplfx5A5W7d5o3pza6T0uFE5ica%2F%2Fa1b%2BEgEQ4JXc%2Fee8JUxtAwqaUVDpfqLSQtanJtDiGjrTSD6XE8Q5MVDkeoy%2FfWJvj"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35436&sent=42&recv=20&lost=0&retrans=0&sent_bytes=35390&recv_bytes=5449&delivery_rate=353980&cwnd=16800&unsent_bytes=0&cid=c8efd1e01fbb8e8f&ts=729&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 07:17:38 GMT
content-type: text/css
last-modified: Wed, 04 Sep 2024 16:49:19 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e044393fea9940c-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 main.min.css
a.bollyfun.in/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 56ms
52ms Stylesheet
text/css 2606:4700:3033::6815:4010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.bollyfun.in/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1

Requested by

Host: a.bollyfun.in
URL: https://a.bollyfun.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:4010 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"672b78bf-4c38"
x-protocol: HTTP/2.0
age: 233854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=et9xfov3uEajtPeX0QPaM3vWVTTpmzdyqTzwDhH8%2BzXzc8BjXdZ2qDla%2BR7UJWMofZ5XlCLqDgkxH5gpDpRQiTLi4pla%2B0w46b8TKtfNSOf78PMHLjdK%2BGm4UOflyN3YcVkcN318gHenT2hy"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35436&sent=37&recv=20&lost=0&retrans=0&sent_bytes=29872&recv_bytes=5449&delivery_rate=353980&cwnd=16800&unsent_bytes=0&cid=c8efd1e01fbb8e8f&ts=729&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 07:17:38 GMT
content-type: text/css
last-modified: Wed, 06 Nov 2024 14:10:07 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e044393feab940c-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 109 KB
33 KB 251ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.bollyfun.in
URL: https://a.bollyfun.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

544a11be582975b7b59b38ca6a5d8e4171ebc3b30948f15dae1f39f3661dbde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
etag: 660 / 20037 / m202410310101 / config-hash: 18170107456145591056
x-content-type-options: nosniff
expires: Sun, 10 Nov 2024 07:17:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 10 Nov 2024 07:17:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33629
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
107 KB 227ms
66ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C1QD9CHMMW

Requested by

Host: a.bollyfun.in
URL: https://a.bollyfun.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcaf052c59393d812fea8c5a7f6b048e03346fd7d74a9ca28996d8ee0c247ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 10 Nov 2024 07:17:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109244
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.manual.min.js Show response
api.publytics.net/js/ 1 KB
967 B 239ms
85ms Script
application/javascript 77.235.50.164
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.publytics.net/js/script.manual.min.js

Requested by

Host: a.bollyfun.in
URL: https://a.bollyfun.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.235.50.164 , Cyprus, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

hb507.bfconsulting.com

Software

nginx /

Resource Hash

f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: max-age=2592000, public
content-encoding: gzip
etag: W/"6636479d-419"
x-content-type-options: nosniff
expires: Tue, 10 Dec 2024 07:17:39 GMT
alt-svc: h3=":443"; ma=3600
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Sunday, 10-Nov-2024 07:17:39 GMT

GET
H3 200 main.js Show response
sorbet.adxguard.com/api/cdn/invalid-protection/ 95 KB
36 KB 324ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sorbet.adxguard.com/api/cdn/invalid-protection/main.js
Requested by: Host: a.bollyfun.in
URL: https://a.bollyfun.in/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7377d8603360bc371dbfb1384328c45a8c7050bbf00eb968f00fd874795160

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"66f7d5d5-17a6f"
age: 250888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4yArTiOuA3%2BUQpYVoTFL5pAtpw09AGAxAcaEdQsqQlyZw7XOfIe8tw7JrqERYkirw6RzD%2FZgZwogBsVXfoQA4bPFG1k3YvHJoI4zGnlkc8EyUy4MzFEYViBGAmAaeJb0ALm2AawiC5RwQFvLWPMd%2FgN"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34272&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4112&recv_bytes=4215&delivery_rate=90386&cwnd=12000&unsent_bytes=0&cid=6bfe4028db069282&ts=65&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 07:17:38 GMT
content-type: application/javascript
last-modified: Sat, 28 Sep 2024 10:09:25 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e044395ba48653b-LHR
access-control-allow-origin: *
server: cloudflare

GET f2a08f0d-fa01-4932-9e2d-10108ea2dcd4
https://a.bollyfun.in/ Frame 0
0

GET
H3 200 menu.min.js Show response
a.bollyfun.in/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700:3033::6815:4010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.bollyfun.in/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1

Requested by

Host: a.bollyfun.in
URL: https://a.bollyfun.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:4010 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"672b78bf-1ca5"
x-protocol: HTTP/2.0
age: 233854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sPbqy9UFcKgRFGtwib9KyI4pTECyO8ElZtl5nIRYmeMa4oLQI3yLQqPxIKgdyZAbuY8GHhpmDA%2B9J6AxZnuAkUYVt96bKXHHok9mK0iKf7F5XXVeKJkademGdTIXXQnCeu1Bj6KcmD0ridJm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41694&sent=72&recv=28&lost=0&retrans=0&sent_bytes=69615&recv_bytes=6079&delivery_rate=375250&cwnd=33600&unsent_bytes=0&cid=c8efd1e01fbb8e8f&ts=784&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 07:17:38 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 14:10:07 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e0443945eec940c-LHR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/ 490 KB
151 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e944876c5fd13cc8ed0441c1a8bac2657147995d36634ce300b5ada152cbf52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
etag: 6558442857186661420
age: 75026
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 10:27:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 09 Nov 2024 10:27:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155051
x-xss-protection: 0
server: cafe

GET
H2 200 22896512369 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 258ms
85ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22896512369?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09098c6eba296a7ec75950e3fe4a36f8288bf156ec156c30b0ff3c6eb60743c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BK9Ud99n0trpUAzmmLg9ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OCbvObiTTWDF91_7GJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0NzPUMjOMLDADCmkWN"
content-security-policy: script-src 'report-sample' 'nonce-BK9Ud99n0trpUAzmmLg9ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 202 events Show response
api.publytics.net/ 6 B
294 B 140ms
41ms XHR
application/json 77.235.50.164
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.publytics.net/events

Requested by

Host: api.publytics.net
URL: https://api.publytics.net/js/script.manual.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

77.235.50.164 , Cyprus, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

hb507.bfconsulting.com

Software

nginx /

Resource Hash

18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://a.bollyfun.in/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: no-cache, private
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=3600
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: application/json
server: nginx

GET
H3 200 wp-emoji-release.min.js Show response
a.bollyfun.in/wp-includes/js/ 18 KB
6 KB 37ms
37ms Script
application/javascript 2606:4700:3033::6815:4010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.bollyfun.in/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2

Requested by

Host: a.bollyfun.in
URL: https://a.bollyfun.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:4010 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"667d6e6f-4926"
x-protocol: HTTP/2.0
age: 233772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6zX%2FEA9MCtWPNeC3iOA49XK1bUee8TNZg3mUR5jE2yizjFNkdezcdA7YzQPc77UCSD8Xc8wcIoZgTlgy%2Fk0SlqJCWJoSYJ3tEoSX8b4nnz7FNyGn%2Fc0o8e8V6UZY323Lc3CKSw6pKkBmr7j"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33852&sent=77&recv=46&lost=0&retrans=0&sent_bytes=72952&recv_bytes=7102&delivery_rate=960148&cwnd=36000&unsent_bytes=0&cid=c8efd1e01fbb8e8f&ts=1362&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: application/javascript
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e044397f9f5940c-LHR
access-control-allow-origin: *
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 190ms
61ms Fetch
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-C1QD9CHMMW&gtm=45je4b70v9199421883za200&_p=1731223058660&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=423402877.1731223059&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731223059&sct=1&seg=0&dl=https%3A%2F%2Fa.bollyfun.in%2F&dt=Top%20Hospitals&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1506
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C1QD9CHMMW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://a.bollyfun.in
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 AGSKWxXru1qayX7loluZ7rHkbokBIykWfnB5H1ziPJ793ucFSPlMOzF67u01cMFI0bF2FElMgaKDh6PulM-a59j-iXOcUBEh3P4KxlZ68QRUYjM1o5_rZ5hKQac1wQVtaogkbXsQS3bsVQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
60ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXru1qayX7loluZ7rHkbokBIykWfnB5H1ziPJ793ucFSPlMOzF67u01cMFI0bF2FElMgaKDh6PulM-a59j-iXOcUBEh3P4KxlZ68QRUYjM1o5_rZ5hKQac1wQVtaogkbXsQS3bsVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMjIzMDU5LDQ5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hLmJvbGx5ZnVuLmluLyIsbnVsbCxbWzgsIkZLalB5ZUd5QkpvIl0sWzksImVuLUdCIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.FKjPyeGyBJo.es5.O/am=GAw/d=1/rs=AJlcJMxyvffhOpSswUecxfFXFwoLITIxTg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59ce79238c8a8db659ae5d2c4db851286054914f79dd7c7532a959fa04ccebfa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WbmG4SPSVonAC5yvTdmBxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Ju85uJNN4MamaY1MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgbmegbG8QUGAIHWP88"
content-security-policy: script-src 'report-sample' 'nonce-WbmG4SPSVonAC5yvTdmBxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 2249 0
0 239ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.bollyfun.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29488
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 06:45:58 GMT
expires: Sun, 10 Nov 2024 07:35:58 GMT
last-modified: Mon, 28 Oct 2024 19:44:21 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
652 B 195ms
194ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=29735042235745&correlator=3592648108973229&eid=31086815&output=ldjh&gdfp_req=1&vrg=202410310101&ptt=17&impl=fifs&gdpr=0&iu_parts=22896512369%2Cainter&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=4&sc=1&cookie_enabled=1&cdm=a.bollyfun.in&abxe=1&dt=1731223059519&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.a.bollyfun.in&loc=https%3A%2F%2Fa.bollyfun.in%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=40644&tan=3f0d5c91-4efc-492c-99a1-74fa4563c2de&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731223058476&idt=622&adks=1107573919&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce135ca168cbbd16777516eb04e20e413ae6b2d174ef6abe50a6121182f50fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://a.bollyfun.in
content-length: 621
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
15 KB 384ms
375ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=29735042235745&correlator=3592648108973229&eid=31086815&output=ldjh&gdfp_req=1&vrg=202410310101&ptt=17&impl=fifs&gdpr=0&iu_parts=22896512369%2Caahh&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C336x280%7C300x250&fluid=height&ifi=2&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=a.bollyfun.in&abxe=1&dt=1731223059525&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.a.bollyfun.in&loc=https%3A%2F%2Fa.bollyfun.in%2F&vis=1&psz=1600x3460&msz=1600x250&fws=0&ohw=0&td=1&egid=40644&tan=3f0d5c91-4efc-492c-99a1-74fa4563c2df&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731223058476&idt=622&adks=2608286157&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8ffb1131072d85446d1a6af6e8361d495ecf5c8cc7c8bf018d9b8217e0282ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://a.bollyfun.in
content-length: 15172
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
16 KB 498ms
490ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=29735042235745&correlator=3592648108973229&eid=31086815&output=ldjh&gdfp_req=1&vrg=202410310101&ptt=17&impl=fifs&gdpr=0&iu_parts=22896512369%2Caff&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&fas=1&eri=4&sc=1&cookie_enabled=1&cdm=a.bollyfun.in&abxe=1&dt=1731223059528&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.a.bollyfun.in&loc=https%3A%2F%2Fa.bollyfun.in%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=40644&tan=3f0d5c91-4efc-492c-99a1-74fa4563c2e0&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731223058476&idt=622&adks=2809268972&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c00cd86ec2fb518f61d5d6659203f0f6e76c76310be302d3bcfb7ca257114ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://a.bollyfun.in
content-length: 16227
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
15 KB 276ms
269ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=29735042235745&correlator=3592648108973229&eid=31086815&output=ldjh&gdfp_req=1&vrg=202410310101&ptt=17&impl=fifs&gdpr=0&iu_parts=22896512369%2Cabp&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C336x280&fluid=height&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=a.bollyfun.in&abxe=1&dt=1731223059530&adxs=200&adys=370&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.a.bollyfun.in&loc=https%3A%2F%2Fa.bollyfun.in%2F&vis=1&psz=820x250&msz=820x250&fws=0&ohw=0&td=1&egid=40644&tan=3f0d5c91-4efc-492c-99a1-74fa4563c2e1&tdf=2&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731223058476&idt=622&adks=2757180571&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0fedc672011baa66ea424359b336dcb8e8fed41ac2f2d546dc24b95c472378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://a.bollyfun.in
content-length: 15164
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31CF 0
0 280ms
46ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.bollyfun.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 07:17:39 GMT
expires: Sun, 10 Nov 2024 07:17:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/ 49 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc144f0a293202306410cad256f3a00e4fe1d1b2e43a63ac997ff14e8a74702b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
etag: 4336535359378081007
age: 56810
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 15:30:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 09 Nov 2024 15:30:49 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15744
x-xss-protection: 0
server: cafe

GET
H3 200 AGSKWxWGsF0S3wNDlLacsmtx_dU-2L4Tej8xZ1K2fdfZkgiv74TSI61RwKc7WFtnJzbQpySYGm5n-Ejofc8RP4EMkRgMmXBIFHYODFmAy-WnUzQ8wgMGjGaoS1exLWgjNR7OzsIPBXqklg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 66ms
62ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGsF0S3wNDlLacsmtx_dU-2L4Tej8xZ1K2fdfZkgiv74TSI61RwKc7WFtnJzbQpySYGm5n-Ejofc8RP4EMkRgMmXBIFHYODFmAy-WnUzQ8wgMGjGaoS1exLWgjNR7OzsIPBXqklg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMjIzMDU5LDY1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYS5ib2xseWZ1bi5pbi8iLG51bGwsW1s4LCJGS2pQeWVHeUJKbyJdLFs5LCJlbi1HQiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a12b025f59c31c1cd025e0d838aa0c784afbcb9e15dcf7a38dda0eaf6d3cca6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MdNS42D4o9hIspkJ5bXxZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Ju85uJNNYEFX03kmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQwNzPQPj-AIDAHaaP6M"
content-security-policy: script-src 'report-sample' 'nonce-MdNS42D4o9hIspkJ5bXxZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 container.html
526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 118A 0
0 1ms
1ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.bollyfun.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 07:17:39 GMT
expires: Sun, 10 Nov 2024 07:17:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BA0 0
0 0ms
0ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.bollyfun.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 07:17:39 GMT
expires: Sun, 10 Nov 2024 07:17:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9A1C 0
0 1ms
1ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.bollyfun.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 07:17:39 GMT
expires: Sun, 10 Nov 2024 07:17:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads.swf.swf Show response
fundingchoicesmessages.google.com/f/AGSKWxURr4630J67NvwdzA0s2nsg0zmy4eOSYJHYJPCAhWSVRdPhHAwIzikqlAP2SiZMWNtNikcWjb6QD8tuaL9958bZSnLzNEyilt-x1V2_OfAGqRxKm26TMD_uUdxfufQaN6_tD6y--Tru1vcwJdLdVMYizVFrO... 54 B
108 B 56ms
56ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxURr4630J67NvwdzA0s2nsg0zmy4eOSYJHYJPCAhWSVRdPhHAwIzikqlAP2SiZMWNtNikcWjb6QD8tuaL9958bZSnLzNEyilt-x1V2_OfAGqRxKm26TMD_uUdxfufQaN6_tD6y--Tru1vcwJdLdVMYizVFrOe4YgtPetrMVdQ5sp13C9B_DB2WBAjkK/_/keyword_ad./exoclick./ads/exit./ads.swf.swf?2&clicktag=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.FKjPyeGyBJo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz-EBE2wR7quzml-2AOlU_A8c82Sg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0bed396bfcaad3d5bdb66c6dc5db59d329a80e85753b541fdaeebafae92f434

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6QSBDY-JgoDia2gVKyZEMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4puw5uJNNYMbU_muMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgbmegbG8QUGAHjPP7c"
content-security-policy: script-src 'report-sample' 'nonce-6QSBDY-JgoDia2gVKyZEMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 71 KB
26 KB 189ms
45ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa1f18382b8bf40874edf89cf3311b80340755704bf1eef196510e244f19d915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: br
etag: 12247655307629566185
age: 3572
x-content-type-options: nosniff
expires: Sun, 10 Nov 2024 07:18:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 10 Nov 2024 06:18:08 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26315
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 156ms
50ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xjNfIEdkOXHdN1VwCXHGeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://a.bollyfun.in/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uGYsufgTjaBEzdvtTMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQwNzPQPz-AIDAD_kKQE"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xjNfIEdkOXHdN1VwCXHGeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://a.bollyfun.in
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 97ms
49ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-87yfYi8R_V9fCVArHWwhpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://a.bollyfun.in/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uGYsufgTjaBC--3tTMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQwNzPQPz-AIDAD10KPk"
content-security-policy: script-src 'report-sample' 'nonce-87yfYi8R_V9fCVArHWwhpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://a.bollyfun.in
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 61ms
58ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ML5XJATujgcapDXEkW_xfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://a.bollyfun.in/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uGYsufgTjaBhp5Jx5iUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhoYG5noF5fIEBABBqKGA"
content-security-policy: script-src 'report-sample' 'nonce-ML5XJATujgcapDXEkW_xfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://a.bollyfun.in
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 60ms
57ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgHh2r1UBY4eB0jvjYG4PYYbilJoemdfGi984naBq1DcghGeidtQSSYkDwgpYT3VYtN6GWQyQRouiEBv38Wp698Al7-n1R_hyF8YL71nI7OQE1tD_2__cqtqhnNrxR_5GZHM1nOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JgTcxsrJl5tSYdz174MR5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://a.bollyfun.in/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUDsrnWR1R-IGb5eYeUAYiEejil7Du5kE5iwcMVRJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmhoYK5nYB5fYAAAILoomQ"
content-security-policy: script-src 'report-sample' 'nonce-JgTcxsrJl5tSYdz174MR5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://a.bollyfun.in
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVJa4OGQaQXa2BJmL-erzAfF5t6kPqCOPV5-B3vOQtlaZEk4sC6D3BBfpE0En0h1reAsRgsa33HkMahA8Q0Tuo_NbHl0hn_9fLnaPupN8_5QivJpFX0WYFlstPnN7BZ0nGfumMWPw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVJa4OGQaQXa2BJmL-erzAfF5t6kPqCOPV5-B3vOQtlaZEk4sC6D3BBfpE0En0h1reAsRgsa33HkMahA8Q0Tuo_NbHl0hn_9fLnaPupN8_5QivJpFX0WYFlstPnN7BZ0nGfumMWPw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMjIzMDYwLDY1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hLmJvbGx5ZnVuLmluLyIsbnVsbCxbWzgsIkZLalB5ZUd5QkpvIl0sWzksImVuLUdCIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e468410667fcb9067ac80b4a57b8f0c5e4fd25f73f5ff690ce8a0d6cab05fd3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JMNYpPP52NXqYPigSwT-Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4puw5uJNNoGHP51NMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgbmegbG8QUGAIzsQCI"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JMNYpPP52NXqYPigSwT-Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxVXW4HEbneW3HOu3F6stvK8MGsKhNmJ0Wapq8cIAG5MSsguoLf072KOZW3ZVLLbAQCPnyXEX6dRUHBCwZlgs88XM5tKq4JsN4PUeVEW8UV_aixUikm3SGb1vbB9MRpzioZT6O6j3g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
57ms XHR
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVXW4HEbneW3HOu3F6stvK8MGsKhNmJ0Wapq8cIAG5MSsguoLf072KOZW3ZVLLbAQCPnyXEX6dRUHBCwZlgs88XM5tKq4JsN4PUeVEW8UV_aixUikm3SGb1vbB9MRpzioZT6O6j3g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p548FboUOztZYxTAlh0itw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://a.bollyfun.in/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uGYsufgTjaBEwvnPmdScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhgbmegbm8QUGADzPKPQ"
content-security-policy: script-src 'report-sample' 'nonce-p548FboUOztZYxTAlh0itw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://a.bollyfun.in
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 / Show response
api.ipify.org/ 23 B
296 B 227ms
109ms XHR
application/json 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: sorbet.adxguard.com
URL: https://sorbet.adxguard.com/api/cdn/invalid-protection/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cbf27bd18beb18283078ed6c0af3fe9aec48ab1dd2a600111e946c92b1e349d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://a.bollyfun.in/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e0443a26ae1ccc1-LHR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=3520&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3971&recv_bytes=2294&delivery_rate=1201646&cwnd=236&unsent_bytes=0&cid=a804e1916983d4cc&ts=115&x=0"
content-length: 23
date: Sun, 10 Nov 2024 07:17:40 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 123ms
122ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a18aabe3e89cd4b8cf45bf57fea4d68aeabe4c56e90b3f4d76a32161515d4d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12949
date: Sun, 10 Nov 2024 07:17:40 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 404 favicon.ico
a.bollyfun.in/ 548 B
804 B 414ms
414ms Other
text/html 2606:4700:3033::6815:4010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.bollyfun.in/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:4010 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
x-protocol: HTTP/2.0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASWaqvpOKiHJk3mhphCEJJSoTgAuDtv67Bt%2BWa5Sp5aeRM5JyQK9WmHtoQqWv9ZE1IirAdRDyMct13HRXJGi8gmJ6%2F4RFZxu%2ByPBw2rAj5mm68lLFYMcT3FX6Gcf58dnSUMBefq3h1PU0Tkm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e0443a1aa2f940c-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34383&sent=83&recv=50&lost=0&retrans=0&sent_bytes=78874&recv_bytes=8002&delivery_rate=168582&cwnd=36000&unsent_bytes=0&cid=c8efd1e01fbb8e8f&ts=3294&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 07:17:41 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 194ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 10 Nov 2024 07:17:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:41 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 index.php Show response
sorbet.adxguard.com/api/cdn/ApiRequestProccess/ 1 B
850 B 1492ms
1400ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sorbet.adxguard.com/api/cdn/ApiRequestProccess/index.php?gemNetCode=22896512369-25&ip=194.74.212.112

Requested by

Host: sorbet.adxguard.com
URL: https://sorbet.adxguard.com/api/cdn/invalid-protection/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: https://a.bollyfun.in/

Response headers

access-control-max-age: 3600
content-encoding: zstd
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: master-only
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqPCaits3P91l5sSLMd%2BivmU4%2Bcgc1V%2BJfmUCu95sHs8b7etGI9NUH0SJlRHXmDOKqZ699cLrIQPU5QY0a0bFHsvEq9qYc5R37O%2BmKji0XbDTR3xTZu3eS4FegX1IImNGlV5ODpke2BwkmYjCxd%2BtqCU"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26906&sent=11&recv=9&lost=0&retrans=0&sent_bytes=2208&recv_bytes=4202&delivery_rate=525&cwnd=12000&unsent_bytes=0&cid=e7d1e214bc38933e&ts=1403&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 07:17:42 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8e0443a3ab72773b-LHR
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 1898 0
0 38ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.bollyfun.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 07:03:43 GMT
expires: Sun, 10 Nov 2024 07:53:43 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 8F36 0
0 198ms
50ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q--kIPNMCs_o2lNcu0CUJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.bollyfun.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q--kIPNMCs_o2lNcu0CUJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 07:17:41 GMT
expires: Sun, 10 Nov 2024 07:17:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ 0
523 B 1358ms
617ms Ping
image/gif 2404:6800:4008:c15::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m3b9ieuf&ctx=0&met.9=1.y1~2.11m&met.3=112.28n_2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c15::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.bollyfun.in/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 07:17:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a.bollyfun.in
URL: blob:https://a.bollyfun.in/f2a08f0d-fa01-4932-9e2d-10108ea2dcd4

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410310101&jk=29735042235745&bg=!l5SllNvNAAYQZ9WPMGc7ADQBe5WfOIYy9vwknYeAtVk_I89xxfkgZN2OYW9D8nY78CF-XRJwQDeqK3zDIoP8xEutA-haAgAAAJtSAAAAB2gBB34ANtXqk-40qruYzo6MdVM1rwriPOYs9Ns6nFiEDid2nOmKhRK3a0lg8l2Jk79O_kJ-SywEzgDGewoAPX6mpHQykEnHmDU7RO_41QzieJ0FMD0GHSWPU-DtTjmLq9dsESHWS5R7InJaDe-KPCMugzVspKmTjEk6shyZApC9-kRMP3lk2es12FGddUAkrydqYmr0DgI6I6knS_0CWRNzEeW4FTH-wo5pIYzt1Yi37pS6IWwU627a6Mp4FuRANL0PpcmijwIkRtTOmHKYvTftWy_12Oh5a0HUY0d-HBLucg1VJ5hm44C1CeNSEK7McBb2hLF4MC3XL4mtx6VkD_mLpou1gNHKNQbu2gkfqjDS8tyLvlpwoBFfJKBPGMDR6G_gX8esIVcz9-7WZNuOh81veFKlwTML8pxZnTi_W_CYewDe_QcOse1K-UFuB6Qxp4n3S5SBz7PTS6NLyqu7x4LjTzOBFf7ZI8SuzteNEpBWPvW2izAy09wSAP83Gp89Oo6UCO5aLD7yva65I0gme-wUDTPgj79t-L6brqxbv5EUTC0x_UTJb09n9WL9OrhPTQlYWpZoormUJBNrjdAfRzCvJUwNqkAVJUaksz6twkQEJlX0U8jCbi-wde94u_3J8AsSKqb7uuDWjOLOaDO_16YAW7xdAUNXdc_RjuKLpIKhcPezjE9PVFJqvdSxuWUfRnJXPnedDPmKgznOXkDPTTOgaZTlfIfsHJjEH27u88MSi8gJfgKCaOkVT5U5VWcMv3LvIyBOSPlBpZijLxEv4vbdoE1QxiJDWufx5TujFNGb86IHz6ur16r2mDg-EXGjuSViPmJjF9naJQGyl_dhDH1RBRmF3e_pgoZyAzUZcDEdZrgWo1drLIdUIMkh88dm6_rUC-4MjnlsBuafNVrws6EHsFwg8-iw-CANoVEuNSxmYICnNpyImmMw7XIXUl3OeSrpm02uKwBMtssPEp3kq2pXzKI2r2KiJUrIHfP4JLhjh9WAwF-yaPiharxJmzaVwGmd-Z-n9Ws3783jRQ_3sQ

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bollyfun.in/	1970-01-21 10:29:43	Name: _ga_C1QD9CHMMW Value: GS1.1.1731223059.1.0.1731223059.0.0.0
.bollyfun.in/	1970-01-21 10:29:43	Name: _ga Value: GA1.1.423402877.1731223059
.doubleclick.net/	1970-01-21 10:29:43	Name: IDE Value: AHWqTUlZWuUOZxjM14BzHFA0ztBS_kZifoDlYXWgE3adigyZd_3EqsBZFX0zpx9INbU
.doubleclick.net/	1970-01-21 00:53:43	Name: test_cookie Value: CheckForPermission
.bollyfun.in/	1970-01-21 10:15:19	Name: __gads Value: ID=098aa7749ca212d7:T=1731223059:RT=1731223059:S=ALNI_MYOZ3_DZ1KQzea9VNHyZIDfO-vIaA
.bollyfun.in/	1970-01-21 10:15:19	Name: __gpi Value: UID=00000f8a1701a020:T=1731223059:RT=1731223059:S=ALNI_MaFp_EmsfH5cpOzUciacVgbEzfxVg
.bollyfun.in/	1970-01-21 05:12:55	Name: __eoi Value: ID=9372e54887607cba:T=1731223059:RT=1731223059:S=AA-AfjZhixgwIoMT1BF7zNZwsKZH
.bollyfun.in/	1970-01-21 09:39:19	Name: FCNEC Value: %5B%5B%22AKsRol-5Q0k0IUsR8ABBnNXMeCi_Pm20IHk4mGAm9Ugg9Z9C4VDYNPVA6RZ6nKrT4A1SaxAHq3KNOO3hae5Dx5W2b_SOtFLRKJYk4M83Z7NiC-ftXM-b0dzn0mXafoeDKPegIwRGGSQsrisc-11LTNZ7ITCFFx_xbg%3D%3D%22%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a.bollyfun.in/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

526e77eed9a7ca65975309b14d9dca9d.safeframe.googlesyndication.com
a.bollyfun.in
api.ipify.org
api.publytics.net
csi.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
sorbet.adxguard.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
a.bollyfun.in
pagead2.googlesyndication.com
104.26.13.205
2404:6800:4008:c15::5e
2606:4700:3033::6815:4010
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:827::2004
2a06:98c1:3121::3
77.235.50.164
09098c6eba296a7ec75950e3fe4a36f8288bf156ec156c30b0ff3c6eb60743c2
183547ec92c9aacb23e49377440275f18d7fecdf72ff8fccedcfd37fafa83e5c
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
1c00cd86ec2fb518f61d5d6659203f0f6e76c76310be302d3bcfb7ca257114ca
3a7377d8603360bc371dbfb1384328c45a8c7050bbf00eb968f00fd874795160
3e468410667fcb9067ac80b4a57b8f0c5e4fd25f73f5ff690ce8a0d6cab05fd3
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
544a11be582975b7b59b38ca6a5d8e4171ebc3b30948f15dae1f39f3661dbde7
59ce79238c8a8db659ae5d2c4db851286054914f79dd7c7532a959fa04ccebfa
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0fedc672011baa66ea424359b336dcb8e8fed41ac2f2d546dc24b95c472378
8cbf27bd18beb18283078ed6c0af3fe9aec48ab1dd2a600111e946c92b1e349d
a12b025f59c31c1cd025e0d838aa0c784afbcb9e15dcf7a38dda0eaf6d3cca6e
a18aabe3e89cd4b8cf45bf57fea4d68aeabe4c56e90b3f4d76a32161515d4d7f
bcaf052c59393d812fea8c5a7f6b048e03346fd7d74a9ca28996d8ee0c247ed2
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
ce135ca168cbbd16777516eb04e20e413ae6b2d174ef6abe50a6121182f50fa5
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e0bed396bfcaad3d5bdb66c6dc5db59d329a80e85753b541fdaeebafae92f434
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ffb1131072d85446d1a6af6e8361d495ecf5c8cc7c8bf018d9b8217e0282ff
e944876c5fd13cc8ed0441c1a8bac2657147995d36634ce300b5ada152cbf52d
f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175
fa1f18382b8bf40874edf89cf3311b80340755704bf1eef196510e244f19d915
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fc144f0a293202306410cad256f3a00e4fe1d1b2e43a63ac997ff14e8a74702b
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

a.bollyfun.in Open in urlscan Pro 2606:4700:3033::6815:4010 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

85 %IPv6

10 Domains

13 Subdomains

14 IPs

5 Countries

582 kBTransfer

1794 kBSize

8 Cookies

2 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

a.bollyfun.in Open in urlscan Pro
2606:4700:3033::6815:4010 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

14
IPs

5
Countries

582 kB
Transfer

1794 kB
Size

8
Cookies

43 HTTP transactions
0 data transactions