betwinexchange.in Open in urlscan Pro
103.180.121.180 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://betwinexchange.in/
Submission: On October 31 via api (October 31st 2023, 4:48:14 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 16 domains to perform 66 HTTP transactions. The main IP is 103.180.121.180, located in India and belongs to QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN. The main domain is betwinexchange.in.
TLS certificate: Issued by R3 on October 31st 2023. Valid for: 3 months.

This is the only time betwinexchange.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	103.180.121.180 103.180.121.180	141004 (QTIME-AS-...) (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
2 6	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
4	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::67	15169 (GOOGLE) (GOOGLE)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	50.31.142.223 50.31.142.223	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2600:1f18:445... 2600:1f18:445b:902:acc4:20b9:a7fe:faa	14618 (AMAZON-AES) (AMAZON-AES)
66	12

13 103.180.121.180 (India)

ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN)
PTR: vps.bsgtechnologies.com

betwinexchange.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.viralscripts.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c1b::9b (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.223 (Hickory Hills, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:902:acc4:20b9:a7fe:faa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	344 KB
13	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	88 KB
12	viralscripts.co.in www.viralscripts.co.in	402 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	128 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 728	987 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	119 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1737	297 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1324	775 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9432	337 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	761 B
1	betwinexchange.in betwinexchange.in	567 B
66	16

	Domain	Requested by
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	www.viralscripts.co.in	betwinexchange.in www.viralscripts.co.in
9	pagead2.googlesyndication.com	www.viralscripts.co.in pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.googleadservices.com	www.viralscripts.co.in
3	fonts.googleapis.com	www.viralscripts.co.in googleads.g.doubleclick.net
2	b1sync.zemanta.com	2 redirects
2	x.bidswitch.net	2 redirects
2	id.rlcdn.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	um.simpli.fi	1 redirects
1	betwinexchange.in
66	19

This site contains links to these domains. Also see Links.

Domain
bsgtechnologies.com

Subject Issuer	Validity	Valid
betwinexchange.in R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
viralscripts.co.in R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://betwinexchange.in/
Frame ID: 074BE570B996612CFEE0D54E6BF42D01
Requests: 1 HTTP requests in this frame

Frame: https://www.viralscripts.co.in/
Frame ID: 78A218C4E1663920991B97A10BA377D6
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 13622165A11DBB36E0BD142C4C3EE7BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbetwinexchange.in%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770891521&bpp=24&bdt=270&idt=229&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&nras=1&correlator=7467008326442&frm=24&ife=1&pv=2&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.o5oi1qadwzz0&fsb=1&dtd=265
Frame ID: 78A41B8335018E96B53155A14A4F9DCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&adk=4070374814&adf=3669626592&pi=t.aa~a.1922476289~rp.1&w=1200&fwrn=16&fwrnh=100&lmt=1698806891&rafmt=1&to=qs&pwprc=9269039738&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770891545&bpp=2&bdt=295&idt=248&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.8rygr81ahipo&fsb=1&xpc=CKanBZnrut&p=https%3A//www.viralscripts.co.in&dtd=251
Frame ID: DD0A809565CB2C66CE9C7011F64BDB27
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&slotname=4109065276&adk=1453106453&adf=2373185777&pi=t.ma~as.4109065276&w=1200&fwrn=16&fwrnh=100&lmt=1698806892&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770892182&bpp=1&bdt=932&idt=1&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.s4km5vhclfpl&fsb=1&xpc=SU6JkMFlcz&p=https%3A//www.viralscripts.co.in&dtd=5
Frame ID: 0FEB3557EAD8FB47E8641A05419C2B4C
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js
Frame ID: 30B9A893CE9DC9AC36844DDF3F449E24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD73A7B2DF00950EBCAB20B6BC001888
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js
Frame ID: ABBEEA396D3B703C1EB11ADE0AD7F129
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D400C5F151A491307C9441DE3DACB5B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 845D6CF59BCB98F2E4DA3EBA9B7F91D1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Betwin Exchange

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

88 %
HTTPS

47 %
IPv6

16
Domains

19
Subdomains

12
IPs

3
Countries

1086 kB
Transfer

2407 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bsgtechnologies.com/
Title: Website Designed & Developed By : BSG Technologies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://googleads.g.doubleclick.net/pagead/adview?ai=CtJuvyy9BZbOCM4jS0_wPqJKxmAibsuP3c4GEy6aREpCejtePDhABIIX4y4cBYMnujovApIwQoAHh8o3ZKcgBCagDAcgDywSqBOkBT9CACtl-hUW_wz1GgSy_5BgUjdquhm-l7kRzdrdaiaK4MSP7rzAzL3yfWlvnmHU6hVx6wqpvPZWGj6TJLPsFjYEFv4g1j4iVfwQjg87i1NXljvAJgHRI7h-GRgoxprJcj0TZMYRd2CbxA0KiCnrC2UpXXxkm_oR0zxlJWB_ApoisUdjH18GpCsOXZ0Ggq7vo-xDzrD8OSrp0WZ97qlMFufiHeJdVgBaNEmIKA3gJhTY_GdPn0_hnBsqGNxeoSut0F06OVEqnujFe3dVDzPL3MKxLO6IBWtksWrH1cNGx1c3Dq8rNd_VyPGbABNibnqDDBIgF-6PhjU2SBQQIBBgBkgUECAUYBKAGLoAH4areuASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD3sgrSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJowNodHRwczovL3d3dy50YXN0ZXllYXRzLmNvbS9uZXdzL2dldC12aXJ0dWFsLXBob25lLW51bWJlci1pbnN0YW50bHk_dXRtX2NvbnRlbnQ9cGFyYW1zOm89MTY3MzczNCZhbj1nZG4mYWc9ZncyOSZhZD1TMkMrLStFeHRlcm5hbCZha2lkPTIwNjk4Mzg2OTM5XzE1NTQ5MTczMjk1Ml82NzgyODU5ODYxMTAmdXRtX3NvdXJjZT1ncnMyLWV4cGFuZGVkLXY1JnRlcm1zPWJlc3QrdmlydHVhbCtwaG9uZStudW1iZXIrY29tcGFueSxjaGVhcCt2aXJ0dWFsK3Bob25lK251bWJlcitmb3IrYnVzaW5lc3MsZGlnaXRhbCtwaG9uZStudW1iZXIrZm9yK2J1c2luZXNzLHZpcnR1YWwrcGhvbmUrbGluZStmb3IrYnVzaW5lc3MsYnVzaW5lc3MrcGhvbmUrbnVtYmVyK29ubGluZSxiZXN0K3ZpcnR1YWwrcGhvbmUrbnVtYmVyK2ZvcitzbWFsbCtidXNpbmVzc4AKAcgLAaIMDCoKCgjktLEC7rWxAtoMEAoKEOD3vMT7r8i-ERICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItNDI0MjAyNDUxNTcyNjc3ORgA&sigh=OVtEErrATh4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaN_wdYsQK6QIMo3i2GrNdDpJnANABqmmtZ52y53KzDTTN1J2o0hbxRygLiL4uKppFq_u55ra0nFTtZIgp_LB-oz25gSH-abmAYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaf83d2e80d702c520000000000000000%22,%222%22:%220x96f70b8218b5113e0000000000000000%22,%223%22:%220x728f4b4f728ee4c90000000000000000%22,%224%22:%220x6a6fd92cfc425af0000000000000000%22,%225%22:%220x6be7c062387e5f6d0000000000000000%22},%22debug_key%22:%229093848915601633153%22,%22debug_reporting%22:true,%22destination%22:%22https://tasteyeats.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211192727905%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227389869755410544593%22}&andc=true

Request Chain 47

https://um.simpli.fi/gp_match?google_gid=CAESEAov-TpSrg9BKM769NLZ4cg&google_cver=1&google_push=AXcoOmQ2RmQWmP0oxV2HSPntyfC7NPMm6cE41oGvrptEh_RcIEjcE3EIxWejkNQ-ogLIgFz5P7SDx9yTf81kqB4CP-sLU6XnqLiRFtJjOKNaiQ1u_zZ7dbpks0zp5i-i-Fijls_P2o3cf8_0K_DWAZLFUI6JiZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F5EA5B6DF84F84B5269A72C96FA63C&google_push=AXcoOmQ2RmQWmP0oxV2HSPntyfC7NPMm6cE41oGvrptEh_RcIEjcE3EIxWejkNQ-ogLIgFz5P7SDx9yTf81kqB4CP-sLU6XnqLiRFtJjOKNaiQ1u_zZ7dbpks0zp5i-i-Fijls_P2o3cf8_0K_DWAZLFUI6JiZU

Request Chain 48

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQAjnG-XUCuWiIfNmO14Lho32DVo-bkHUXEpzBfyBNR9gKbFW9HLAKqkPdxTUHkTOx4TBK72x71y35uhFPncxo7zMqnztN0H8Lfl_aXtbSR3Xl4uq-KGHRR5W3j3q0wBxpqodvZ0_d7-EYumJhFXbSsq1k&google_gid=CAESELFHmPrs0JvzHNtCFvcy9Dk&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCM3fhKoGEgUI6AcQAEIASqsBZ29vZ2xlX3B1c2g9QVhjb09tUUFqbkctWFVDdVdpSWZObU8xNExobzMyRFZvLWJrSFVYRXB6QmZ5Qk5SOWdLYkZXOUhMQUtxa1BkeFRVSGtUT3g0VEJLNzJ4NzF5MzV1aEZQbmN4bzd6TXFuenROMEg4TGZsX2FYdGJTUjNYbDR1cS1LR0hSUjVXM2ozcTB3QnhwcW9kdlowX2Q3LUVZdW1KaEZYYlNzcTFr HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYkhxX1hBV3dnWU1pRW9IQmVvdGM5Q1ZSTGZpRTcyOTlnLWZWQml6emNDVQ==&google_push

Request Chain 49

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK3KkjCR379fvdyKS8fHeM&google_cver=1&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQHQ8aLfkKJtZtzSq_jMJvlI84COzX8VkIN65FKdDUt60NzPeqt-xK49dmXHVExRhOqpYs HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEK3KkjCR379fvdyKS8fHeM&google_cver=1&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQHQ8aLfkKJtZtzSq_jMJvlI84COzX8VkIN65FKdDUt60NzPeqt-xK49dmXHVExRhOqpYs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQHQ8aLfkKJtZtzSq_jMJvlI84COzX8VkIN65FKdDUt60NzPeqt-xK49dmXHVExRhOqpYs&google_hm=xxxiADRaTkeCTl1Semcocg==

Request Chain 50

https://s.uuidksinc.net/match/47/?remote_uid=CAESEMtLxs3AW-nKhLOKNi4oG3E&c_param1=AXcoOmRgVxVA9zDc_U9Mi2ubFKvd9lohQV-VJkt5PLGe3_hkMxvHkqeeUf9nZxeKVcn5ZvVYxxjHEvmbyl7gwBPdcW3v5KGug4V9DNFXD6eAkUbVKOGd4S1sWEqmu8yMy_jBxs3tmp-oCo8apLbSSO2qJvtNZw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRgVxVA9zDc_U9Mi2ubFKvd9lohQV-VJkt5PLGe3_hkMxvHkqeeUf9nZxeKVcn5ZvVYxxjHEvmbyl7gwBPdcW3v5KGug4V9DNFXD6eAkUbVKOGd4S1sWEqmu8yMy_jBxs3tmp-oCo8apLbSSO2qJvtNZw

Request Chain 51

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEJqP85qcpvbJuaNmN5-RtHE&google_cver=1&google_push=AXcoOmQcC_2oeSZU7-i3Z45aafBrD5Yrfa_Q_Yv2nPo6imGPB2RtkuwY1waygC4er7xVC9BH9W4WhmXlYejrM60MigtY023dwxOjkBzqLQXhBOvcGInckpzEMDPBn-K-yT5suocGjeIhluEp5yDIpIL4Ux0o_Bo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AXcoOmQcC_2oeSZU7-i3Z45aafBrD5Yrfa_Q_Yv2nPo6imGPB2RtkuwY1waygC4er7xVC9BH9W4WhmXlYejrM60MigtY023dwxOjkBzqLQXhBOvcGInckpzEMDPBn-K-yT5suocGjeIhluEp5yDIpIL4Ux0o_Bo&google_hm=MTA1OTY1NDc3MTc3MzAyNjQ4NzE

Request Chain 52

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBLxftHJG20kNvN0-wUzi7c&google_cver=1&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH2Ub90uIx2YchWWiMIsHTKSEHXsRLX-efUHX_K1phe7KObDxZWljDgyd8KdwLZGxn5oGgwDRfKo HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBLxftHJG20kNvN0-wUzi7c&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH2Ub90uIx2YchWWiMIsHTKSEHXsRLX-efUHX_K1phe7KObDxZWljDgyd8KdwLZGxn5oGgwDRfKo&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH2Ub90uIx2YchWWiMIsHTKSEHXsRLX-efUHX_K1phe7KObDxZWljDgyd8KdwLZGxn5oGgwDRfKo&google_hm=ck92dFhuTnFkYjh5cHdHWjk2RVA=

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=CVZG4zC9BZfv-DZfRzLUP_KC12AmM-7T1c7e3wOuUEpeWjN_aDxABIIX4y4cBYMnujovApIwQoAHB_MLgKMgBCakCX7QcuRnjsT6oAwHIA8sEqgTaAU_QTBcGzt9WCEIOal-JJ4uYVsEYc8uChoiRjFxPvzTilV_Yu_NQgiwJkmAnHz5U7pL4I7fsT6m_Qn_VNqXqNEyQOZqDiBK7bLc3D8j7jtNVoT771htbs8OQX_G-_u5lYjHd9gT-l5s7IcdTCIYcRLpH_X7LXZok2Xe5pDyiTNt0nUg2dq35L85RKgtiN1UQUbm8ftcEUG2kysDXH3dJhq3djCS6d-9Jji_uABYe-uyAVxGHdG65RTWzjNfJL-8OiNU1HAAM3Z2SOXf8hRY-rHq8je51JuiZ5X03wASY6eH5wQSIBYn0mYFNkgUECAQYAZIFBAgFGASgBi6AB8G0k8ADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQk_Mz0ggUCIBhEAEYHzICigI6AoBASL39wTqaCRtodHRwczovL3RlbXBvc2VhcmNoLmNvbS9kc3KACgHICwGiDAwqCgoI5LSxAu61sQLaDBAKChCAsavYso3k6Q8SAgEDuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi00MjQyMDI0NTE1NzI2Nzc5GAA&sigh=yN15lvO369Y&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNVx2nbY51miZrsEdw1XDFUkQQKM-2st4jT7o3QCcDh_EebGHpZquYD2tB4zRaZNdRmJijkXIk0xgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9da9bd304590f1f40000000000000000%22,%222%22:%220xee9c2d08619e613b0000000000000000%22,%223%22:%220x4f6ba58e3b5e867a0000000000000000%22,%224%22:%220xa1dc708dca96ceca0000000000000000%22,%225%22:%220xc05b202507bf60180000000000000000%22},%22debug_key%22:%229834815066041621794%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210939842113%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215652908643262673985%22}&andc=true

66 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
betwinexchange.in/ 496 B
567 B 2014ms
313ms Document
text/html 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://betwinexchange.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: b1ab7f64cbc5c8e75a8203de04193743cb0ffea0fec38992b064727eedd6c4ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 331
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Oct 2023 16:48:09 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
www.viralscripts.co.in/ Frame 78A2 42 KB
5 KB 1563ms
361ms Document
text/html 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/
Requested by: Host: betwinexchange.in
URL: https://betwinexchange.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: ccc0f80f4db5570b2ba2d0c88be903bf05950f6c78e30be5fc661a5b62cfbe15

Request headers

Referer: https://betwinexchange.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5315
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Oct 2023 16:48:11 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK bootstrap.min.css
www.viralscripts.co.in/plugins/bootstrap/ Frame 78A2 156 KB
23 KB 253ms
252ms Stylesheet
text/css 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/plugins/bootstrap/bootstrap.min.css
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: a98de7f79af22bd534296f9a1779bc76876282d7e55b6e65975b9946b31f5f5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 05:15:11 GMT
Server: Apache
ETag: "26eed-6068ca01b3457-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 23647

GET
H2 200 css
fonts.googleapis.com/ Frame 78A2 5 KB
1 KB 135ms
48ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600%7cOpen+Sans&display=swap

Requested by

Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f472975e0cef45d4f5f5205f4f2942de92963232f9f2b71aeae5f36e040e3897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 16:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 16:48:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 16:48:11 GMT

GET
H/1.1 200
OK themify-icons.css
www.viralscripts.co.in/plugins/themify-icons/ Frame 78A2 14 KB
3 KB 685ms
225ms Stylesheet
text/css 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/plugins/themify-icons/themify-icons.css
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: b5424a405171cc62f0b4cee073f45d5478d7d34d24ace40e1fc5561aa3171baf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 05:15:49 GMT
Server: Apache
ETag: "3617-6068ca2564ac3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2820

GET
H/1.1 200
OK slick.css
www.viralscripts.co.in/plugins/slick/ Frame 78A2 2 KB
889 B 694ms
229ms Stylesheet
text/css 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/plugins/slick/slick.css
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 05:15:37 GMT
Server: Apache
ETag: "6f0-6068ca1ad1d40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 569

GET
H/1.1 200
OK style.css
www.viralscripts.co.in/css/ Frame 78A2 15 KB
4 KB 695ms
229ms Stylesheet
text/css 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/css/style.css
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: 1f5d08818a8aea52f3c785b115916ed0763bcd890ac71f8c04d90b2a7837357a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Oct 2023 16:18:20 GMT
Server: Apache
ETag: "3be5-6070e96c231f0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3418

GET
H/1.1 200
OK favicon.png
www.viralscripts.co.in/images/ Frame 78A2 126 KB
126 KB 727ms
239ms Image
image/png 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viralscripts.co.in/images/favicon.png
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: 40a8667ff63ce3e046c4d0838bd52f79c2c791137d07e9490eb91c4d78205838

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:11 GMT
Last-Modified: Sat, 30 Sep 2023 11:41:24 GMT
Server: Apache
ETag: "1f760-60692054fc18e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 128864

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 78A2 148 KB
51 KB 153ms
69ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4242024515726779

Requested by

Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67014f3de091d9ff5a4644a7252901001e15376b23354ebb57d0ad9b2719ed43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viralscripts.co.in/
Origin: https://www.viralscripts.co.in
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51442
x-xss-protection: 0
server: cafe
etag: 4812589936937485992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:48:11 GMT

GET
H/1.1 200
OK logo.png
www.viralscripts.co.in/images/ Frame 78A2 126 KB
126 KB 729ms
240ms Image
image/png 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viralscripts.co.in/images/logo.png
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: 40a8667ff63ce3e046c4d0838bd52f79c2c791137d07e9490eb91c4d78205838

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:11 GMT
Last-Modified: Sat, 30 Sep 2023 11:42:35 GMT
Server: Apache
ETag: "1f760-60692098f2aa6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 128864

GET
H/1.1 200
OK jquery.min.js Show response
www.viralscripts.co.in/plugins/jQuery/ Frame 78A2 87 KB
31 KB 709ms
242ms Script
application/javascript 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/plugins/jQuery/jquery.min.js
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 05:15:13 GMT
Server: Apache
ETag: "15d83-6068ca03678f5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 30908

GET
H/1.1 200
OK bootstrap.min.js Show response
www.viralscripts.co.in/plugins/bootstrap/ Frame 78A2 59 KB
16 KB 233ms
232ms Script
application/javascript 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/plugins/bootstrap/bootstrap.min.js
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: f903427a9287780c5e8b96d8d797c828297ba20751a2f77106145dc68ce65d5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 05:15:11 GMT
Server: Apache
ETag: "ea41-6068ca01aab9e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15890

GET
H/1.1 200
OK slick.min.js Show response
www.viralscripts.co.in/plugins/slick/ Frame 78A2 43 KB
11 KB 227ms
226ms Script
application/javascript 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/plugins/slick/slick.min.js
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: aebc2a2ccc76ff8dc661924eab8a2a87976394379510d9b70b378a3a81d8435c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 05:15:38 GMT
Server: Apache
ETag: "ada2-6068ca1b13bf5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10878

GET
H/1.1 200
OK script.js Show response
www.viralscripts.co.in/js/ Frame 78A2 2 KB
1 KB 231ms
230ms Script
application/javascript 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/js/script.js
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: 06770a8e503776f147287edce913dbf9c96813306d715ec27ffb6b767a268e88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Sep 2023 05:14:40 GMT
Server: Apache
ETag: "9b7-6068c9e43398d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 993

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ Frame 78A2 395 KB
134 KB 144ms
75ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4242024515726779

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60d62d1b3ea61511280cbfe81b17de29464134c54e7c807425eca37605be3079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137184
x-xss-protection: 0
server: cafe
etag: 3620482402017452842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:48:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 1362 10 KB
5 KB 105ms
34ms Document
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4242024515726779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viralscripts.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 5789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 15:11:42 GMT
etag: 4569948109300706969
expires: Tue, 14 Nov 2023 15:11:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78A4 603 B
218 B 109ms
108ms Document
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbetwinexchange.in%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770891521&bpp=24&bdt=270&idt=229&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&nras=1&correlator=7467008326442&frm=24&ife=1&pv=2&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.o5oi1qadwzz0&fsb=1&dtd=265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viralscripts.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 16:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD0A 131 KB
42 KB 413ms
413ms Document
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&adk=4070374814&adf=3669626592&pi=t.aa~a.1922476289~rp.1&w=1200&fwrn=16&fwrnh=100&lmt=1698806891&rafmt=1&to=qs&pwprc=9269039738&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770891545&bpp=2&bdt=295&idt=248&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.8rygr81ahipo&fsb=1&xpc=CKanBZnrut&p=https%3A//www.viralscripts.co.in&dtd=251

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4ad9af2c36bf0315e297b3688b820ed4fe96969778674f6499b5c005970a45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viralscripts.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 16:48:12 GMT
expires: Tue, 31 Oct 2023 16:48:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 78A2 18 KB
18 KB 108ms
40ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600%7cOpen+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.viralscripts.co.in
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 11:07:31 GMT
x-content-type-options: nosniff
age: 193241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Oct 2024 11:07:31 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 78A2 15 KB
15 KB 98ms
32ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600%7cOpen+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.viralscripts.co.in
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:46:10 GMT
x-content-type-options: nosniff
age: 540122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15072
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 10:46:10 GMT

GET
H/1.1 200
OK themify.woff
www.viralscripts.co.in/plugins/themify-icons/fonts/ Frame 78A2 55 KB
55 KB 247ms
239ms Font
application/font-woff 103.180.121.180
QTIME-AS-AP QTIME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viralscripts.co.in/plugins/themify-icons/fonts/themify.woff?-fvbane
Requested by: Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/plugins/themify-icons/themify-icons.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.180.121.180 , India, ASN141004 (QTIME-AS-AP QTIME BUSINESSES PRIVATE LIMITED, IN),
Reverse DNS: vps.bsgtechnologies.com
Software: Apache /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer: https://www.viralscripts.co.in/plugins/themify-icons/themify-icons.css
Origin: https://www.viralscripts.co.in
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:48:12 GMT
Last-Modified: Sat, 30 Sep 2023 05:15:43 GMT
Server: Apache
ETag: "db2c-6068ca1fefaba"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 56108

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0FEB 119 KB
40 KB 730ms
729ms Document
text/html 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&slotname=4109065276&adk=1453106453&adf=2373185777&pi=t.ma~as.4109065276&w=1200&fwrn=16&fwrnh=100&lmt=1698806892&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770892182&bpp=1&bdt=932&idt=1&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.s4km5vhclfpl&fsb=1&xpc=SU6JkMFlcz&p=https%3A//www.viralscripts.co.in&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fb5779f449ef5ba3b89cf2bc2150e26ad3cf30b7fee261dabf60916b7bca6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viralscripts.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41006
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 16:48:12 GMT
expires: Tue, 31 Oct 2023 16:48:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DD0A 14 KB
1 KB 52ms
51ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&adk=4070374814&adf=3669626592&pi=t.aa~a.1922476289~rp.1&w=1200&fwrn=16&fwrnh=100&lmt=1698806891&rafmt=1&to=qs&pwprc=9269039738&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770891545&bpp=2&bdt=295&idt=248&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.8rygr81ahipo&fsb=1&xpc=CKanBZnrut&p=https%3A//www.viralscripts.co.in&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 16:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 15:13:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 16:48:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame DD0A 2 KB
908 B 130ms
63ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:49:34 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6817292929315890247/ Frame DD0A 16 KB
17 KB 128ms
64ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6817292929315890247/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dbd2b222baa9cf972a7d7695baa0e2e7b008258d02d2334801bec7422e47736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16858
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 17:38:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 16:48:12 GMT

GET
DATA 200
OK truncated
/ Frame DD0A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DD0A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame DD0A 23 KB
9 KB 87ms
37ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:15:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame DD0A 3 KB
1 KB 92ms
42ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:18:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame DD0A 20 KB
9 KB 83ms
33ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:35:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD0A 188 KB
60 KB 101ms
35ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:48:12 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame DD0A 36 KB
15 KB 98ms
32ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 16:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 16:58:35 GMT

GET
DATA 200
OK truncated
/ Frame DD0A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ed0f5a81ebc9d2eb05c4d61ae87e1906786547b4e0cfcd3898c4d51f31b38a7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DD0A 33 KB
33 KB 32ms
31ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 05:30:38 GMT
x-content-type-options: nosniff
age: 40654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 05:30:38 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DD0A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtJuvyy9BZbOCM4jS0_wPqJKxmAibsuP3c4GEy6aREpCejtePDhABIIX4y4cBYMnujovApIwQoAHh8o3ZKcgBCagDAcgDywSqBOkBT9CACtl-hUW_wz1GgSy_5BgUjdquhm-l7kRzdrdaiaK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaf83d2e80d702c520000000000000000%22,%222%22:%220x96f70b8218b5113e0000000000000000%22,%223%22:%220x728f4b...

0
0

109ms
45ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xaf83d2e80d702c520000000000000000%22,%222%22:%220x96f70b8218b5113e0000000000000000%22,%223%22:%220x728f4b4f728ee4c90000000000000000%22,%224%22:%220x6a6fd92cfc425af0000000000000000%22,%225%22:%220x6be7c062387e5f6d0000000000000000%22},%22debug_key%22:%229093848915601633153%22,%22debug_reporting%22:true,%22destination%22:%22https://tasteyeats.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211192727905%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227389869755410544593%22}&andc=true

Requested by

Host: www.viralscripts.co.in
URL: https://www.viralscripts.co.in/

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xaf83d2e80d702c520000000000000000","2":"0x96f70b8218b5113e0000000000000000","3":"0x728f4b4f728ee4c90000000000000000","4":"0x6a6fd92cfc425af0000000000000000","5":"0x6be7c062387e5f6d0000000000000000"},"debug_key":"9093848915601633153","debug_reporting":true,"destination":"https://tasteyeats.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11192727905"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"7389869755410544593"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 16:48:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 16:48:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xaf83d2e80d702c520000000000000000","2":"0x96f70b8218b5113e0000000000000000","3":"0x728f4b4f728ee4c90000000000000000","4":"0x6a6fd92cfc425af0000000000000000","5":"0x6be7c062387e5f6d0000000000000000"},"debug_key":"9093848915601633153","debug_reporting":true,"destination":"https://tasteyeats.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11192727905"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"7389869755410544593"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js Show response
pagead2.googlesyndication.com/bg/ Frame 30B9 38 KB
15 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 297163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15015
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Oct 2024 06:15:29 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 114ms
46ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 16:48:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0FEB 4 KB
655 B 73ms
72ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&slotname=4109065276&adk=1453106453&adf=2373185777&pi=t.ma~as.4109065276&w=1200&fwrn=16&fwrnh=100&lmt=1698806892&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770892182&bpp=1&bdt=932&idt=1&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.s4km5vhclfpl&fsb=1&xpc=SU6JkMFlcz&p=https%3A//www.viralscripts.co.in&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 16:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 16:15:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 16:48:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 0FEB 2 KB
859 B 33ms
32ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:49:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 0FEB 23 KB
9 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:15:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 0FEB 3 KB
1 KB 49ms
48ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37777
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:18:35 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD73 1 KB
643 B 35ms
34ms Document
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 06:49:30 GMT
etag: 48472445140208031
expires: Wed, 01 Nov 2023 06:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 0FEB 20 KB
8 KB 48ms
48ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 06:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 06:35:33 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0FEB 0
0 120ms
44ms Image
text/html 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_zS_RMhW0PfsKwX6dxm4E2s-YvFheQgh6rIKhbld85kCIjpPcbTKrdIjL9V0OWRq3rOLokPfKhVZa2iW1ZPj2xpw9mg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&slotname=4109065276&adk=1453106453&adf=2373185777&pi=t.ma~as.4109065276&w=1200&fwrn=16&fwrnh=100&lmt=1698806892&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770892182&bpp=1&bdt=932&idt=1&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.s4km5vhclfpl&fsb=1&xpc=SU6JkMFlcz&p=https%3A//www.viralscripts.co.in&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FEB 188 KB
59 KB 52ms
51ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:48:12 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 0FEB 36 KB
15 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 16:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 16:58:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11083806412385181244/ Frame 0FEB 30 KB
30 KB 53ms
53ms Image
image/jpeg 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11083806412385181244/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31031
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 05:14:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 16:48:12 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18012794321068723114/ Frame 0FEB 5 KB
5 KB 39ms
38ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18012794321068723114/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 05:06:19 GMT
x-content-type-options: nosniff
age: 42113
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4885
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 12:01:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 05:06:19 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD73
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAov-TpSrg9BKM769NLZ4cg&google_cver=1&google_push=AXcoOmQ2RmQWmP0oxV2HSPntyfC7NPMm6cE41oGvrptEh_RcIEjcE3EIxWejkNQ-ogLIgFz5P7SDx9yTf81kqB4CP-sLU6XnqLiRFt...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F5EA5B6DF84F84B5269A72C96FA63C&google_push=AXcoOmQ2RmQWmP0oxV2HSPntyfC7NPMm6cE41oGvrptEh_RcIEjcE3EIxWejkNQ-ogLIgFz5P7SDx9yTf81kqB4...

170 B
329 B

45ms
45ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F5EA5B6DF84F84B5269A72C96FA63C&google_push=AXcoOmQ2RmQWmP0oxV2HSPntyfC7NPMm6cE41oGvrptEh_RcIEjcE3EIxWejkNQ-ogLIgFz5P7SDx9yTf81kqB4CP-sLU6XnqLiRFtJjOKNaiQ1u_zZ7dbpks0zp5i-i-Fijls_P2o3cf8_0K_DWAZLFUI6JiZU

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 16:48:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F5EA5B6DF84F84B5269A72C96FA63C&google_push=AXcoOmQ2RmQWmP0oxV2HSPntyfC7NPMm6cE41oGvrptEh_RcIEjcE3EIxWejkNQ-ogLIgFz5P7SDx9yTf81kqB4CP-sLU6XnqLiRFtJjOKNaiQ1u_zZ7dbpks0zp5i-i-Fijls_P2o3cf8_0K_DWAZLFUI6JiZU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 30 Oct 2023 16:48:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD73
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQAjnG-XUCuWiIfNmO14Lho32DVo-bkHUXEpzBfyBNR9gKbFW9HLAKqkPdxTUHkTOx4TBK72x71y35uhFPncxo7zMqnztN0H8Lfl_aXtbSR3Xl4uq-KGHRR5W3j3q0wBxpqodvZ0_d...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCM3fhKoGEgUI6AcQAEIASqsBZ29vZ2xlX3B1c2g9QVhjb09tUUFqbkctWFVDdVdpSWZObU8xNExobzMyRFZvLWJrSFVYRXB6QmZ5Qk5SOWdLYkZXOUhMQUtxa1BkeFRVSGtUT3g0VEJLNzJ4NzF5MzV1aE...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYkhxX1hBV3dnWU1pRW9IQmVvdGM5Q1ZSTGZpRTcyOTlnLWZWQml6emNDVQ==&google_push

170 B
188 B

42ms
42ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYkhxX1hBV3dnWU1pRW9IQmVvdGM5Q1ZSTGZpRTcyOTlnLWZWQml6emNDVQ==&google_push

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 16:48:13 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYkhxX1hBV3dnWU1pRW9IQmVvdGM5Q1ZSTGZpRTcyOTlnLWZWQml6emNDVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD73
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK3KkjCR379fvdyKS8fHeM&google_cver=1&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQH...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEK3KkjCR379fvdyKS8fHeM&google_cver=1&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcC...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQHQ8aLfkKJtZtzSq_jMJvlI84COzX8VkIN65FKdDUt60...

170 B
188 B

42ms
42ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQHQ8aLfkKJtZtzSq_jMJvlI84COzX8VkIN65FKdDUt60NzPeqt-xK49dmXHVExRhOqpYs&google_hm=xxxiADRaTkeCTl1Semcocg==

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQHQ8aLfkKJtZtzSq_jMJvlI84COzX8VkIN65FKdDUt60NzPeqt-xK49dmXHVExRhOqpYs&google_hm=xxxiADRaTkeCTl1Semcocg==
Date: Tue, 31 Oct 2023 16:48:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD73
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEMtLxs3AW-nKhLOKNi4oG3E&c_param1=AXcoOmRgVxVA9zDc_U9Mi2ubFKvd9lohQV-VJkt5PLGe3_hkMxvHkqeeUf9nZxeKVcn5ZvVYxxjHEvmbyl7gwBPdcW3v5KGug4V9DNFXD6eAkUbVKOG...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRgVxVA9zDc_U9Mi2ubFKvd9lohQV-VJkt5PLGe3_hkMxvHkqeeUf9nZxeKVcn5ZvVYxxjHEvmbyl7gwBPdcW3v5KGug4V9DNFXD6eAkUbVKOGd4S1sWEqmu8yMy_jBx...

170 B
188 B

43ms
43ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRgVxVA9zDc_U9Mi2ubFKvd9lohQV-VJkt5PLGe3_hkMxvHkqeeUf9nZxeKVcn5ZvVYxxjHEvmbyl7gwBPdcW3v5KGug4V9DNFXD6eAkUbVKOGd4S1sWEqmu8yMy_jBxs3tmp-oCo8apLbSSO2qJvtNZw

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRgVxVA9zDc_U9Mi2ubFKvd9lohQV-VJkt5PLGe3_hkMxvHkqeeUf9nZxeKVcn5ZvVYxxjHEvmbyl7gwBPdcW3v5KGug4V9DNFXD6eAkUbVKOGd4S1sWEqmu8yMy_jBxs3tmp-oCo8apLbSSO2qJvtNZw
date: Tue, 31 Oct 2023 16:48:13 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD73
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEJqP85qcpvbJuaNmN5-RtHE&google_cver=1&google_push=AXcoOmQcC_2oeSZU7-i3Z45aafBrD5Yrfa_Q_Yv2nPo6imGPB2RtkuwY1waygC4er7xVC9BH9W4WhmXlY...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AXcoOmQcC_2oeSZU7-i3Z45aafBrD5Yrfa_Q_Yv2nPo6imGPB2RtkuwY1waygC4er7xVC9BH9W4WhmXlYejrM60MigtY023dwxOjkBzqLQXhBOvcGInckpzEMDPBn...

170 B
232 B

45ms
44ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AXcoOmQcC_2oeSZU7-i3Z45aafBrD5Yrfa_Q_Yv2nPo6imGPB2RtkuwY1waygC4er7xVC9BH9W4WhmXlYejrM60MigtY023dwxOjkBzqLQXhBOvcGInckpzEMDPBn-K-yT5suocGjeIhluEp5yDIpIL4Ux0o_Bo&google_hm=MTA1OTY1NDc3MTc3MzAyNjQ4NzE

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AXcoOmQcC_2oeSZU7-i3Z45aafBrD5Yrfa_Q_Yv2nPo6imGPB2RtkuwY1waygC4er7xVC9BH9W4WhmXlYejrM60MigtY023dwxOjkBzqLQXhBOvcGInckpzEMDPBn-K-yT5suocGjeIhluEp5yDIpIL4Ux0o_Bo&google_hm=MTA1OTY1NDc3MTc3MzAyNjQ4NzE
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD73
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBLxftHJG20kNvN0-wUzi7c&google_cver=1&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBLxftHJG20kNvN0-wUzi7c&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH2Ub90uIx2YchWWiMIsHTKSEHXsRLX-efUHX_K1phe7KObD...

170 B
188 B

42ms
42ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH2Ub90uIx2YchWWiMIsHTKSEHXsRLX-efUHX_K1phe7KObDxZWljDgyd8KdwLZGxn5oGgwDRfKo&google_hm=ck92dFhuTnFkYjh5cHdHWjk2RVA=

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 16:48:13 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSe0COzv_IUaMePFv2PqsiWEeIka-mJZFLljjDKvL9lOxfy7ZRQTfcpb69xEIisG1ZPaBqD1-dUYUjGH2Ub90uIx2YchWWiMIsHTKSEHXsRLX-efUHX_K1phe7KObDxZWljDgyd8KdwLZGxn5oGgwDRfKo&google_hm=ck92dFhuTnFkYjh5cHdHWjk2RVA=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 295
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame DD73 43 B
297 B 304ms
32ms Image
image/gif 2600:1f18:445b:902:acc4:20b9:a7fe:faa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKqGhgnmMr4JD7d7WruPUr8&google_cver=1&google_push=AXcoOmQv3nkcNscEyYk7u9KKRB_9mLaPe2nIhC5Th3T8tbtff5K6Az7-cVceYRZS9fBChjR3woIfPt2u183-OwKtdV75QIDY7E7pW5p2xqx9wweSuU3X-7tpPCX2LhqTbQlRq-C3UXt_eoPzLafpvDnSjss9QhE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&h=280&slotname=4109065276&adk=1453106453&adf=2373185777&pi=t.ma~as.4109065276&w=1200&fwrn=16&fwrnh=100&lmt=1698806892&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.viralscripts.co.in%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770892182&bpp=1&bdt=932&idt=1&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&prev_fmts=0x0%2C1200x280&nras=2&correlator=7467008326442&frm=22&ife=1&pv=1&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&top=https%3A%2F%2Fbetwinexchange.in%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.s4km5vhclfpl&fsb=1&xpc=SU6JkMFlcz&p=https%3A//www.viralscripts.co.in&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:902:acc4:20b9:a7fe:faa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 31 Oct 2023 16:48:13 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DD73 0
130 B 109ms
40ms Image
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqmhS4vNwRdOI-Tu62Lxg7HFTIcyEPCmpyh1LCcygvm-V04g9vtC_HamEmfanvkVi7g6kw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0FEB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72413c25ed7cb5131004d085d8fa0420c1c7e4208e5eb38c2f062b046eca9431

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0FEB 16 KB
16 KB 32ms
31ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 11:07:32 GMT
x-content-type-options: nosniff
age: 193241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Oct 2024 11:07:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0FEB 15 KB
15 KB 35ms
35ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 19:51:57 GMT
x-content-type-options: nosniff
age: 593776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 19:51:57 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0FEB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CVZG4zC9BZfv-DZfRzLUP_KC12AmM-7T1c7e3wOuUEpeWjN_aDxABIIX4y4cBYMnujovApIwQoAHB_MLgKMgBCakCX7QcuRnjsT6oAwHIA8sEqgTaAU_QTBcGzt9WCEIOal-JJ4uYVsEYc8u...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9da9bd304590f1f40000000000000000%22,%222%22:%220xee9c2d08619e613b0000000000000000%22,%223%22:%220x4f6ba5...

0
0

46ms
45ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9da9bd304590f1f40000000000000000%22,%222%22:%220xee9c2d08619e613b0000000000000000%22,%223%22:%220x4f6ba58e3b5e867a0000000000000000%22,%224%22:%220xa1dc708dca96ceca0000000000000000%22,%225%22:%220xc05b202507bf60180000000000000000%22},%22debug_key%22:%229834815066041621794%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210939842113%22],%224%22:[%2210-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215652908643262673985%22}&andc=true

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9da9bd304590f1f40000000000000000","2":"0xee9c2d08619e613b0000000000000000","3":"0x4f6ba58e3b5e867a0000000000000000","4":"0xa1dc708dca96ceca0000000000000000","5":"0xc05b202507bf60180000000000000000"},"debug_key":"9834815066041621794","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10939842113"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"15652908643262673985"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Oct 2023 16:48:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 16:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9da9bd304590f1f40000000000000000","2":"0xee9c2d08619e613b0000000000000000","3":"0x4f6ba58e3b5e867a0000000000000000","4":"0xa1dc708dca96ceca0000000000000000","5":"0xc05b202507bf60180000000000000000"},"debug_key":"9834815066041621794","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10939842113"],"4":["10-31"],"6":["true"]},"priority":"500","source_event_id":"15652908643262673985"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 78A2 16 KB
12 KB 54ms
54ms XHR
application/json 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0085a372af8ed64ec1a0716f9719e24144632567e127fccece04d72532fb080d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12165
x-xss-protection: 0

GET
H3 200 9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js Show response
pagead2.googlesyndication.com/bg/ Frame ABBE 38 KB
15 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9qemsZs9kbLqAx5V3XgDphQAvLyKuqTQONNcKdPC_g4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 297164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15015
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Oct 2024 06:15:29 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 48ms
47ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 16:48:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 78A2 17 KB
6 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:48:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D400 13 KB
5 KB 32ms
31ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viralscripts.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 297164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 06:15:29 GMT
expires: Sun, 27 Oct 2024 06:15:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 845D 829 B
1 KB 49ms
47ms Document
text/html 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7821ef3aa4019c30dace8c5baf7198b0030adb00184de12de6a9694d66dbb6e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vjeeUvS9kACD-z0CyIFrjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viralscripts.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vjeeUvS9kACD-z0CyIFrjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 16:48:13 GMT
expires: Tue, 31 Oct 2023 16:48:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame D400 38 KB
15 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 04:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 04:35:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 845D 0
0 46ms
46ms Image
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=3551930090475548&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D400 0
10 B 31ms
30ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GaloAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:48:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 78A2 0
0 48ms
48ms Image
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=3551930090475548&bg=!pqWlperNAAbo5yKYyOc7ADQBe5WfOH98ehLP9eFANi2HuJo_L40OeRDm1YAtCkWM-NeR9-SJd0ijKOOGTnRkbrQjh2XvAgAAAD9SAAAAAmgBBwoAnd-NEIKvZv7eeukqh6_JqPtrIzikShcVh4ywLs4ctU0Fu6Xzs8WF6_vZCSL7boytHYmIAi4Oamknj_f8dHV1M4inhiUx_kM29kGNyG3hq1GD5UECo9bKf5sKwYinZho4x3VrZCwI_U547zGdNQWulhkNmTDQLtSXwmGxxmHKyAX5rrlyAafE1yHLyDwKseaFksQjK7Db4nsbt0J-rH6ZAtGH7TO0pzX8-7K221QFiqsrEH0BJV7HEVBk2hcBYxKKfQFHWAEsMfOgfOGHwxvzg-fQUuFN5Q3Twk0O_V9hi6e006dQDiOHYYPaUM1j8azfxKyrsa9BcjaCFXhllaBwR-itt1O7-ajJAdyTHaF9feYgPGmQal8O49O04YLEy6PtZilVfhFO-QHcXY4ycPDTa8uRbIr_5aIYxRhoEwQSleUhrcpH9cZQtIxJPmDhFHNghfaJ7ZhKPgNfoGqJ2vHOCIXeuuCjaye8miy1D12DjmX4bpJ4zlCckYWPA1Q7rYPwa0lGPSv_wVduldImyQhWaBONtYSS7HidVh-OMVUW4xGlzvB4oTqYdf2DDn85x0VX9GsOWDlXPWptveh5uT7HxbS-d9W-P4P_n1JP_QdUZjnn9PRq9os4A5C1E9HKi4a2zUcuv-0871b-WjV8O_bDiqQBHOWg_tEkFZx1uGmFjVw-R-E0O2FWvb0mbbTxJTlaXlA1Ht85Ove5v86Ee0yEBKJerIuV3phw0b2qhjTal5Q4qcMfl9aTXpHT9T8jW7MrnX64uNx1A-TrQQrxlzdapVoI4wZvm09hc4WvHS6s_GHIS6OE94lXEVLDJfiuhr-PcyR4ePekJBcRjLxELvisduf8a4S2V3yZ2MXQGFNUH2F_NNq5p85TNS_ap4pTvSoJMzlXgfsnnr8464K6ayOU1G9s7v9o61hhzIlRlwJzMZApEVYBC8gmaR34_5SjeRG66IgVJi-nwea1P8otsAaCJpJ5eJbaTkHpqya_QivLOrZPYE7fCA_aVVm4EwJ-073zpNeLjV3vZMfyWFx9JRf3Urk4Wb3KaAhQ6T2uR2IvH7MUvJgsdkm4sElxExXGqgWrkvTh9cbekCFlcgshvqu789UEUKN8u_JIilz4tylgRdBpZ9t9uO-5Lic6S93t8I1_ofxv_TJdaY0IEmr-wEAR0XL3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.viralscripts.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.googleadservices.com/	1970-01-20 18:02:26	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 01:28:50	Name: IDE Value: AHWqTUkY2zKcr4jWZrr8zDKfM_wRemLIZHD0lRgqwqdabd-2ybC9gaQ-RJAIX5BrdQI
.simpli.fi/	1970-01-21 00:39:53	Name: suid Value: C4F5EA5B6DF84F84B5269A72C96FA63C
.mookie1.com/	1970-01-21 01:21:38	Name: id Value: 10596547717730264871
.mookie1.com/	1970-01-21 01:21:38	Name: mdata Value: 1\|10596547717730264871\|1698770893101
.mookie1.com/	1970-01-21 01:21:38	Name: ov Value: 6515cf8752763b0faafd878e031971a4
.rlcdn.com/	1970-01-21 00:38:26	Name: rlas3 Value: 3SSp+JZFCmzdove+airsP3y7WAHtAx/9fARdDK7GVUU=
.zemanta.com/	1970-01-21 00:38:26	Name: zuid Value: rOvtXnNqdb8ypwGZ96EP
.bidswitch.net/	1970-01-21 00:38:26	Name: tuuid Value: c71c6200-345a-4e47-824e-5d527a672872
.bidswitch.net/	1970-01-21 00:38:26	Name: c Value: 1698770893
.bidswitch.net/	1970-01-21 00:38:26	Name: tuuid_lu Value: 1698770893
.rlcdn.com/	1970-01-20 17:19:14	Name: pxrc Value: CM3fhKoGEgUI6AcQABIGCOndKhAA
.bidswitch.net/	1970-01-20 15:52:51	Name: google_push Value: AXcoOmTfqBZoraX23ZMrU5tdJ84v_ImVeBrixfXtyPlTnU4k_FIBkv9ZTpdTQ7tHBCIY_b1AGu5qTxUFAguHcCkK_wQHQ8aLfkKJtZtzSq_jMJvlI84COzX8VkIN65FKdDUt60NzPeqt-xK49dmXHVExRhOqpYs
.innovid.com/	1970-01-20 18:02:26	Name: uuid Value: 9a8f53e5-b3e9-4ac9-8e18-ffab22cb8918-20231031 12:48:13
.uuidksinc.net/	1970-01-21 00:38:26	Name: jcsuuid Value: 7H0lOGHIKisTQd8TWpRT

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.viralscripts.co.in/(Line 10) Message: <link rel=preload> must have a valid `as` value
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4242024515726779&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbetwinexchange.in%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698770891521&bpp=24&bdt=270&idt=229&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&nras=1&correlator=7467008326442&frm=24&ife=1&pv=2&ga_vid=1647902095.1698770892&ga_sid=1698770892&ga_hid=68784142&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1741035682&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079083%2C31079084%2C42531705%2C44798934%2C44805934%2C31078297&oid=2&pvsid=3551930090475548&tmod=1602656196&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.o5oi1qadwzz0&fsb=1&dtd=265 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ag.innovid.com
b1sync.zemanta.com
betwinexchange.in
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
s.uuidksinc.net
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.viralscripts.co.in
x.bidswitch.net
103.180.121.180
172.253.63.154
172.253.63.155
2600:1f18:445b:902:acc4:20b9:a7fe:faa
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1d::67
31.220.27.155
34.150.170.96
35.190.60.146
35.190.90.30
35.211.178.172
50.31.142.223
0085a372af8ed64ec1a0716f9719e24144632567e127fccece04d72532fb080d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
06770a8e503776f147287edce913dbf9c96813306d715ec27ffb6b767a268e88
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
1f5d08818a8aea52f3c785b115916ed0763bcd890ac71f8c04d90b2a7837357a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3dbd2b222baa9cf972a7d7695baa0e2e7b008258d02d2334801bec7422e47736
40a8667ff63ce3e046c4d0838bd52f79c2c791137d07e9490eb91c4d78205838
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
60d62d1b3ea61511280cbfe81b17de29464134c54e7c807425eca37605be3079
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67014f3de091d9ff5a4644a7252901001e15376b23354ebb57d0ad9b2719ed43
72413c25ed7cb5131004d085d8fa0420c1c7e4208e5eb38c2f062b046eca9431
7821ef3aa4019c30dace8c5baf7198b0030adb00184de12de6a9694d66dbb6e4
7ed0f5a81ebc9d2eb05c4d61ae87e1906786547b4e0cfcd3898c4d51f31b38a7
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
9fb5779f449ef5ba3b89cf2bc2150e26ad3cf30b7fee261dabf60916b7bca6c7
a4ad9af2c36bf0315e297b3688b820ed4fe96969778674f6499b5c005970a45c
a98de7f79af22bd534296f9a1779bc76876282d7e55b6e65975b9946b31f5f5b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
aebc2a2ccc76ff8dc661924eab8a2a87976394379510d9b70b378a3a81d8435c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1ab7f64cbc5c8e75a8203de04193743cb0ffea0fec38992b064727eedd6c4ea
b5424a405171cc62f0b4cee073f45d5478d7d34d24ace40e1fc5561aa3171baf
ccc0f80f4db5570b2ba2d0c88be903bf05950f6c78e30be5fc661a5b62cfbe15
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d5eb47ba7eb80ba4d2d717aeaf7d1544c9a6b8491c9af49dd56f06bf73f8bf67
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f472975e0cef45d4f5f5205f4f2942de92963232f9f2b71aeae5f36e040e3897
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6a7a6b19b3d91b2ea031e55dd7803a61400bcbc8abaa4d038d35c29d3c2fe0e
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f903427a9287780c5e8b96d8d797c828297ba20751a2f77106145dc68ce65d5c

betwinexchange.in Open in urlscan Pro 103.180.121.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

88 %HTTPS

47 %IPv6

16 Domains

19 Subdomains

12 IPs

3 Countries

1086 kBTransfer

2407 kBSize

15 Cookies

1 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

betwinexchange.in Open in urlscan Pro
103.180.121.180 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

88 %
HTTPS

47 %
IPv6

16
Domains

19
Subdomains

12
IPs

3
Countries

1086 kB
Transfer

2407 kB
Size

15
Cookies

66 HTTP transactions
4 data transactions