www.irctc.co.in Open in urlscan Pro
103.252.142.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://irctc.co.in/
Effective URL:
https://www.irctc.co.in/nget/
Submission: On February 03 via manual (February 3rd 2023, 12:22:18 pm UTC) from IN — Scanned from DE

Summary HTTP 404 Redirects Links 85 Behaviour Indicators

Summary

This website contacted 74 IPs in 15 countries across 58 domains to perform 404 HTTP transactions. The main IP is 103.252.142.19, located in India and belongs to CRIS-ND-21-IN Centre For Railway Information Systems, IN. The main domain is www.irctc.co.in. The Cisco Umbrella rank of the primary domain is 40615.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on May 13th 2022. Valid for: a year.

This is the only time www.irctc.co.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.252.142.27 103.252.142.27	45596 (CRIS-ND-2...) (CRIS-ND-21-IN Centre For Railway Information Systems)
24	103.252.142.19 103.252.142.19	45596 (CRIS-ND-2...) (CRIS-ND-21-IN Centre For Railway Information Systems)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1375	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
69	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	185.59.220.199 185.59.220.199	60068 (CDN77 ^_^) (CDN77 ^_^)
2	13.235.143.202 13.235.143.202	16509 (AMAZON-02) (AMAZON-02)
1	103.252.142.22 103.252.142.22	45596 (CRIS-ND-2...) (CRIS-ND-21-IN Centre For Railway Information Systems)
1	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2400:8901::f0... 2400:8901::f03c:92ff:fe35:a93f	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	13.32.27.3 13.32.27.3	16509 (AMAZON-02) (AMAZON-02)
5	2400:52e0:1e0... 2400:52e0:1e00::723:1	200325 (BUNNYCDN) (BUNNYCDN)
5	2400:8901::f0... 2400:8901::f03c:92ff:fe35:5c07	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
3	2400:8901::f0... 2400:8901::f03c:92ff:fe35:5c7e	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	20.150.114.33 20.150.114.33	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
15 51	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
4 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 7	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	45.79.126.27 45.79.126.27	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 2	54.217.61.24 54.217.61.24	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	209.191.163.208 209.191.163.208	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
4 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 5	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.67.159.22 3.67.159.22	16509 (AMAZON-02) (AMAZON-02)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:6b2a:5cae:833b:4670	16509 (AMAZON-02) (AMAZON-02)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:205... 2600:9000:2057:e000:a:e047:752:5701	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	64.74.236.223 64.74.236.223	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 4	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.184.182.132 18.184.182.132	16509 (AMAZON-02) (AMAZON-02)
4	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:1200:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:211... 2600:9000:211e:4e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.21.246.46 65.21.246.46	24940 (HETZNER-AS) (HETZNER-AS)
5	2400:52e0:1e0... 2400:52e0:1e00::1075:1	200325 (BUNNYCDN) (BUNNYCDN)
404	74

1 103.252.142.27 (India) 1 redirects

ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN)

irctc.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 103.252.142.19 (India)

ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN)

www.irctc.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1375 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.truenotify.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-59-220-199.bunnyinfra.net

cdn.nlpcaptcha.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.235.143.202 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-235-143-202.ap-south-1.compute.amazonaws.com

sdk.irctc.corover.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.252.142.22 (India)

ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN)

contents.irctc.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:8901::f03c:92ff:fe35:a93f (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)

uiresource.ap-south-1.linodeobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-3.fra56.r.cloudfront.net

assistant.corover.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::723:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:8901::f03c:92ff:fe35:5c07 (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)

eticket.ap-south-1.linodeobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:8901::f03c:92ff:fe35:5c7e (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)

dishav3.ap-south-1.linodeobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.114.33 (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

uiresource.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 142.250.180.226 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.116 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.126.27 (Mumbai, India)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 45-79-126-27.ip.linodeusercontent.com

api.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.61.24 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-61-24.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.191.163.208 (United States) 4 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.253 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.159.22 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-159-22.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:6b2a:5cae:833b:4670 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e000:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.223 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.182.132 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-182-132.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.165 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1200:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.28 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.246.46 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.246.21.65.clients.your-server.de

cube.nlpcaptcha.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::1075:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cubecdn.nlpcaptcha.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
110	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	934 KB
83	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325 ad.doubleclick.net — Cisco Umbrella Rank: 184	567 KB
28	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1957 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	55 KB
26	irctc.co.in 1 redirects irctc.co.in — Cisco Umbrella Rank: 39819 www.irctc.co.in — Cisco Umbrella Rank: 40615 contents.irctc.co.in — Cisco Umbrella Rank: 85861	1 MB
25	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	534 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 csm.eu.criteo.net — Cisco Umbrella Rank: 7891 pix.eu.criteo.net — Cisco Umbrella Rank: 7989	36 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 764 static.adsafeprotected.com — Cisco Umbrella Rank: 616 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	99 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416	8 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	397 KB
9	adform.net 3 redirects track.adform.net — Cisco Umbrella Rank: 3696 s1.adform.net — Cisco Umbrella Rank: 8046 c1.adform.net — Cisco Umbrella Rank: 568	41 KB
9	linodeobjects.com uiresource.ap-south-1.linodeobjects.com — Cisco Umbrella Rank: 471484 eticket.ap-south-1.linodeobjects.com — Cisco Umbrella Rank: 484767 dishav3.ap-south-1.linodeobjects.com — Cisco Umbrella Rank: 531445	2 MB
9	nlpcaptcha.in cdn.nlpcaptcha.in — Cisco Umbrella Rank: 67067 cube.nlpcaptcha.in — Cisco Umbrella Rank: 80306 cubecdn.nlpcaptcha.in — Cisco Umbrella Rank: 75108	243 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 484 rtb0.doubleverify.com — Cisco Umbrella Rank: 715 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 15125	45 KB
8	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 1634 oajs.openx.net — Cisco Umbrella Rank: 2481 us-u.openx.net — Cisco Umbrella Rank: 417 google-bidout-d.openx.net — Cisco Umbrella Rank: 2431	2 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	7 KB
6	criteo.com 1 redirects rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173 ads.eu.criteo.com — Cisco Umbrella Rank: 7817 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9566 gum.criteo.com — Cisco Umbrella Rank: 388 mug.criteo.com — Cisco Umbrella Rank: 2753	47 KB
6	yahoo.com 6 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	3 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 8741 www.google.de — Cisco Umbrella Rank: 5986	1 KB
5	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 725	1 KB
5	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 37987	64 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	108 KB
4	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1232	801 B
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	1 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 592	3 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	34 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4143	916 B
3	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 1836	584 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	1 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 733	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	40 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 12387	3 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 512	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 948 id5-sync.com — Cisco Umbrella Rank: 389	17 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 693	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 748 r.turn.com — Cisco Umbrella Rank: 3187	869 B
2	corover.ai sdk.irctc.corover.ai — Cisco Umbrella Rank: 61887	73 KB
2	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16608	63 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	441 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 767	708 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2918	104 B
1	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 15377	37 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	540 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 632	463 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2817	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2391	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2726	8 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	576 B
1	unibots.in api.unibots.in — Cisco Umbrella Rank: 31536	288 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	551 B
1	windows.net uiresource.blob.core.windows.net — Cisco Umbrella Rank: 395183	48 KB
1	corover.mobi assistant.corover.mobi — Cisco Umbrella Rank: 64806 Failed	904 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
1	truenotify.co.in cdn.truenotify.co.in — Cisco Umbrella Rank: 78926	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742	20 KB
404	58

	Domain	Requested by
69	pagead2.googlesyndication.com	sdk.irctc.corover.ai pagead2.googlesyndication.com www.irctc.co.in securepubads.g.doubleclick.net 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com www.googletagservices.com ad.doubleclick.net
51	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com www.irctc.co.in d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
34	tpc.googlesyndication.com	securepubads.g.doubleclick.net 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com tpc.googlesyndication.com www.irctc.co.in googleads.g.doubleclick.net d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com ad.doubleclick.net
25	s0.2mdn.net	www.irctc.co.in s0.2mdn.net 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
24	www.irctc.co.in	www.irctc.co.in
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.irctc.co.in
12	securepubads.g.doubleclick.net	www.googletagservices.com www.irctc.co.in sdk.irctc.corover.ai assistant.corover.mobi securepubads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
10	www.google.com	www.irctc.co.in 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10	www.googletagservices.com	www.irctc.co.in 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com googleads.g.doubleclick.net d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com securepubads.g.doubleclick.net cdn.doubleverify.com www.googletagservices.com
8	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com
8	dt.adsafeprotected.com	775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com www.irctc.co.in
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	googleads4.g.doubleclick.net	www.irctc.co.in ad.doubleclick.net
5	cubecdn.nlpcaptcha.in	www.irctc.co.in cubecdn.nlpcaptcha.in
5	onetag-sys.com	3 redirects 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
5	eticket.ap-south-1.linodeobjects.com	www.irctc.co.in
5	cdn.unibotscdn.com	sdk.irctc.corover.ai www.irctc.co.in cdn.unibotscdn.com
5	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	cdn.jsdelivr.net	www.irctc.co.in cdn.jsdelivr.net securepubads.g.doubleclick.net
4	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com
4	track.adform.net	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com s1.adform.net
4	sync.teads.tv	1 redirects d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	match.adsrvr.org	googleads.g.doubleclick.net d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com www.irctc.co.in
4	ups.analytics.yahoo.com	4 redirects
4	ap.lijit.com	4 redirects
3	c1.adform.net	3 redirects
3	d5p.de17a.com	3 redirects
3	tr.blismedia.com	2 redirects d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	eb2.3lift.com	3 redirects
3	rtb.openx.net	googleads.g.doubleclick.net d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	dishav3.ap-south-1.linodeobjects.com	www.irctc.co.in
3	cdn.nlpcaptcha.in	www.irctc.co.in
3	www.google-analytics.com	www.irctc.co.in www.googletagmanager.com
2	pix.eu.criteo.net	www.irctc.co.in
2	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	ad.doubleclick.net	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com www.googletagservices.com
2	s1.adform.net	track.adform.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.irctc.co.in
2	m.exactag.com	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
2	x.bidswitch.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	pm.w55c.net	2 redirects
2	static.adsafeprotected.com	775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	sync.1rx.io	2 redirects
2	fw.adsafeprotected.com	1 redirects www.irctc.co.in
2	775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sdk.irctc.corover.ai	www.irctc.co.in sdk.irctc.corover.ai
2	cdn.izooto.com	cdn.truenotify.co.in cdn.izooto.com
1	cube.nlpcaptcha.in	www.irctc.co.in
1	s.ad.smaato.net	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
1	cdn.besafe.global	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.irctc.co.in
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	id5-sync.com	www.irctc.co.in
1	a.rfihub.com	1 redirects
1	ads.eu.criteo.com	d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	www.irctc.co.in
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	s.tribalfusion.com	775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com	775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	api.unibots.in	www.irctc.co.in
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	uiresource.blob.core.windows.net	www.irctc.co.in
1	uiresource.ap-south-1.linodeobjects.com	www.irctc.co.in
1	assistant.corover.mobi	sdk.irctc.corover.ai
1	www.google.de	www.irctc.co.in
1	stats.g.doubleclick.net	www.irctc.co.in
1	www.googletagmanager.com	sdk.irctc.corover.ai
1	contents.irctc.co.in	www.irctc.co.in
1	cdn.truenotify.co.in	www.irctc.co.in
1	fonts.gstatic.com	www.irctc.co.in
1	maxcdn.bootstrapcdn.com	www.irctc.co.in
1	irctc.co.in	1 redirects
404	96

This site contains links to these domains. Also see Links.

Domain
contents.irctc.co.in
www.gyftr.com
www.irctctourism.com
www.operations.irctc.co.in
enquiry.indianrail.gov.in
www.ftr.irctc.co.in
www.bus.irctc.co.in
www.air.irctc.co.in
www.hotel.irctctourism.com
www.the-maharajas.com
www.goldenchariot.org
www.rr.irctctourism.com
www.sbicard.com
www.ecatering.irctc.co.in
menurates.irctc.co.in
play.google.com
apps.apple.com
www.nvsp.in
mahilaehaat-rmk.gov.in
raildrishti.indianrailways.gov.in
www.fois.indianrail.gov.in
corover.ai
www.irctcimudra.com
www.railwire.co.in
agent.irctc.co.in
www.indianrail.gov.in
hotel.irctctourism.com
www.facebook.com
youtube.com
instagram.com
www.linkedin.com
t.me
in.pinterest.com
irctcofficial.tumblr.com
www.kooapp.com
twitter.com
cris.org.in
irctc.corover.ai
amzn.to
youtu.be

Subject Issuer	Validity	Valid
www.irctc.co.in GeoTrust EV RSA CA 2018	`2022-05-13` - `2023-05-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.nlpcaptcha.in Sectigo RSA Domain Validation Secure Server CA	`2022-09-21` - `2023-09-21`	a year	crt.sh
sdk.irctc.corover.ai R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
www.contents.irctc.co.in GeoTrust EV RSA CA 2018	`2022-05-20` - `2023-06-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
ap-south-1.linodeobjects.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
assistant.corover.mobi R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh
cdn.unibotscdn.com R3	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 02	`2023-01-24` - `2024-01-19`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
api.unibots.in R3	`2023-01-02` - `2023-04-02`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
cdn.besafe.global Amazon	`2022-05-26` - `2023-06-24`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://www.irctc.co.in/nget/
Frame ID: A15CB0F5E135271C641996AA3E3CEF57
Requests: 111 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 988C360A024F3DF66D1E53E925D2CA6B
Requests: 1 HTTP requests in this frame

Frame: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F65F3730C162E2C2015DD236C1FFEB6
Requests: 1 HTTP requests in this frame

Frame: https://assistant.corover.mobi/320x50_placeholder.html
Frame ID: 2150036BBA19180948E70EAB146226A7
Requests: 1 HTTP requests in this frame

Frame: https://assistant.corover.mobi/320x50_placeholder.html
Frame ID: 41B74F418ED02667BB04AA0B2D665F6D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: 221D05088D051523B5B74E202C023351
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8692878304946020&output=html&adk=1812271804&adf=3025194257&lmt=1675341674&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675426927775&bpp=4&bdt=5481&idt=254&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfec18452125133ec%3AT%3D1675426926%3AS%3DALNI_MbbgIMohW1CtZrAuiqecmkRkl7DiQ&gpic=UID%3D00000bae52377736%3AT%3D1675426926%3ART%3D1675426926%3AS%3DALNI_Ma8lgg4TV63m6OtJkQqirwjukwl2g&nras=1&correlator=1511905173302&frm=20&pv=2&ga_vid=1903162748.1675426923&ga_sid=1675426926&ga_hid=602504223&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071947&oid=2&pvsid=4440361744764487&tmod=1757648909&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=290
Frame ID: 1DC347CB5470E4A4A9B1814EE8AAA279
Requests: 1 HTTP requests in this frame

Frame: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A100D8447D00C9CB6E02DD3ACA9851E4
Requests: 1 HTTP requests in this frame

Frame: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7C33071FC85359BF35D0D25C6598F965
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWIFECTiFdr3KimpR8e-c8vtzozTHCW0nbqZ980JL5W_fwdx6liUXTbOInyvlQgzI7rrsOH4lGsrevxlBNHd_3szbaHH5Nrph5O_izcLBykojCO1JHEO9Sl2e3CJMcgU6_A8dSMIbbSq-WEVuaf-DMe51s0iFV1aIlGoQTROdK_Fq7MWGU
Frame ID: 564252CA7183A2C55EFD71413E144683
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6724CC60666F0C9064E556B405E11A95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF96DF656F2BAE352241BF1C6A55C04A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB3D66E6774CD19659F568D0A337C6E5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DB0ECA5C5E4DD3CCEDAA58C8BF2CC356
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: A4ADF5BD7B2A7EBA622B6E2E3EC80738
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
Frame ID: 5CD6FA0F439DA7D4797D3CFC4E3CDED5
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 584D7C6A0EBA880FA508424BF3F0C1A3
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: A7A94DBA9B02F83CAFE1DC49353FCFD0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0992680E11BE7ED7093994D8DF80E025
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js
Frame ID: 499FA6C2A526A04BB3006E5F39B29CF4
Requests: 1 HTTP requests in this frame

Frame: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D8D9ADE638A46E0D18C1BD787E398AF
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9z8cQAFR74IEeMxAAdyNqJX4AY3AnSXuyercQ&u=%7CnnsCXnzUBed9uQK7GEaOLrAWue%2B1kHmFmxbHQ11bXRU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyRUAeNv4apnefVPHzpDLsKjCbV-stiONIV7FgfHomxT3MOiAesioRZVTESwDNozL8JSnxd2hQHNSzE6Qvz5ew3EQCt9pfXEao2ikNZET6bs9VMekHpmGHe6MsFggwPgx1sh_52NXalwd2u9zTP8yj_sLCd1ORMgeEhWS8If5gFq43s6k75FlENWcIErzv-Vd5V5Xi7W9jnQLH2EtYW0Xu5VO4sqhKCEEuwgm6prAaGy5YnxN-kp9uOFAFOIE10VFeFlpYgRW3chapALuL_s-8_-hYNshXoqfVciQShZNHQ79Iq_ALJGOVxNMgUyW6xCw5986ulA9ry439ZpQNSG5EzIaGC06hET-DnQ6gMCQep9R9HhuO5wQu08eOehUK8yzAuSl9YvqySUya0CZgILUUwZckRZr0lhzVzaFHOsimS0TzZqT7ALhhCaJLimJhieepArmGFnk34Pc16a2vmpqtkx7JnherBjlQnmtbjMwsOWIN7ATUNIwCAgOP0A-g4T8PBayG0NJkfPWIOR6iqBFR6Yi9BvU7dtv2lu0h2u9d5njFUWi8eXSebk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3YV-cfzcY76PFbHGx_APtuSdmAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI3MzAyNjM0NTEzMDg4MDHIAQmpAg6oy9JgR7I-4AIAqAMBqgSZAk_QLErOTM-oks2q9JK6bH2sTpLQ3Ftk5wxIDhRjmA9c5zWMaC2tRhSMIVDyesdb7jNdcbdV-CbTCkGxaW15OcWayzkzQCA9wTF4W4pFGIJLGf8OY-oelS1NePlvqPl3fQxLBKcMBxVhjwEby5-_UJTInKiPRODT73jZHYeD3lWVr0WtJyTmNHr9FETF-dTxRIWMaw3sgujsU7vQ_c5FYR4m3tpNzs3qKpMPsEJ5Wn8Pu5KQdrIMw9iotIOPpFwkIwEbhgFy1j3ITYtWviWs6GPSfy4dxtdw2e-PLey3leKmSM7yyMSITCW86Su5mYenAdfnNVL7rBV8HtWDxSQBzmP7uzMfcjGqepsHwCzhP3rwtiL1CwjGvTfy4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3rAdilIggCIVpyNoYoGa1n1LjaRw%26client%3Dca-pub-2730263451308801%26adurl%3D
Frame ID: F421CF4196418692653A381A389131C1
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D38EFE9A0181D5893EDD7682E9B30132
Requests: 9 HTTP requests in this frame

Frame: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ACE940A08EA816FAB855C0C7BBC7A801
Requests: 33 HTTP requests in this frame

Frame: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C0894C7AA83BEF1984CFF5330270F16
Requests: 25 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQBfliS-RrPGK2c1LgUvEDX16865IIZvTkEPZpyogdUcc2b1mpvUbIv-A9HhejYybsH2K2UAuKpxQv06cWwepNVZspqxGGE_kmy7oYGLFt_rOMXUe6iimaae_7nOUUUFVkT06EP_dxk4AP-alNSu_SNJRQ33SXSmM9ejRIZLZEBrtdUV0vEvbypmuRA1N99Ql7P0uTbitiucMYjXK56xwP33kS2XHAF7-02ss-ohr4LnZL9cMiycEKEk8CL0CAkkEwXIvM1Rt8QdfXrPHx30Yx9idqF1CEoT1yqArGQGukfdNtMH54gdK6XymHv9Ji7pWshaQaQQ&sai=AMfl-YS-2Su28_V5pbSDvkPsHZ2VG9OltBqAVoLIjGmVEjDJDeBDA57bsLX6VRSjcQi-j3_3w0covVjEdFCsRN1UujCfVCjxJv0LV8pJ74eeMDpnXt40dXYwbWugdTiAbI4&sig=Cg0ArKJSzMAIu61Fen0zEAE&uach_m=[UACH]&adurl=
Frame ID: 5FF1DDB03594C033D0577FC41D3A50B8
Requests: 7 HTTP requests in this frame

Frame: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 30422908108651EB946B0CED13EA09BD
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYiZWZ3wEwAQ&v=APEucNXc2cePufKq664n6AjWv8dzZlmKIfYnSXs2qCNXtokRcXcAsjTZHF_EZu-uK3wrB_oFKQg5rpzJGBrbn5OeCuNuhtNIs6B22ESdrge0eLF6v5AWWi29MdC0C5c6YcNK1EOIZTblm2z04uO5rCrjS6RchnKD7Rfzp0nEuma3ACeToVHSxPs
Frame ID: 596E5B2AEC18A22D5712F1D941C55340
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYxcn33wEwAQ&v=APEucNWRnyBucA9GMWD_edexFtJpzQ846pD55-DHZytv9Pqs_Iz5QaMg-CBIvFe_4wNo5MG4FnQfGxtHcQn8AmJRwBrPLoy2lGI67z4wc7FS3pe75zReh2pSjg1sPGo7VVfhuf8QH-9EtwkThAroqiy30Gx3hVUGjUjVHFU9cgOpoVml1mmJ-EY
Frame ID: 1E0F40CD129EB51AA97C23B38F2677AD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPn2QIQm5vbAhiCma90MAE&v=APEucNUCghZqoFErj9Sjquno2xyD98jjMDTV0BE-YX68jZEcM57iqKnDUUX-jFfVGh4PSEoCU1OBoZjxFDISXXKTrvIXrxfYbCv_O2-IHasInfCKRcC8AuUGPp9KtZR0cZkXdhwf3w_aVzasc0MXQ3wiNt_9qBw-dUr4idCT3TEuU3Pmv80AfKU
Frame ID: A3F078AFEBB90CFC3ACD4F7C4C908CAB
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.irctc.co.in
Frame ID: B53BAE3165E0C5318176A9EBF48FE236
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ABF8E79CB8D9DF43894AFBFAC4AE646B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E911F56E0C6502A216C13A6074B465E3
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8B3BD83015AEDD167DEB970A43659490
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CF71A584C8769367590ADD797ABA912
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
Frame ID: 13261148A7942E21DDD6BE17A14F8989
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43868276612C6B611716AEB7EA839A22
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD115F7E25130636C145E3B513EE8BCF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BF5BF67DB549CC9517EF630A4FB7277E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86FB6ADF0D5568EF8419EBE0738A5BBE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA7CFC3B6397722C3104FEA80B295525
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C2FEAACDD5758B11A729EC7F305AA80
Requests: 2 HTTP requests in this frame

Frame: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Frame ID: A9DBB9685A808600EDC41F8BBA0750CF
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IRCTC Next Generation eTicketing System

Page URL History Show full URLs

http://irctc.co.in/ HTTP 302
https://www.irctc.co.in/nget/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

404
Requests

87 %
HTTPS

50 %
IPv6

58
Domains

96
Subdomains

74
IPs

15
Countries

6383 kB
Transfer

13094 kB
Size

51
Cookies

85 Outgoing links

These are links going to different origins than the main page.

URL: http://contents.irctc.co.in/en/AboutEwallet.pdf
Title: About IRCTC eWallet

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/EwalletUserGuide.pdf
Title: IRCTC eWallet User Guide

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/irctc_ipay_english.pdf
Title: IRCTC-iPAY

Search URL Search Domain Scan URL

URL: https://www.gyftr.com/irctc?utm_source=WEB_APP
Title: e-Gift Vouchers

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/gallery/tajas.html
Title: Group Booking

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Travel_Insurance_Claim_Process_for_IRCTC_TejasExp.pdf
Title: Travel Insurance Claim Process

Search URL Search Domain Scan URL

URL: https://www.operations.irctc.co.in/ctcan/SystemTktCanLogin.jsf
Title: Counter Ticket

Search URL Search Domain Scan URL

URL: https://enquiry.indianrail.gov.in/
Title: Track Your Train

Search URL Search Domain Scan URL

URL: https://www.ftr.irctc.co.in/ftr/
Title: FTR Coach/Train Booking

Search URL Search Domain Scan URL

URL: https://www.bus.irctc.co.in/
Title: BUSES

Search URL Search Domain Scan URL

URL: https://www.air.irctc.co.in/
Title: FLIGHTS

Search URL Search Domain Scan URL

URL: https://www.hotel.irctctourism.com/
Title: HOTELS

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=Domestic&sector=All&bdar=3
Title: Bharat Gaurav

Search URL Search Domain Scan URL

URL: https://www.the-maharajas.com/
Title: Maharaja's Express

Search URL Search Domain Scan URL

URL: https://www.goldenchariot.org/
Title: Golden Chariot

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=Domestic&sector=All
Title: Domestic Packages

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=International&sector=All
Title: International Packages

Search URL Search Domain Scan URL

URL: https://www.rr.irctctourism.com/#/accommodation/in/ACBooklogin
Title: Retiring Room

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/accommodation
Title: Lounge

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/AboutSBICobrandCard.pdf
Title: About IRCTC SBI Credit Card

Search URL Search Domain Scan URL

URL: https://www.sbicard.com/sprint/c/irctcRuPay?GEMID1=dis_2022_Jun_IRCTC_website&GEMID2=IRCTC&CS=affiliate
Title: IRCTC SBI Platinum Card RUPAY e-apply

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/AboutBOBCobrandCard.pdf
Title: About IRCTC BOB Credit Card

Search URL Search Domain Scan URL

URL: http://www.ecatering.irctc.co.in/eCatering/
Title: Order Food - E-Catering

Search URL Search Domain Scan URL

URL: http://menurates.irctc.co.in/
Title: Cooked Food Menu

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Banner_Advertisment.pdf
Title: Banner-Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Push_Notification.pdf
Title: Push Notification

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Chat_Bot_Advertisment.pdf
Title: Chat Bot Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Cuboid_Advertisements.pdf
Title: Cuboid Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/ERS_Advertisement.pdf
Title: e-Ticket Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Logout_Advertisement.pdf
Title: Logout Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Promotional_SMS.pdf
Title: SMS(Promotional)

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Booking_Mail_Advertisement.pdf
Title: Booking Mail Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Cancellation_Mailer.pdf
Title: Cancellation Mail Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Promotional_Mailer.pdf
Title: Mailer(Promotional)

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Captcha_Advertisement.pdf
Title: Captcha Advertisement

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=cris.org.in.prs.ima&hl=en
Title: Android Mobile App

Search URL Search Domain Scan URL

URL: https://apps.apple.com/in/app/irctc-rail-connect/id1386197253
Title: iOS Mobile App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.irctc.tourism_new
Title: IRCTC Tourism App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.irctc.air&hl=en
Title: IRCTC Air App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.cris.utsmobile&hl=en
Title: UTS TICKET APP

Search URL Search Domain Scan URL

URL: https://www.sbicard.com/eapply/eapply-form.page/apply?path=personal/credit-cards/travel/irctc-rupay-sbi-card.dcr&GEMID1=Home_Promo_Tab_E-apply&GEMID2=IRCTC_Web&CHN=451
Title: IRCTC SBI Platinum Card RUPAY e-apply

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/gallery/tag.html
Title: Trains At A Glance

Search URL Search Domain Scan URL

URL: http://www.nvsp.in/
Title: National Voter"s Service Portal

Search URL Search Domain Scan URL

URL: http://mahilaehaat-rmk.gov.in/
Title: Mahila E-Haat

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/MedicalTourism
Title: Medical Tourism

Search URL Search Domain Scan URL

URL: https://raildrishti.indianrailways.gov.in/
Title: Rail Drishti

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/IRBRmag/
Title: Indian Railways Magazines

Search URL Search Domain Scan URL

URL: https://www.fois.indianrail.gov.in/RailSAHAY/index.jsp
Title: Railways Freight Business Portal

Search URL Search Domain Scan URL

URL: https://corover.ai/irctc/
Title: ChatBot as a Service (CaaS)

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/AadhaarLinking.pdf
Title: Link Your Aadhaar

Search URL Search Domain Scan URL

URL: https://www.irctcimudra.com/
Title: IRCTC iMudra

Search URL Search Domain Scan URL

URL: https://www.railwire.co.in/station-wi-fi-project.php
Title: WI-Fi Railway Stations

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/BOC.pdf
Title: Battery Operated Cars

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/wheelchair
Title: E-wheelchair

Search URL Search Domain Scan URL

URL: https://www.rr.irctctourism.com/
Title: Retiring Room

Search URL Search Domain Scan URL

URL: https://contents.irctc.co.in/en/PetBookingInTrains.pdf
Title: Dogs/Cats Booking

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/HandicraftsCommitteeReport.pdf
Title: Support SHG/Handicraft

Search URL Search Domain Scan URL

URL: https://agent.irctc.co.in/nget/train-search
Title: Agent DC Login

Search URL Search Domain Scan URL

URL: http://www.indianrail.gov.in/enquiry/PNR/PnrEnquiry.html?locale=en
Title: PNR STATUS

Search URL Search Domain Scan URL

URL: https://hotel.irctctourism.com/hotels
Title: HOTELS

Search URL Search Domain Scan URL

URL: https://www.ecatering.irctc.co.in/
Title: E-CATERING

Search URL Search Domain Scan URL

URL: https://www.bus.irctc.co.in/home
Title: BUS

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=&category=
Title: HOLIDAY PACKAGES

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/gallery/
Title: HILL RAILWAYS

Search URL Search Domain Scan URL

URL: http://www.the-maharajas.com/
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/#/tourpacakage_search?searchKey=&tagType=&travelType=International&sector=All
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/#/tourpacakage_search?searchKey=&tagType=&travelType=Domestic&sector=All
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/#/tourpkgs
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.facebook.com/IRCTCofficial/

Search URL Search Domain Scan URL

URL: https://youtube.com/c/IRCTCOFFICIAL

Search URL Search Domain Scan URL

URL: https://instagram.com/irctc.official?igshid=yyg5byow704l

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/irctcofficial

Search URL Search Domain Scan URL

URL: https://t.me/IRCTC_Official

Search URL Search Domain Scan URL

URL: https://in.pinterest.com/irctcofficial/

Search URL Search Domain Scan URL

URL: https://irctcofficial.tumblr.com/

Search URL Search Domain Scan URL

URL: https://www.kooapp.com/profile/irctcofficial

Search URL Search Domain Scan URL

URL: https://twitter.com/IRCTCofficial

Search URL Search Domain Scan URL

URL: http://cris.org.in/
Title: CRIS

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/BetaSiteCompatibleBrowser.html
Title: Compatible Browsers

Search URL Search Domain Scan URL

URL: https://irctc.corover.ai/

Search URL Search Domain Scan URL

URL: https://amzn.to/3UAWETQ

Search URL Search Domain Scan URL

URL: https://youtu.be/gQcqoZvIieg
Title: Watch a Demo

Search URL Search Domain Scan URL

URL: https://corover.ai/advertise/
Title: Advertise with us!

Search URL Search Domain Scan URL

URL: https://amzn.to/3i4lgCr
Title: SALE

Search URL Search Domain Scan URL

URL: https://amzn.to/34WK1uY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://irctc.co.in/ HTTP 302
https://www.irctc.co.in/nget/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7IRd458782lYgjL0QfVgE&google_cver=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9z8cJnldljRUpGeepHqnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAF6EDuUq6T-sYkxP9nOSnc&google_cver=1

Request Chain 111

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

Request Chain 129

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELD31LZXVFCS51iIkBZStC0&google_cver=1&google_push=Aa02lx9IFtcdlQOcyio52ny7UX8Em_iC8IB49NmGOSRibbOOzoCdNqyPYtWCtVtVbsNwPGcQkjHTflUxm61vgts1x-tCBbWt2yJvXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY3NTQwNzUwMTc0MzMyNzQ1OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJKGj7oYG0ZOLB-LAVH_F48&google_cver=1

Request Chain 130

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJH-uuXS0GkfTAOhd1-JIuA&google_cver=1&google_push=Aa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJH-uuXS0GkfTAOhd1-JIuA&google_cver=1&google_push=Aa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 131

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE1pfI9M4hLwtXKvuTJ7qsY&google_cver=1&google_push=Aa02lx8y8EC2eFywwgbwL9rLGW1Nu1BhbvJpOZl8TOyXVfGtKn7LRxi99pl_-1CdUIzJxZOd2YR2thsUguAUcg1JqQrgEwhD8TEm HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE1pfI9M4hLwtXKvuTJ7qsY&google_cver=1&google_push=Aa02lx8y8EC2eFywwgbwL9rLGW1Nu1BhbvJpOZl8TOyXVfGtKn7LRxi99pl_-1CdUIzJxZOd2YR2thsUguAUcg1JqQrgEwhD8TEm&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8y8EC2eFywwgbwL9rLGW1Nu1BhbvJpOZl8TOyXVfGtKn7LRxi99pl_-1CdUIzJxZOd2YR2thsUguAUcg1JqQrgEwhD8TEm

Request Chain 132

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL9oAdVcmH7k2CBYP91xRCY&google_cver=1&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1jqT8EFIy-HHyoQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL9oAdVcmH7k2CBYP91xRCY&google_cver=1&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1jqT8EFIy-HHyoQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1jqT8EFIy-HHyoQ&google_hm=GGEGCGZHPSKvthzgSMC5oy9H

Request Chain 133

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMsEHZBdVO1Tp5SJPi10Suk&google_cver=1&google_push=Aa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675426928903 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-772f89c3-cf9b-4740-b199-695c8c07da31-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg%26google_hm%3DA3cvicPPm0dAsZlpXIwH2jE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg&google_hm=A3cvicPPm0dAsZlpXIwH2jE

Request Chain 134

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPgRkP95aEg-MM7XlJzU_mc&google_cver=1&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4tYO_-bus7UyOxtnk6TFDMpTzjyIDDWhFE8XpJMcT6EVN3zI HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPgRkP95aEg-MM7XlJzU_mc&google_cver=1&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4tYO_-bus7UyOxtnk6TFDMpTzjyIDDWhFE8XpJMcT6EVN3zI&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4tYO_-bus7UyOxtnk6TFDMpTzjyIDDWhFE8XpJMcT6EVN3zI

Request Chain 135

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHHagWN7xLNgHEexKZQnVwc&google_cver=1&google_push=Aa02lx9sjB87u6qNPLbhVeIGUraYD8A6jBnmScH73V4ZMv3FwZFORG1m2ngH7sdGt1sKq03OuyWlp5GBUSZkoexsPfg5KXLZzq3gx6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9sjB87u6qNPLbhVeIGUraYD8A6jBnmScH73V4ZMv3FwZFORG1m2ngH7sdGt1sKq03OuyWlp5GBUSZkoexsPfg5KXLZzq3gx6w HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 149

https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_cPzcY5WdIrC89u8Pn5eAsAM&cbFunctionName=goog_wrapCb_cPzcY5WdIrC89u8Pn5eAsAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.irctc.co.in&adsafe_type=g&adsafe_url=https%3A%2F%2Fassistant.corover.mobi%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:7360d3c9-aa7a-4716-7478-7f4f3f4df7d4,c:39YboX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-bb8697c85-cfq7f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:19,oid:60ec0477-a3bd-11ed-b5da-966a1fe64565,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 173

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&google_cver=1&google_push=Aa02lx8DSqdWVuYL6ZrkXACuz64K-NBBR9s3YxC2e9gXsDJjQX7_7N7ebz3Scm0btgpNuV9U0TFvCeT0Ar42BlNSSO8CUaLKmzx1omA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&google_cver=1&google_push=Aa02lx8DSqdWVuYL6ZrkXACuz64K-NBBR9s3YxC2e9gXsDJjQX7_7N7ebz3Scm0btgpNuV9U0TFvCeT0Ar42BlNSSO8CUaLKmzx1omA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdSMTFUYnExUG5WNFo1&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&google_cver=1&google_push=Aa02lx8DSqdWVuYL6ZrkXACuz64K-NBBR9s3YxC2e9gXsDJjQX7_7N7ebz3Scm0btgpNuV9U0TFvCeT0Ar42BlNSSO8CUaLKmzx1omA

Request Chain 175

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8uOreHU5nuM76eAY2Vz78&google_cver=1&google_push=Aa02lx94k7JPSyDwCtesF2LeB5K-o2qMdp8Rexfg1FOZtcp0nx4gs_LYvExsx_FMwfGrGLQCP3Y89UOtAqrnU9W0NUMFWsiyFlGgQUA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx94k7JPSyDwCtesF2LeB5K-o2qMdp8Rexfg1FOZtcp0nx4gs_LYvExsx_FMwfGrGLQCP3Y89UOtAqrnU9W0NUMFWsiyFlGgQUA&google_hm=eS1VSkxrRml0RTJwRURnRVg3Wk5mYkNENVVKUUg0NEpFeX5B

Request Chain 177

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAuR36KQFn6KLJi1SN-dQfU&google_cver=1&google_push=Aa02lx8da1m65ssJFOQqfUssSF3YJEdgspN0wEPqgjR4FKYiZ9zXd6XlKBeTAcD-RqdAhaYYXOn-WejzArkIM_NziQyEw5n9lt2njdM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8da1m65ssJFOQqfUssSF3YJEdgspN0wEPqgjR4FKYiZ9zXd6XlKBeTAcD-RqdAhaYYXOn-WejzArkIM_NziQyEw5n9lt2njdM

Request Chain 178

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHlcsQJaWfrcyjlmTaUchEk&google_cver=1&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2saoPfk9EJbGOYNGdScoC1CpM1q1CG0ZIMmk_ieqaU HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2saoPfk9EJbGOYNGdScoC1CpM1q1CG0ZIMmk_ieqaU&google_gid=CAESEHlcsQJaWfrcyjlmTaUchEk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2saoPfk9EJbGOYNGdScoC1CpM1q1CG0ZIMmk_ieqaU

Request Chain 179

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECHPAIzdc0lghJN8oDRolCs&google_cver=1&google_push=Aa02lx_a0p8Nz9M0E9KqF8E1Wgyxzx8Jm8vgCedZdWQp6MPOjlhK8FwUkqarsSX0GH8cUt229FNcB3VbdVnZxJOKDNRLwpyYoEgBHxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_a0p8Nz9M0E9KqF8E1Wgyxzx8Jm8vgCedZdWQp6MPOjlhK8FwUkqarsSX0GH8cUt229FNcB3VbdVnZxJOKDNRLwpyYoEgBHxU

Request Chain 217

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEjuOYla6UsnghlrfcTPFxM&google_cver=1&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2orxe1_vhrJErFw HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEjuOYla6UsnghlrfcTPFxM&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2orxe1_vhrJErFw&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2orxe1_vhrJErFw&google_hm=dWxaTXpQenh2NEVlU1dab3FNUWg=

Request Chain 218

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGBfH8vT4LEK24CI3XCW-Dc&google_cver=1&google_push=Aa02lx9UT3yWFyjI7jNi-Tc3iLJFVsf8eIjMrFVRNusKYd2PN2EHLTMJpR39BSg3qgOtpewKJh_TbHgwjmu6KryD_vs8oEXm5Gs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9UT3yWFyjI7jNi-Tc3iLJFVsf8eIjMrFVRNusKYd2PN2EHLTMJpR39BSg3qgOtpewKJh_TbHgwjmu6KryD_vs8oEXm5Gs

Request Chain 219

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMm_bsYZTBo9PTDqr1gTxkc&google_cver=1&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdAx6r5etG9t8 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMm_bsYZTBo9PTDqr1gTxkc&google_cver=1&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdAx6r5etG9t8&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdAx6r5etG9t8&google_hm=GGEGCGZHPSKvthzgSMC5oy9H

Request Chain 220

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEXkzva8Oam2Hnb2d1P6KD8&google_cver=1&google_push=Aa02lx9ybTGGBUEsrcsjau0MC-MGeNdksTi-i8TYfageDfNDwY8O7-ZCLy7aFnvNPPV4isBTJgz0_4K_bm2uw0kurhW5loP4Q7ue HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx9ybTGGBUEsrcsjau0MC-MGeNdksTi-i8TYfageDfNDwY8O7-ZCLy7aFnvNPPV4isBTJgz0_4K_bm2uw0kurhW5loP4Q7ue&google_hm=Njk0MzM0NjY4MTg2MTk2NjIyNQ==

Request Chain 221

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJmK9eMQWwywNj9fp92jgWw&google_cver=1&google_push=Aa02lx-3N0pVlHxqTa3vVFXlz2gEJKpDwFQXtGrTwCYUoCZkr_7hlxC_gWI8VBdHEMj9QPOgZ1zSDpODG-Pa33RCEzDDEi0FK4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-3N0pVlHxqTa3vVFXlz2gEJKpDwFQXtGrTwCYUoCZkr_7hlxC_gWI8VBdHEMj9QPOgZ1zSDpODG-Pa33RCEzDDEi0FK4w HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 222

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEELU-UNZajalgvNmcY704xA&google_cver=1&google_push=Aa02lx8Vi73eT2dd5btYs2TPaz_iz6Fm8SyV0y-Pv6F7SmjYd5YbZ_J8x1DrHLhWM1GNMnGwbz4jdK2OkK5zLG2HsZSGbG9bDh0 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEELU-UNZajalgvNmcY704xA&google_cver=1&google_push=Aa02lx8Vi73eT2dd5btYs2TPaz_iz6Fm8SyV0y-Pv6F7SmjYd5YbZ_J8x1DrHLhWM1GNMnGwbz4jdK2OkK5zLG2HsZSGbG9bDh0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=23976006-fc59-4924-8e4c-49e6204a04ae&%%GOOGLE_PUSH_PAIR%%

Request Chain 244

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&rid=esp&cc=1

Request Chain 261

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

Request Chain 262

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9z8cJnldljRUpGeepHqnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1

Request Chain 264

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

Request Chain 266

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9z8cJnldljRUpGeepHqnwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1

Request Chain 268

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPchxFSoIiUaETvd5--t0ss&google_cver=1

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEF-XJyt_kxuP3DWVuDX33NE&google_cver=1

Request Chain 287

https://gum.criteo.com/sid/json?origin=publishertagids&domain=irctc.co.in&sn=ChromeSyncframe&so=0&topUrl=www.irctc.co.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aZypfnxqenpJS29LamVVcG8wd1lkZkE2ZzZwMk40K1VKZDRuT0FTRWZvbU5IditqOXpqWDNJL1RnaHJ4bWROcnE2V25NamFTb3QrWnhYR2Y2MWNVUTlESm5FTHpmYkoyZzY0S2o3WE5ScmlCNTREdkhhOWNZVG91M0kwS291N01QS0NpdnJ1cUthbFRmdGdIaStnQm40YjlWZm0zZzduMWhkUzNVRHJFVTM3ZzdyckIwUzhPQy9pd3llaG82RUJGM216UDBoLzRidDBWOWN0d0dUWldJMWQrSmNZSEg1QjhKdllqQUNaK2YyK2gxTjN1b3RCYUU3RTh2THdWeldWZ2NPWkZRN096YWU5NlR1OU9QczVrSVNDMzRydz09fA&cppv=2

Request Chain 308

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMOsvGUgHKgdX9BVMJ7aX38&google_cver=1&google_push=Aa02lx8_GFMtlMzcBf2LP0bsgCiJx-KgLXijmOfH1hjZTM2suyDCdn3q0TyEFO5nJooMdj36BfJlKvTqUq5eV3swDKIhiVYdfb5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMOsvGUgHKgdX9BVMJ7aX38&google_push=Aa02lx8_GFMtlMzcBf2LP0bsgCiJx-KgLXijmOfH1hjZTM2suyDCdn3q0TyEFO5nJooMdj36BfJlKvTqUq5eV3swDKIhiVYdfb5D

Request Chain 311

https://d5p.de17a.com/cookies/google?google_gid=CAESEH-RWFra3TA8EU4k2KpZuLg&google_cver=1&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr_8-8zE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEH-RWFra3TA8EU4k2KpZuLg&google_cver=1&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr_8-8zE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr_8-8zE

Request Chain 313

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAuR36KQFn6KLJi1SN-dQfU&google_cver=1&google_push=Aa02lx95B1zKovXSoeovtmoIc_yzocvyBW7Dzn-H7qqNaNqvNXXH3oE-UsUYYTrdsTs3S5gtmObW-dp7ugzdxcDo1elurBRki6OS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx95B1zKovXSoeovtmoIc_yzocvyBW7Dzn-H7qqNaNqvNXXH3oE-UsUYYTrdsTs3S5gtmObW-dp7ugzdxcDo1elurBRki6OS HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 355

https://um.simpli.fi/gp_match?google_gid=CAESEPbE4apRYAffXyOkMypSUcM&google_cver=1&google_push=Aa02lx8ru6qzX0Ur4-eYNJdm_C1u9jpebdL7xyqcnykYlPuPM-6q9Soueb5SbF8r5a4hFJ0EiSKtGu89jHoZzuWDJEYvAWhCg2uy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D2255BAB0224085B11809B27DE8B52E&google_push=Aa02lx8ru6qzX0Ur4-eYNJdm_C1u9jpebdL7xyqcnykYlPuPM-6q9Soueb5SbF8r5a4hFJ0EiSKtGu89jHoZzuWDJEYvAWhCg2uy

Request Chain 356

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE3JXMdQEhGu0dGLHi4opJU&google_cver=1&google_push=Aa02lx80noOxsmBTzJI6S_pBCSAHQJdYilXDsEaK00Mzm7Jl9iD2jwqFpOQIaxWSabN4Gci4QXdo3CEDI3_zLc4N_7oZ1qgkd6DCAg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx80noOxsmBTzJI6S_pBCSAHQJdYilXDsEaK00Mzm7Jl9iD2jwqFpOQIaxWSabN4Gci4QXdo3CEDI3_zLc4N_7oZ1qgkd6DCAg&google_hm=hmPc_HLM0aqbXbdQ7A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63DCFC72CCD1AA9B5DB750ECBLIS

Request Chain 357

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8uOreHU5nuM76eAY2Vz78&google_cver=1&google_push=Aa02lx_a6a1McB9a8rS_JfUj1n-iZsdD8CoNyMoULA46QgYmTTT-RWTwCu9ZXwkso3CwijCVfJJBPYOj2fBdWrQiR8pAvnlBbs8mhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_a6a1McB9a8rS_JfUj1n-iZsdD8CoNyMoULA46QgYmTTT-RWTwCu9ZXwkso3CwijCVfJJBPYOj2fBdWrQiR8pAvnlBbs8mhg&google_hm=eS1VSkxrRml0RTJwRURnRVg3Wk5mYkNENVVKUUg0NEpFeX5B

Request Chain 358

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP7aGwdLAjVr2XUQTkMwz0U&google_cver=1&google_push=Aa02lx_tKzsJPMTMGTCy0e1uL8d9wCUZ1hOHQPKhgJPVjc2lNf6I9HaSjOlAOzL7rdNRuBj-M8SI1A11UzyI06F4HByfyQuQeU9U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx_tKzsJPMTMGTCy0e1uL8d9wCUZ1hOHQPKhgJPVjc2lNf6I9HaSjOlAOzL7rdNRuBj-M8SI1A11UzyI06F4HByfyQuQeU9U

Request Chain 359

https://d5p.de17a.com/cookies/google?google_gid=CAESEH-RWFra3TA8EU4k2KpZuLg&google_cver=1&google_push=Aa02lx_ixKN77XED4rh8t4_D06yFzoUy9teDBmi2MLkkz8fRayPsPWikL26NkQ2iTjypLH-CWxIoIF2D2R_6aHKXiae_dScQ93N1LA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ixKN77XED4rh8t4_D06yFzoUy9teDBmi2MLkkz8fRayPsPWikL26NkQ2iTjypLH-CWxIoIF2D2R_6aHKXiae_dScQ93N1LA

Request Chain 360

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHlcsQJaWfrcyjlmTaUchEk&google_cver=1&google_push=Aa02lx8rwopFKEisxfT1qUdCkI-59MLJtdJTdQD-5Hiy2Fhh2e2_tMQd_9frmYcYO7KhCdilwGA9ZfdD30cqpzRa8dJBCsd-u4Azsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx8rwopFKEisxfT1qUdCkI-59MLJtdJTdQD-5Hiy2Fhh2e2_tMQd_9frmYcYO7KhCdilwGA9ZfdD30cqpzRa8dJBCsd-u4Azsw

Request Chain 376

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE3JXMdQEhGu0dGLHi4opJU&google_cver=1&google_push=Aa02lx8uNQkIc5RigSnfyp9-_mtMixsWmpsUpLb1f8d84VMCHCx2ujMXTQZUWjJ3Uyj32m1gdoJfVYaqiTcEvZluDdnPAnEj8g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8uNQkIc5RigSnfyp9-_mtMixsWmpsUpLb1f8d84VMCHCx2ujMXTQZUWjJ3Uyj32m1gdoJfVYaqiTcEvZluDdnPAnEj8g&google_hm=hmPc_HLM0aqbXbdQ7A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63DCFC72CCD1AA9B5DB750ECBLIS

Request Chain 377

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP7aGwdLAjVr2XUQTkMwz0U&google_cver=1&google_push=Aa02lx-pGxl371qWiYW-S4Bw6CbfxBMrhbrQ49fuC_Bu70_caipIdMxBj2Fx67wtLkEQda5dT7QstQ6oSaoh8JDo1k3mvWpToO4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-pGxl371qWiYW-S4Bw6CbfxBMrhbrQ49fuC_Bu70_caipIdMxBj2Fx67wtLkEQda5dT7QstQ6oSaoh8JDo1k3mvWpToO4

Request Chain 378

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP7aGwdLAjVr2XUQTkMwz0U&google_cver=1&google_push=Aa02lx-Nl6Dp2tXoiXYLcsJD5IMbMJDcWKwruBq0XCglGLFSpMjj3ZVy5kTAYR8jd0VpJ0VaCxz0eayWUqE55rE1iYJD48RJu0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-Nl6Dp2tXoiXYLcsJD5IMbMJDcWKwruBq0XCglGLFSpMjj3ZVy5kTAYR8jd0VpJ0VaCxz0eayWUqE55rE1iYJD48RJu0M

Request Chain 379

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELJ55THcDyM8HaM9Jm4jrhM&google_cver=1&google_push=Aa02lx9nHpoJAC10DZs3VqYzsIb_-5uPgM0V9O6mVncjRJMVXXXknJd5p1lkMer-C3Z9FBBu1MWr50Q1vTb_BqMtyIDP76DT-XE HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELJ55THcDyM8HaM9Jm4jrhM&google_hm=Y9z8cJnldljRUpGeepHqnwAADREAAAIB&google_nid=index&google_push=Aa02lx9nHpoJAC10DZs3VqYzsIb_-5uPgM0V9O6mVncjRJMVXXXknJd5p1lkMer-C3Z9FBBu1MWr50Q1vTb_BqMtyIDP76DT-XE

Request Chain 380

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBU7wXp2aOyo49qNrJW3SvI&google_cver=1&google_push=Aa02lx_0ddnG56mZvC8DXHzDm1eqkI9xp6GAl-mtBDB6icQcqpjmFmYwbnkK1NMDg35HWuBGuD7zohQ9GTEm4YgbPtvwTyOA53E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_0ddnG56mZvC8DXHzDm1eqkI9xp6GAl-mtBDB6icQcqpjmFmYwbnkK1NMDg35HWuBGuD7zohQ9GTEm4YgbPtvwTyOA53E

Request Chain 381

https://ups.analytics.yahoo.com/ups/58408/sync?_origin=1&redir=true&google_gid=CAESECHPAIzdc0lghJN8oDRolCs&google_cver=1&google_push=Aa02lx_R0rkv6qKDn9eEczczkJkvMDFtphGLlWVNB9q2V1fZPG7bgUle2t1_8x55LEEGyLULiqoPJlPFG6j5UqWHEzB_RU5JfCU4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&axid=y-lMNeETFE2uI.mRf3oZODxjiLqLC8zl4-~A

404 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.irctc.co.in/nget/
Redirect Chain

http://irctc.co.in/
https://www.irctc.co.in/nget/

8 KB
4 KB

1761ms
181ms

Document
text/html

103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

38a9402c194c04c8938d549d6f8c2bec5f4b67a105d9443bb0a928795898b937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3392
Content-Type: text/html
Date: Fri, 03 Feb 2023 12:22:02 GMT
ETag: "63dbaf6a-20df"
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://www.irctc.co.in/nget/

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 131ms
48ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 711, 617, 617, 617
age: 792206
cdn-cachedat: 2021-06-08 11:36:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ff6c81e8dbead6336c9b9b0b01a67ea0
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 793b2138fd159012-FRA
cdn-requestpullsuccess: True

GET
H2 200 primeng.min.css
cdn.jsdelivr.net/npm/primeng@9.0.5/resources/ 82 KB
13 KB 137ms
48ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/primeng@9.0.5/resources/primeng.min.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4dc56c750713f32eca2279a7c5f231687bad8a0e061163190467c8b233f48075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 12:22:02 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 9093514
x-jsd-version: 9.0.5
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13600
x-served-by: cache-fra-eddf8230127-FRA, cache-hhn-etou8220055-HHN
x-jsd-version-type: version
etag: W/"148d2-QCOPsMfgB3Gv5lC5cCFW7GJ/W5A"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 theme.css
cdn.jsdelivr.net/npm/primeng@9.0.5/resources/themes/nova-light/ 122 KB
11 KB 131ms
42ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/primeng@9.0.5/resources/themes/nova-light/theme.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cff247c4d6c20697eb3565e8cdce376842e41201d0e7a571e3649d1e92f7ed39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 12:22:02 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1421105
x-jsd-version: 9.0.5
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10972
x-served-by: cache-fra-eddf8230026-FRA, cache-hhn-etou8220055-HHN
x-jsd-version-type: version
etag: W/"1e656-GK4wGRb8W39oFMuC7UrLwsPQWdk"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/ 30 KB
7 KB 128ms
40ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 12:22:02 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 6927513
x-jsd-version: 4.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7055
x-served-by: cache-fra-eddf8230115-FRA, cache-hhn-etou8220055-HHN
x-jsd-version-type: version
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 150ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c276285708800494d413ec1eb5884caf4d2e4e2b6e39b63c2f1e4988e568b2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27307
x-xss-protection: 0
server: sffe
etag: "1471 / 745 of 1000 / last-modified: 1675379458"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 12:22:02 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
fonts.gstatic.com/s/quicksand/v7/ 18 KB
19 KB 133ms
43ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v7/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed8e43c88fcddea19fc1ca953fa736916195f311463ed76b23bcf0a6254f1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 08:05:30 GMT
x-content-type-options: nosniff
age: 15392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18704
x-xss-protection: 0
last-modified: Tue, 10 Oct 2017 23:17:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 08:05:30 GMT

GET
H2 200 da004191678d8e062dab7ecdea625a5251b9dfde.js Show response
cdn.truenotify.co.in/scripts/ 6 KB
2 KB 142ms
47ms Script
application/javascript 2606:4700::6812:1375
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.truenotify.co.in/scripts/da004191678d8e062dab7ecdea625a5251b9dfde.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1375 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2ab55f0c3f815827b29222e282e6d787daa928e68505f03f891d2ab5718d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 26 May 2021 06:03:50 GMT
server: cloudflare
age: 962566
etag: W/"60ade4c6-1981"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 793b2139ff362bd3-FRA
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 12:22:02 GMT

GET
H/1.1 200
OK styles.2c093eed1ff9b4d2c007.css
www.irctc.co.in/nget/ 95 KB
30 KB 182ms
181ms Stylesheet
text/css 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

33637f6b6a3662f9c036a67e1d0fd93836de662694bfe8b32d60acb164a752ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:02 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-17d29"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK runtime-es2015.74d6d70d3e240a0c777f.js Show response
www.irctc.co.in/nget/ 2 KB
2 KB 535ms
178ms Script
application/javascript 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/runtime-es2015.74d6d70d3e240a0c777f.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

798ddfc68ce50b0c89a0d358621cd3b3f419ccb147535c3058af8c3e206390f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:02 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:27 GMT
Server: nginx
ETag: "63dbaf3b-97f"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1568

GET
H/1.1 200
OK polyfills-es2015.92db6019d455ba03538e.js Show response
www.irctc.co.in/nget/ 51 KB
23 KB 543ms
181ms Script
application/javascript 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

c62958fc98ac3452f7687435a0e5f11a44812aae297ed4849a5dbe02770b7c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:02 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:27 GMT
Server: nginx
ETag: "63dbaf3b-ccdf"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22796

GET
H/1.1 200
OK main-es2015.52a5ae59daebac56b2c7.js Show response
www.irctc.co.in/nget/ 1 MB
494 KB 740ms
370ms Script
application/javascript 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/main-es2015.52a5ae59daebac56b2c7.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

2d8a9d9440779033ef22fda8f3e83636de66dae6fb36720c3c9a077bc4e19a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:02 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:41:11 GMT
Server: nginx
ETag: "63dbaf67-16bfe4"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 256 KB
62 KB 151ms
59ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.truenotify.co.in
URL: https://cdn.truenotify.co.in/scripts/da004191678d8e062dab7ecdea625a5251b9dfde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43065e1a04c96cf817e244a58f9efb5222e24d40714a6003274a43df40bbb0a3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Feb 2023 12:03:21 GMT
server: cloudflare
age: 1074
etag: W/"63dcf809-3fe14"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 793b213ada7c2c35-FRA
x-xss-protection: 1; mode=block
expires: Mon, 06 Mar 2023 12:22:02 GMT

GET
H2 200 pubads_impl_2023020201.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 170ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132430
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:36:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Feb 2024 12:20:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 866 B
923 B 203ms
74ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.irctc.co.in

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

485dee28b836ceffebb2603513be31de136e0ab4f06eaa07192c9599ccbebb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 380
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 175ms
51ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 11:12:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4192
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Feb 2023 13:12:10 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 988C 4 KB
1 KB 49ms
48ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2624501
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 793b213bab802c35-FRA
content-encoding: br
content-type: text/html
date: Fri, 03 Feb 2023 12:22:02 GMT
expires: Mon, 06 Mar 2023 12:22:02 GMT
last-modified: Tue, 05 Apr 2022 12:00:20 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 21928950349 Show response
fundingchoicesmessages.google.com/i/ 123 KB
42 KB 174ms
72ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21928950349?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f410f1c19a8457ade7e6df8f46efed9788301d7beda6e0d49d6ccbc2d4fcc19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--R0kK067U37494DxYO1ubw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:03 GMT
content-security-policy: script-src 'report-sample' 'nonce--R0kK067U37494DxYO1ubw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUTx6mFG4EtVekgAnPEDik4cLysqNvMzk6XK4W8KvC9zLtS-1ah_HYIIxoeQg-WhxYYnZMimh9SEIRlpijRAoM= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUTx6mFG4EtVekgAnPEDik4cLysqNvMzk6XK4W8KvC9zLtS-1ah_HYIIxoeQg-WhxYYnZMimh9SEIRlpijRAoM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1NDI2OTIzLDIxMjAwMDAwMF0sIjlERjk5RTU1LUJBNDMtNDA5My05QkM2LTE1OUY4MzY4NDFBRSIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cuaXJjdGMuY28uaW4vbmdldC8iLG51bGwsW1s4LCJTR0NZM0JKTGNSRSJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SGCY3BJLcRE.es5.O/d=1/rs=AJlcJMy98S3HdWZjDs5jLzFJMBSKOgoG-Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b4a1e3c947129ed44d27ce5c0ebdee25212381d1172fdb4f517bc9c58bafacb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UM9Xhz4pl-k83SEmC_IbhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UM9Xhz4pl-k83SEmC_IbhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUAChmtDM85ixVRRYeUNGOlA1ZIR_zyqTv_8wMcoDWQxWPwhfqyBZlFhRhFGMxIGwnyd7yCd2HxUe20bOCu-prKbK2CTdoZLwGZTCUVzozFlOqzTQznxqXejlAPOifm2kdvZE735g== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUAChmtDM85ixVRRYeUNGOlA1ZIR_zyqTv_8wMcoDWQxWPwhfqyBZlFhRhFGMxIGwnyd7yCd2HxUe20bOCu-prKbK2CTdoZLwGZTCUVzozFlOqzTQznxqXejlAPOifm2kdvZE735g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1NDI2OTIzLDI5MDAwMDAwMF0sIjlERjk5RTU1LUJBNDMtNDA5My05QkM2LTE1OUY4MzY4NDFBRSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cuaXJjdGMuY28uaW4vbmdldC8iLG51bGwsW1s4LCJTR0NZM0JKTGNSRSJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06a7502e1de32067b728f917bda871dccd54e6e205b74f2c195f38392d04252d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iGnNmtjUdISgPCCzof2IXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iGnNmtjUdISgPCCzof2IXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 58ms
57ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.9653387768172497

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FjCNG8TVTlpSaekx1NVk4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FjCNG8TVTlpSaekx1NVk4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 58ms
58ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.1318949212099305

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--AWqp8qreo7sdQ1o6abUpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:04 GMT
content-security-policy: script-src 'report-sample' 'nonce--AWqp8qreo7sdQ1o6abUpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 141ms
56ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GsU86xs-8ORTvZ92voPESw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 12:22:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-GsU86xs-8ORTvZ92voPESw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.irctc.co.in
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _ Show response
fundingchoicesmessages.google.com/f/AGSKWxX8Ho-psCAz_KLeJZDgD0Q5o-_vFq8ED8Mw8svdrI9JHaAZp9QZUpb2BGbXBtiYpCSfPKlObr7BxHDqPi1xz_N2Wppg1yFHSlQgoWLY02jPHBo1fPPjc4WqWKb1qWjgngQlUGHelO_hFpkvfR3O546tJ-mFp... 54 B
109 B 58ms
58ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX8Ho-psCAz_KLeJZDgD0Q5o-_vFq8ED8Mw8svdrI9JHaAZp9QZUpb2BGbXBtiYpCSfPKlObr7BxHDqPi1xz_N2Wppg1yFHSlQgoWLY02jPHBo1fPPjc4WqWKb1qWjgngQlUGHelO_hFpkvfR3O546tJ-mFpngjBgDCFNMeqyebhMoDDrqvScT64Z4v/_?img_adv=160x600.php?/ad_mobile./affiliationcash.=webad2&

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SGCY3BJLcRE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMy98S3HdWZjDs5jLzFJMBSKOgoG-Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4983ef1951e326ec6d5e0210c3f2b0eb0a6de637731e2479d227c0a6ddbaa8ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tdi52N_cGKEdElGTqbpQhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-tdi52N_cGKEdElGTqbpQhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 82 KB
30 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b7af74bd7f547d790e7842d575f99e18d0933971ece4160ad262103a030193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29865
x-xss-protection: 0
server: cafe
etag: 9289440476995551500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:35:03 GMT

POST
H3 204 AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 55ms
55ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-upDIrYd7bKpJi15LrMLvBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 12:22:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-upDIrYd7bKpJi15LrMLvBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
56ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WL4odXARGhVZ-7GdJmwIIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 12:22:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-WL4odXARGhVZ-7GdJmwIIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 59ms
59ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vWDy8LgYAwIlPP7o6_tlGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 12:22:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-vWDy8LgYAwIlPP7o6_tlGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
56ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXipPR15fWOzNjyVGN6oStkzG-M3LUadG78F35Vcw6zWJt3bwW7_-cE26h5v3Qn74ru16-8PJ4IyhJoaRA3OmoC0YEMEi8944UsXvQH79p-AYlAgv8LzBEjXOS8MXyvpo6zqLtCtQ==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iLIdByPOuwBO7csyzUyG9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 12:22:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iLIdByPOuwBO7csyzUyG9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXRKKbiMog3zf-in8ZlHtd7DIrlVFJHvqMXXBVpRUSfTUY3SC0ku8F8SmNbKoEPIRhdyNHdIDeEwtWTI5zfdWy_PivgADUw2zF0jBsjGEz_sbI38yS7P5rT-YM0QMg-jW1aLvllZw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXRKKbiMog3zf-in8ZlHtd7DIrlVFJHvqMXXBVpRUSfTUY3SC0ku8F8SmNbKoEPIRhdyNHdIDeEwtWTI5zfdWy_PivgADUw2zF0jBsjGEz_sbI38yS7P5rT-YM0QMg-jW1aLvllZw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1NDI2OTI1LDIxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmlyY3RjLmNvLmluL25nZXQvIixudWxsLFtbOCwiU0dDWTNCSkxjUkUiXSxbOSwiZGUiXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

617c7d38ce3d2eb6e227e61cdf0cee6229608648fb285914091f66bb4f62cd3c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9xKOn9KTLqZbKtgK84o00A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9xKOn9KTLqZbKtgK84o00A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW-qcDiYltjOGr7QQ15nHCBegZR9Rb0ndXgMh1tqRql0eWOl-l-xtwA2luz3XVdvxx3Ed3sFqy5cnwAUszdG653lobTGw1HPF1o7zl41DWnV2x9yXGREalZb5uRSbXt7XkLN0n0zw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
55ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW-qcDiYltjOGr7QQ15nHCBegZR9Rb0ndXgMh1tqRql0eWOl-l-xtwA2luz3XVdvxx3Ed3sFqy5cnwAUszdG653lobTGw1HPF1o7zl41DWnV2x9yXGREalZb5uRSbXt7XkLN0n0zw==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--HoLNtQWm8W1mmc7IlwpzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 12:22:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--HoLNtQWm8W1mmc7IlwpzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK labels_en.json Show response
www.irctc.co.in/nget/assets/json/ 93 KB
40 KB 372ms
372ms XHR
application/json 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/assets/json/labels_en.json

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

262963e8e03e2668c715978d71b6c65cc44688477bc24ed857049cc816494472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.irctc.co.in/nget/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-17256"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK errorMessage_en.json Show response
www.irctc.co.in/nget/assets/json/ 35 KB
12 KB 181ms
181ms XHR
application/json 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/assets/json/errorMessage_en.json

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

4fbda464b0ab362bf4a8767ef18fcce104801dc20ea391eb390dff26bc5b5287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.irctc.co.in/nget/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Strict-Transport-Security: max-age=31536000; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
Content-Encoding: gzip
ETag: "63dbaf6a-8b59"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12213
X-XSS-Protection: 1; mode=block

GET StationLinguisticNames
www.irctc.co.in/eticketing/ 0
0

GET
H/1.1 200
OK trainList Show response
www.irctc.co.in/eticketing/ 139 KB
62 KB 390ms
390ms XHR
application/javascript 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/trainList

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

3052919fe7a3f7192c6b86f9dacf0fcd2d558403fbd516774ec5938a52e79acf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
greq: 1675426926138
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK 1675426926157 Show response
www.irctc.co.in/eticketing/protected/profile/textToNumber/ 3 B
2 KB 577ms
195ms XHR
text/plain 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/protected/profile/textToNumber/1675426926157

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

51d089cdaf0c968c94b80671489d22b6f79b1c57de80df880b008e9b37b49788

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
greq: 1675426926138
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Connection: keep-alive

GET
H/1.1 200
OK css-sprite-combined1.11356089c173c53adec9.png
www.irctc.co.in/nget/ 35 KB
35 KB 1247ms
185ms Image
image/png 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/css-sprite-combined1.11356089c173c53adec9.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

88d6097c7ba2f13047bedd278df6f7a530352beb534af2f3d94cd712f0711eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-8bd3"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35795

GET
H2 200 fontawesome-webfont.woff2
cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/ 75 KB
76 KB 42ms
41ms Font
font/woff2 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 12:22:06 GMT
x-content-type-options: nosniff
age: 1415070
x-jsd-version: 4.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77160
x-served-by: cache-fra-eddf8230046-FRA, cache-hhn-etou8220055-HHN
x-jsd-version-type: version
etag: W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 169ms
49ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 200ms
73ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 706 B
891 B 74ms
73ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f37eb0856b2e98ed1bd7967c16fd34882e3a399ffd2d0d4b15b8c37c25e39cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 381
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F65 6 KB
3 KB 171ms
47ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:06 GMT
expires: Sat, 03 Feb 2024 12:22:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK newsandalert Show response
www.irctc.co.in/eticketing/webservices/taenqservices/ 14 KB
8 KB 566ms
204ms XHR
application/json 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/webservices/taenqservices/newsandalert

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

39ee5508aa4a59ddc7898282960c7b114b61dbf8e2754db3fcf8657ff5586f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
greq: 1675426926138
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:06 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: no-cache, no-store, must-revalidate,max-age=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK country Show response
www.irctc.co.in/eticketing/protected/mapps1/ 15 KB
6 KB 1331ms
890ms XHR
application/json 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/protected/mapps1/country

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

b56ae65a1211ae8c92bb0befb5a4d93155b641f4993e6bdbae5a1d0b5a08939b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
greq: 1675426926138
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Connection: keep-alive

GET
H/1.1 200
OK StationLinguisticNames Show response
www.irctc.co.in/eticketing/ 370 KB
175 KB 629ms
183ms XHR
application/javascript 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/StationLinguisticNames?hl=en_hi

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

2d83b2e0e18e725022509374fe2accb0f9d653e68ca8106093f0844097e09f80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
greq: 1675426926138
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: max-age=21600
Content-Disposition: filename="StationLinguisticNames_en_hi.js"
Connection: keep-alive

GET
H2 200 nlpCubeBox.js Show response
cdn.nlpcaptcha.in/js/ 3 KB
3 KB 152ms
39ms Script
application/javascript 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlpcaptcha.in/js/nlpCubeBox.js
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/main-es2015.52a5ae59daebac56b2c7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: fd717dd825a505eae20728b83a9058feb690059b9fa3abe91cd8e3c55ac14c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:06 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-cachedat: 12/01/2022 21:38:09
cdn-pullzone: 87331
last-modified: Sun, 20 Nov 2022 09:29:53 GMT
server: BunnyCDN-DE1-722
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6379f391-df0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: 5434b9092ed88cf2e2613c221e2981fd
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chatbotlib.min.js Show response
sdk.irctc.corover.ai/askdisha-bucket/ 889 B
1 KB 660ms
220ms Script
application/javascript 13.235.143.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbotlib.min.js
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/main-es2015.52a5ae59daebac56b2c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.235.143.202 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-235-143-202.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: 29395c5352fa16a6e5db9b6db042b016b4703c3f13c2ac2e50daf2fcbe80917a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:06 GMT
x-amzn-trace-id: Root=1-63dcfc6e-3665135b34dfe8566a587cc9
x-amzn-requestid: ed51875f-d963-4807-94df-a6f6f0bd12d1
content-length: 889
x-amz-apigw-id: fwxhVF2ghcwFoDw=
content-type: application/javascript

GET
H/1.1 200
OK Web_alerts_700x90.jpeg
contents.irctc.co.in/en/ 34 KB
34 KB 1557ms
179ms Image
image/jpeg 103.252.142.22
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contents.irctc.co.in/en/Web_alerts_700x90.jpeg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.22 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

Resource Hash

8d37ba57f34de55fa31f52bc2bfbd915dc265fd6008d16a03702bce45b11d8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://*.irctc.co.in
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 10:36:32 GMT
ETag: "62ac5930-8768"
X-Frame-Options: allow-from https://*.irctc.co.in
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34664
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Koo.png
www.irctc.co.in/nget/assets/images/ 981 B
1 KB 195ms
191ms Image
image/png 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/Koo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

4e332dddbbf42315e57389a1acceeba09e8e557301137fa7c17084463d90ee10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-3d5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 981

GET
H/1.1 200
OK G20_Logo.png
www.irctc.co.in/nget/assets/images/ 5 KB
5 KB 632ms
189ms Image
image/png 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/G20_Logo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

0249990b2729bc3064b6ab3ca227955708e9599ff362008931c7d73b9eccee4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-1422"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5154

GET
H/1.1 200
OK logo_top_eng.jpg
www.irctc.co.in/nget/assets/images/ 4 KB
4 KB 778ms
185ms Image
image/jpeg 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/logo_top_eng.jpg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

09abcd93a612c0eff446b57176ab9520a6826bf88fadbae6c10093b389ce51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Strict-Transport-Security: max-age=31536000; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-ee7"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3815
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK checkBox.8cf423073e71167979b5.jpg
www.irctc.co.in/nget/ 688 B
1 KB 816ms
191ms Image
image/jpeg 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/checkBox.8cf423073e71167979b5.jpg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

74d955fc1fabc21de7667611927dae6d60804e5696684359564d897970095203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-2b0"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 688
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK home_page_banner1.ab4db3998511d52c6612.jpg
www.irctc.co.in/nget/ 196 KB
197 KB 703ms
199ms Image
image/jpeg 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/home_page_banner1.ab4db3998511d52c6612.jpg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

cdf52f83d9e402b936bbf65818f2fec7270ae54d83883d69baded01cf0d3228b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-31165"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 201061

GET
H/1.1 200
OK primeicons.04701ca33ce96d325419.ttf
www.irctc.co.in/nget/ 39 KB
20 KB 401ms
360ms Font
application/octet-stream 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/primeicons.04701ca33ce96d325419.ttf

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

38fa9ef0a9b1bfed89c84a815e2f827a690dd92cbdcda7a4f74f2020ccd9d7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
Origin: https://www.irctc.co.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:06 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-9a94"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20387

GET
H/1.1 200
OK secondry-logo.png
www.irctc.co.in/nget/assets/images/ 3 KB
3 KB 775ms
189ms Image
image/png 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/secondry-logo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

94499175047491038f44a62b1d7a658ccee12d833c405e980b8fe2621464431e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-c4d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3149

GET
H/1.1 200
OK logo.png
www.irctc.co.in/nget/assets/images/ 2 KB
2 KB 965ms
189ms Image
image/png 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/logo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

11ebf641b813e8a0a052556192651e12b650e6386f8a252b46843c8bd20e9a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-730"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1840

GET
H/1.1 200
OK pnr.png
www.irctc.co.in/nget/assets/images/icons/ 324 B
638 B 916ms
184ms Image
image/png 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/icons/pnr.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

ed988b9e45ba388c6d237e75853f2d50c6747151a47d3705aedbf29d53a5258e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-144"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 324

GET
H/1.1 200
OK chart.png
www.irctc.co.in/nget/assets/images/icons/ 371 B
685 B 961ms
191ms Image
image/png 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/icons/chart.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

5ce8bf6ae4d027eba517d00945ea878f377dd31272849fd33d553dffad1f7d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:07 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-173"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 371

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 224ms
82ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122267849-1

Requested by

Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbotlib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1515d1510afa03ddf92abd325d92ac50ff2cdeb4a7a490e82f01ec756cb433ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43886
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 12:22:07 GMT

GET
H2 200 chatbot_IRCTC_V2.js Show response
sdk.irctc.corover.ai/askdisha-bucket/ 72 KB
72 KB 457ms
457ms Script
application/javascript 13.235.143.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675426926935
Requested by: Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbotlib.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.235.143.202 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-235-143-202.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: 8830352e98600fe962b1e37f9ef58d533cd5ef339bfc7e218411015e101f5b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
x-amzn-trace-id: Root=1-63dcfc6f-376abba41a51aed030e12d30
x-amzn-requestid: 0998c76a-5923-4bab-ade0-e66c3d6570b6
content-length: 73807
x-amz-apigw-id: fwxhYE_4hcwFoYg=
content-type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 74ms
73ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=602504223&t=pageview&_s=1&dl=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&ul=en-us&de=UTF-8&dt=IRCTC%20Next%20Generation%20eTicketing%20System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAIAB~&jid=739702018&gjid=378630217&cid=1903162748.1675426923&tid=UA-122267849-1&_gid=1561190370.1675426923&_r=1&_slc=1&gtm=457e3210&z=719308723

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
51ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122267849-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 11:12:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4197
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Feb 2023 13:12:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 163ms
52ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-122267849-1&cid=1903162748.1675426923&jid=739702018&gjid=378630217&_gid=1561190370.1675426923&_u=aEDAAUAAAAAAACAAIAB~&z=449704256

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 12:22:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 154ms
65ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-122267849-1&cid=1903162748.1675426923&jid=739702018&_u=aEDAAUAAAAAAACAAIAB~&z=594381918

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 186ms
97ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-122267849-1&cid=1903162748.1675426923&jid=739702018&_u=aEDAAUAAAAAAACAAIAB~&z=594381918

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675426926935

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbb064d01b24448eaed943710487f7cf539bd2f56d8650d96fd110121e892f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27308
x-xss-protection: 0
server: sffe
etag: "1471 / 870 of 1000 / last-modified: 1675379458"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 12:22:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8692878304946020

Requested by

Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675426926935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

505abc1690dd417f3d28d544d6b2dd170786c05922f17b409c758fa95376e3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49785
x-xss-protection: 0
server: cafe
etag: 11633172141295984243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9620429535585055

Requested by

Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675426926935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2b015db432876cfc6cd3ec5a9e0218d1e61def1ffa90a749e0b68868ffa268b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49870
x-xss-protection: 0
server: cafe
etag: 14699572398793698886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9126873611544123

Requested by

Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675426926935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

500708ff8ecf24f8d44c4e16df98b8b93ad5035b51f2b9d956866013aac28cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49789
x-xss-protection: 0
server: cafe
etag: 338161253582005919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:07 GMT

GET 320x50_placeholder.html
assistant.corover.mobi/ Frame 2150 0
0

GET
H/1.1 200
OK AskDisha2.0-Book-train-ticket-blue.gif
uiresource.ap-south-1.linodeobjects.com/irctc/ 85 KB
86 KB 640ms
202ms Image
image/gif 2400:8901::f03c:92ff:fe35:a93f
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uiresource.ap-south-1.linodeobjects.com/irctc/AskDisha2.0-Book-train-ticket-blue.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:a93f , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: e7d216bc3ccbc2487aff1649e35d2ee3d329d941e48cd2e9f8ba83f7412ea10d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Thu, 19 May 2022 04:59:38 GMT
x-amz-request-id: tx000000000000000d28730-0063dcfc70-59a92be-default
ETag: "b94c560aafb127dfe9a3bc66b988f74f"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87364

GET
H2 200 320x50_placeholder.html Show response
assistant.corover.mobi/ Frame 41B7 1 KB
904 B 161ms
40ms Document
text/html 13.32.27.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assistant.corover.mobi/320x50_placeholder.html
Requested by: Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675426926935
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-3.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 172d69ea24f81ead966ddd005f1868a2d0c34748229f85265e8c48e61c25f1e8

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1089
content-encoding: gzip
content-type: text/html
date: Fri, 03 Feb 2023 12:12:53 GMT
etag: W/"1e581b1b942d6160c0ce433f7391981a"
last-modified: Mon, 23 Jan 2023 14:05:09 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id: 1_5F9_noDckL_TXNmapRtLXH8GFx8i8BfTGShXaCVO2zZoDwHJSC_A==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 160 KB
58 KB 142ms
45ms Script
application/javascript 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675426926935
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 44acb0e3beaf912bc3a2f20095391d10757fa7de79ca67489584bcdb9004d2e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: br
cdn-edgestorageid: 1049
cdn-storageserver: DE-197
cdn-cachedat: 01/28/2023 14:35:49
cdn-pullzone: 873945
last-modified: Sat, 28 Jan 2023 14:34:55 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 336
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63d5328f-2811a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 1c0f4b370f957d658edea901a837867f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK disha.gif
eticket.ap-south-1.linodeobjects.com/ 386 KB
386 KB 631ms
207ms Image
image/gif 2400:8901::f03c:92ff:fe35:5c07
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/disha.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c07 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: a51b849270fefbfd714cc4b625cb0f91b29025cbf33fb3da985a3bde40894ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Thu, 07 Apr 2022 23:12:50 GMT
x-amz-request-id: tx000000000000000d24590-0063dcfc70-599c365-default
ETag: "2ab0547d498e8cdeee21bc8fb91974d7"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 394942

GET
H/1.1 200
OK irctc.png
eticket.ap-south-1.linodeobjects.com/ 216 KB
216 KB 643ms
208ms Image
image/png 2400:8901::f03c:92ff:fe35:5c07
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/irctc.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c07 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: af35cff9e5c54ebfb078d8f6c3f1220e8cd98f34e4dfecbfa1e9b8da15037cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Tue, 05 Apr 2022 10:12:37 GMT
x-amz-request-id: tx000000000000000d19afa-0063dcfc70-59a864b-default
ETag: "cb3871b3e44a2591773e9322070fc9a2"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221026

GET
H/1.1 200
OK Thumbsup.gif
dishav3.ap-south-1.linodeobjects.com/ 697 KB
697 KB 704ms
203ms Image
image/gif 2400:8901::f03c:92ff:fe35:5c7e
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dishav3.ap-south-1.linodeobjects.com/Thumbsup.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c7e , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: e2927f16c3d19be6cfa6a76cd46151a348682feb5492b4547eba7043122ef57f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Wed, 03 Aug 2022 02:45:57 GMT
x-amz-request-id: tx000000000000016fc2edc-0063dcfc70-54a3e12-default
ETag: "bb782b9930513fe8e146ecaf4447f642"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 713664

GET
BLOB 200
OK df60d313-a097-43bd-86f5-85e8f5115f2e
https://www.irctc.co.in/ 794 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.irctc.co.in/df60d313-a097-43bd-86f5-85e8f5115f2e
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd703ef56efbb4bd984727e547e21e9591ad9ccbdf0349e1fee0d6b526a8f80e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 794
Content-Type: image/svg+xml

GET
H/1.1 200
OK Minimum.png
eticket.ap-south-1.linodeobjects.com/ 3 KB
3 KB 657ms
217ms Image
image/png 2400:8901::f03c:92ff:fe35:5c07
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/Minimum.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c07 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: 5ba5e420bc8592ac1d1c281ecf90ad92c17f023e96c8a2bd9e12d072cb75cdce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Fri, 20 May 2022 07:08:10 GMT
x-amz-request-id: tx00000000000002c10905f-0063dcfc70-5211619-default
ETag: "e5d0f9e65b32203909bd904c72408836"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2942

GET
H/1.1 200
OK DEALS....png
uiresource.blob.core.windows.net/chatbot-res/irctc/res/ 48 KB
48 KB 896ms
207ms Image
image/png 20.150.114.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uiresource.blob.core.windows.net/chatbot-res/irctc/res/DEALS....png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.114.33 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8600726486c2065e1f5c13a5f7fdeaff05ac6098bb5c6d9726e5f93f1e7ae345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Tue, 26 Nov 2019 14:29:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D7727D0F3019E6"
Content-Type: image/png
x-ms-request-id: a0eab254-101e-0081-7fca-376bec000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 49140
x-ms-lease-state: available

GET
H/1.1 200
OK close-white-ad.png
eticket.ap-south-1.linodeobjects.com/ 1 KB
1 KB 648ms
208ms Image
image/png 2400:8901::f03c:92ff:fe35:5c07
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/close-white-ad.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c07 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: 66287d6e66f6823abe9c9ee9eaaf6355936571e002236a9cc75aeacc5eb86c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Fri, 03 Jun 2022 14:56:24 GMT
x-amz-request-id: tx000000000000016124eb7-0063dcfc70-54caf3d-default
ETag: "502ea029dd3cc26d5af756562b2bb292"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1155

GET
H/1.1 200
OK IRCTC-banner-4.gif
dishav3.ap-south-1.linodeobjects.com/ 223 KB
223 KB 712ms
206ms Image
image/gif 2400:8901::f03c:92ff:fe35:5c7e
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dishav3.ap-south-1.linodeobjects.com/IRCTC-banner-4.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c7e , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: c793dd8a847fe4f25969decc6f72cabe54099061f550f5536bd8661de6121eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Sat, 24 Dec 2022 15:59:01 GMT
x-amz-request-id: tx000000000000004b76aa3-0063dcfc70-58b7d9f-default
ETag: "d46e6f25cd4a751bab1e468eaf4c0c5d"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 227940

GET
H/1.1 200
OK train-blue.svg
eticket.ap-south-1.linodeobjects.com/ 3 KB
3 KB 650ms
214ms Image
image/svg+xml 2400:8901::f03c:92ff:fe35:5c07
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/train-blue.svg
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c07 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: 1a435e38d1ebd36e06475ba4851e212bc3e800007ac9e1d874dedf10691134b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Tue, 05 Apr 2022 09:16:06 GMT
x-amz-request-id: tx000000000000000d31252-0063dcfc70-59a828b-default
ETag: "5f401ef194b5c964ffcd480f8ed189fb"
Content-Type: image/svg+xml
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3106

GET
H/1.1 200
OK disha-support.png
dishav3.ap-south-1.linodeobjects.com/ 25 KB
25 KB 715ms
205ms Image
image/png 2400:8901::f03c:92ff:fe35:5c7e
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dishav3.ap-south-1.linodeobjects.com/disha-support.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:8901::f03c:92ff:fe35:5c7e , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software: /
Resource Hash: 9b048c6923acbaead832cbf4da52658759e4a503436a3b7aca36eb647e0749c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Last-Modified: Fri, 23 Dec 2022 16:19:36 GMT
x-amz-request-id: tx000000000000000d288e6-0063dcfc70-59a9306-default
ETag: "d25caffc3a7289c603771441fe650394"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25172

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ 359 KB
118 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8692878304946020&plah=www.irctc.co.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9126873611544123

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caa3291280c6817ef3716377f85cead6dac8b80db67a70d2a8069f996889d128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120764
x-xss-protection: 0
server: cafe
etag: 7501927231883531665
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame 221D 10 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9126873611544123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 19:46:09 GMT
etag: 10353107486223812946
expires: Thu, 16 Feb 2023 19:46:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 41B7 79 KB
27 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: assistant.corover.mobi
URL: https://assistant.corover.mobi/320x50_placeholder.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c38c1305457e7dc04054c965de0d9b61fdd4539701260a567a52b26a5f0c37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27229
x-xss-protection: 0
server: sffe
etag: "1471 / 142 of 1000 / last-modified: 1675379458"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 12:22:07 GMT

GET
H3 200 pubads_impl_2023013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 41B7 386 KB
131 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133639
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 09:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Feb 2024 14:05:35 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
551 B 141ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.irctc.co.in&callback=_gfp_s_&client=ca-pub-8692878304946020&cookie=ID%3Dfec18452125133ec%3AT%3D1675426926%3AS%3DALNI_MbbgIMohW1CtZrAuiqecmkRkl7DiQ&gpic=UID%3D00000bae52377736%3AT%3D1675426926%3ART%3D1675426926%3AS%3DALNI_Ma8lgg4TV63m6OtJkQqirwjukwl2g

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8692878304946020&plah=www.irctc.co.in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a09313dd1f2240830483ad2c58a565f548c551d6fe29a83347085f7b61b2eb17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 51ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 78ms
76ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
73ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&tn=IFRAME&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
73ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&tn=DIV&cls=header-fix&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DC3 159 KB
46 KB 533ms
533ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-8692878304946020&output=html&adk=1812271804&adf=3025194257&lmt=1675341674&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675426927775&bpp=4&bdt=5481&idt=254&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfec18452125133ec%3AT%3D1675426926%3AS%3DALNI_MbbgIMohW1CtZrAuiqecmkRkl7DiQ&gpic=UID%3D00000bae52377736%3AT%3D1675426926%3ART%3D1675426926%3AS%3DALNI_Ma8lgg4TV63m6OtJkQqirwjukwl2g&nras=1&correlator=1511905173302&frm=20&pv=2&ga_vid=1903162748.1675426923&ga_sid=1675426926&ga_hid=602504223&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071756%2C31071947&oid=2&pvsid=4440361744764487&tmod=1757648909&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b49e528328c3d7303f855c6146be6a97fda6ea1715c4c59f9bac9ce44388c30e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46842
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:08 GMT
expires: Fri, 03 Feb 2023 12:22:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 41B7 107 B
165 B 48ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=assistant.corover.mobi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 41B7 107 B
165 B 75ms
74ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=assistant.corover.mobi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 41B7 18 KB
8 KB 202ms
202ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=88245386324795&correlator=2385934764333728&eid=31071361%2C31072024%2C31072029%2C31072039%2C31072045%2C31072066%2C44769661&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&us_privacy=1---&iu_parts=21748009408%2Circtc.co.in_320x50_corover&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=1&adks=3049664599&sfv=1-0-40&sc=1&cdm=assistant.corover.mobi&abxe=1&dt=1675426928101&lmt=1674482709&dlt=1675426927822&idt=258&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=320&ish=50&scr_x=-12245933&scr_y=-12245933&ucis=hohyaapbhk0u&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fassistant.corover.mobi%2F320x50_placeholder.html&ref=https%3A%2F%2Fwww.irctc.co.in%2F&top=https%3A%2F%2Fwww.irctc.co.in%2F&frm=24&vis=1&psz=320x50&msz=320x50&fws=256&ohw=0&ea=0&ga_vid=274890458.1675426928&ga_sid=1675426928&ga_hid=1182763569&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

628894604d36be4c70d51be1ec3fdedc0a71b530c0693d019155151bb7804667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8488
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://assistant.corover.mobi
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 41B7 15 KB
11 KB 170ms
87ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cb2bf4429b408e5f51945a23e3cd8fea4b311b4665a9ec65dab6b196d25233f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11270
x-xss-protection: 0

GET
H2 200 container.html Show response
775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A100 6 KB
3 KB 91ms
47ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:08 GMT
expires: Sat, 03 Feb 2024 12:22:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 41B7 17 KB
7 KB 272ms
129ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:08 GMT

GET
H2 200 container.html Show response
775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C33 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js?cb=31072066

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:08 GMT
expires: Sat, 03 Feb 2024 12:22:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 irctc.json Show response
cdn.unibotscdn.com/clientdata/ 19 KB
2 KB 127ms
43ms Fetch
application/json 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/irctc.json
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 1e7040c451bdb461c17703133d2540606f274f0e733dd80ee72c9db6d54be8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
cdn-edgestorageid: 1047
cdn-storageserver: DE-199
cdn-cachedat: 01/27/2023 05:23:18
cdn-pullzone: 873945
last-modified: Fri, 27 Jan 2023 05:22:55 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 229
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: f23a660114c45625f221c0d2191dce12
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5642 624 B
242 B 82ms
80ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWIFECTiFdr3KimpR8e-c8vtzozTHCW0nbqZ980JL5W_fwdx6liUXTbOInyvlQgzI7rrsOH4lGsrevxlBNHd_3szbaHH5Nrph5O_izcLBykojCO1JHEO9Sl2e3CJMcgU6_A8dSMIbbSq-WEVuaf-DMe51s0iFV1aIlGoQTROdK_Fq7MWGU

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7C33 78 KB
27 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C33 42 B
63 B 77ms
75ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DA5PiIyof-AtwLd9VRWF_ZFijfVLCYXCZ98Lyob4GAD2OPIpnr4TDUkphfWHZ46gsn31OtEcqzqxUqUFIBHJcWyqLQqoEemUrKfKMnaVc8kZvDsEg

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C33 0
20 B 78ms
76ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3209553867119195159&x=1&ct=76

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7C33 3 KB
1 KB 87ms
58ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7C33 18 KB
8 KB 82ms
53ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7C33 0
0 52ms
51ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3tajRpWBRmP1_R2eP2hlRsngE6SnzfdLCOvwnPVfFptZIsVuExftdQdVSunce8q95sx4FnmNQFwlCqM_OmqZ1IZEELw
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C33 157 KB
48 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:08 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5642
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7IRd458782lYgjL0QfVgE&google_cver=1

43 B
766 B

88ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7IRd458782lYgjL0QfVgE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWIFECTiFdr3KimpR8e-c8vtzozTHCW0nbqZ980JL5W_fwdx6liUXTbOInyvlQgzI7rrsOH4lGsrevxlBNHd_3szbaHH5Nrph5O_izcLBykojCO1JHEO9Sl2e3CJMcgU6_A8dSMIbbSq-WEVuaf-DMe51s0iFV1aIlGoQTROdK_Fq7MWGU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7IRd458782lYgjL0QfVgE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5642
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9z8cJnldljRUpGeepHqnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWIFECTiFdr3KimpR8e-c8vtzozTHCW0nbqZ980JL5W_fwdx6liUXTbOInyvlQgzI7rrsOH4lGsrevxlBNHd_3szbaHH5Nrph5O_izcLBykojCO1JHEO9Sl2e3CJMcgU6_A8dSMIbbSq-WEVuaf-DMe51s0iFV1aIlGoQTROdK_Fq7MWGU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5642
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAF6EDuUq6T-sYkxP9nOSnc&google_cver=1

43 B
1 KB

46ms
46ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAF6EDuUq6T-sYkxP9nOSnc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWIFECTiFdr3KimpR8e-c8vtzozTHCW0nbqZ980JL5W_fwdx6liUXTbOInyvlQgzI7rrsOH4lGsrevxlBNHd_3szbaHH5Nrph5O_izcLBykojCO1JHEO9Sl2e3CJMcgU6_A8dSMIbbSq-WEVuaf-DMe51s0iFV1aIlGoQTROdK_Fq7MWGU

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:08 GMT
AN-X-Request-Uuid: 1a2340d3-cebd-4cc9-a3e1-934bfd7bfda6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAF6EDuUq6T-sYkxP9nOSnc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5642
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

170 B
243 B

80ms
79ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d3a4d179-6662-4878-8989-577a6d277430
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK block Show response
api.unibots.in/ 45 B
288 B 1027ms
306ms Fetch
application/json 45.79.126.27
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unibots.in/block?client=Irctc&page=www.irctc.co.in/nget/train-search
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.126.27 Mumbai, India, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 45-79-126-27.ip.linodeusercontent.com
Software: / Express
Resource Hash: 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Feb 2023 12:22:09 GMT
Keep-Alive: timeout=5
X-Powered-By: Express
Content-Length: 45
ETag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK StationLinguisticNames Show response
www.irctc.co.in/eticketing/ 2 KB
3 KB 184ms
183ms XHR
application/javascript 103.252.142.19
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/StationLinguisticNames?hl=popular_en

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.19 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

nginx /

Resource Hash

af0adad8f6b3ec873225cd59fd77f30da7beedd545e417bb6ca245095b0a8ff8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
greq: 1675426926138
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Fri, 03 Feb 2023 12:22:08 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: max-age=21600
Content-Disposition: filename="StationLinguisticNames_popular_en.js"
Connection: keep-alive

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C33 0
20 B 76ms
75ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1682757049060&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C33 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1682757049060&version=m202301230201&ct=76&x=1&cor=3209553867119195000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C33 92 KB
37 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cum6FZp6u__0j7uz9Vf4NXolY4Khm7MJwv1lvjn6vjy7cRlH_oJu5QlMnCcYW9feIK7FLvd7K5HoXhvEbpfSaBlBARq4Tjr5G0VsdN7BXqFYyRrHbXRScBssxFHDkKK514qdCRwNIxpTVsv_fI8S6CtuVeUzTvnJZjRAcPzHMrMv8ywMI&dbm_d=AKAmf-A4CV-KUBFCtuDQ54tmEbgbt3-TN7xpEBz-8MT_tdLHGUhQ25BDSFe-PMfCZYjKkmWMVkpGzoHR-qT0eZuMKmV-iw5SbIzE1jkDr7AfqcREdJ49YdNGDaiWIgkUR7A8U_FDrq9tI06KBB0yj9bLxFFKUtLJ022zgISETAUKDL4jfh2IYx6EQtRYxooD0DQmHwEEnmj-1eIXCb1Zo67cqZEfQdZ_WmbuBUpY6btm4xu7ex3Fv-9gYzS1v3jHnZ9jy8HaMVEA6F6QNWCW6xatt3KGPvHe_vZ9RYU05r-HpNq9gsBlCFyobYoNT1dgqUJluR_dwUVX2z10telvX7Oiq7PaF6xwfwHOby6WfcIPIpu1KWWmZjBAM4GQX7XdMUVjwZVKbv47ToPDnmImpfgCCrh6-T7B6j2iK8T6vJ6TaY__3TTGBl3RGZO4oYBRRYSKRXAzRi3K4Af0rG3CQM4aRi8A_pFBEzna1GskuQT8yTLRiDMeOwhFgwBH5YbNXJb4tkPrLRZbAoAgL9raVWqVmDUZquSu0rC1icRAVWtP7WwODhyqiqFrjQtu4M1ldKbkbE7Hn5lIF3I2SHg_ztiGAWpiKwLkHEAeJaoWaW3FTxad0TOeiRcnmHheejRKuyuUGZ_aEwUcD33q5Ru2005v4YX2OUyVqduKEQZooPpqcJ62K4rGp_BPNl5v12dlwQV6bArItVKjhbkHajwNQzXf7NuwHafcwDn733kB5wBS15XSHDEaSWn3bworI5KdbzGEbcQPx-l30mJdMPT5wpMYoihA6jMgKwyrwX8XmZ_YnK1wERwChptMJguRSZ0ws-qyyS5kF3jZ25LyLP6GrgevgabNcERXr3yVsMS1kRD1mdebRLCYQblyLiw522ut488RQi99haGsopGwCZ23FhkiKaKsyB2KMtUqZ7q9jWPoVlhnLrLdRMVyIZ3iVgf8Bx_gRkk3pEVt0efxooCX39x1Y5wwOBbpSHSJRi2Z-oDBi0LhiYc3lj_hrk89fw6TI5VG-VCTwd107xXG-9YJEFZWyNtBB58rtU-qCi6xNCOhXW7AqDf6PAzdmYeGBwLdZrg4Gsg49BHfezPI-WxRTtOvU5QHBH_8IA3fBsJ6gR8A5cJqda-UGbsWwuObP8lIb3R1o9ED9teZhVijGUnHphRoHP_j5IBnsm6hVrCTNegBAJMROxhU055ENxFx5V4dWeOL6QqmHlIrV2E6oJLapCgQWm3MiLD8frG1SecQbipM5wLYIyv3oloMazM8RAefqt0oRKpILuUH-gFEr8Uwfu5S9xdl8rdMbuV231YOor5R1MIVF-8vP-xMMyydkLGqEQscEEWbZ7LEr8xvjdzgvXFsikSJnTTuxQfIMCkX0B22lbBEHbvFgbJZIhWtiad0UjPWIECCtGsDBM0IFOIlf5fMG8heSCW06_B1MsN3p9Kd2dDVHZfZZE21hyel56cdsrI-X9DWFjLw92CRsgJqJNPLli7hBj-QNRnzOXEg-4MJYv_Vhz9sMLQ33wlnWav9zj0fgv5uUm3Q6NPLtI7xKmq4-NGEVMaC9g18FHd0tHPgGMgiIyeBTbF5ufwFH6jMJaqjE_T79G49qCsDQBd3PHcDdxjEwCbuVmn06SCpKqNutWutp0Za9GrXzpR2VGXw4BLkvcqozgkl2Fv0VqLes8DbzyfDgGtVTq9Mi2r5pVyt9s8FPcSd4NarFhSwYQnRpdlMmpM_NPDFe9BrPY6JUN3EKgs7BvNetDzdUzcQ5SwQIm1cibNaMG2sXuKVspGRFDmnuTd6XnkdJryY5kBqcI8LIy8wk-fNyynkg4aIUoYda7ZSpPNRsIrYghct8dhssGJfEIN5aX6Fu6d-T0TBB0ANwkyRjScHciRQBNLFJAJ0vW7lYKU3FVP0ZwN9oT_WgN6LYK8CPj1VEB9FfoqVcEzCmmp6TgB0C5mge2fgzhyYB5iVntdVqAiNwQ4dftSfnwCfEthvZBGJT0wQfTPB9mF7FSoXNKYTJYUI4CnGlDD2tFPvpVqO8tc9kVMg_98OfgO8MU4yrbQB23v_H0Crz5OuocjtEo1poo0Z0mHS1UCxkiX8InMbUKUaYNdeIEJquO12YZwBRO3-Cxxk4HYKCfqhcQnaE9FTWj56U8FHEAQe20moBI4giDou5WQWzM0e-n1MigfrDVA-Bxg1xGERQqkL_6JbLLmbJoXoQHszpbCUOXPYWjY1c-FbSQz4d9GKsDp8QZ7lp327c8NhbGQDnGsI0ZeCp4RS0pA8nwRPauqOi8YCReM7JlCZVvkhG1guRCz5Y_QWee-_3WUZg4HaKtdy3LAcml295Pe-vo2DJZ5f7CxdEdAxnXhAsIfskTZ0zzhzQC-A9RD_gqwIek6M4YB4wodjqYyxSJ4brxbRDDh0PYrGoFtR_73B-yPNNiO5wY9MEfwIk5KUZG46qlYr6cK4shuac3C-yonEuGepaTkf4ZRZeAFVw6Y7X5DJhoFtyu5G_vW2xvJrvExtHcPrAkbFOu55cMmk3idNoKaoEsVaiCmKmvkC0JP8Eo6o6-NBpSmGYwGaIQ_ISsD5wtKrQa8C-OedBjInjoLeTxQGrwVu9sjNJTGzDVLsLFuNR_kf8CUpftuCZNCF0w1tiJA1wX2DHTVlQKZMGwrtf7Ts-Y_LBHFdW9FLuwjBNBgys6iAovUa6_QnnRhveVIPOdUa9TyMVY6A7F-WFmaf8wSGT3SXARN1PwDdpePVWIMpVfNdaJk3KUXovKWtLXxORS_fVMyM2R5PBfVS2VS3rc_bbOMxapDMI-pcAdvgG7OcqSch02M3wsW_8w5KWs5FD5vaQK5dmqNJttBAqkOBtuPe6dLUW22IG2u1jonBGIwuWAfdXedPgps6l1xe4RlBKhNaIwUcabzWGL1VoHgWN3XSPnRiqBtfp8R4mWXlYosQj1n63aVhefN7TtzyJdwVz0Txl0ooPbXm1yLpQmOJW6P24_ubzyW6FiLR15jxTTpOGQIIUnK7xPg4ksIN4aelQvId8OL48nUnEo90iHWgZDatHxeHNe3NdRfP-kCkr7jVoTcu5f9nzF1pT165QH841qnOn0bbc96fQcPgszmXP-8RQfuvy3Y1DEVfc_DqZ7X6ASvvXNA1TFFguHaO-jvEPjKi27qpHMi8PVMuKoiDGIRzeWTNT8iaVrFKmV-AyaHBi6KzJgwMfPJQMWKg7jRx5ErIj_jOfk-_bjengxBWLZon0DS0xaEzYPKDL8T1yb54V6RFL0t9lFDAJPezhhIPlCO6Xg4KezgXHylRIHYUN31TJhGFxRhBmcQKaTI&cid=CAQSKQDUE5ym-nyqPbWzxDZmAs_cKwTX7i82sBaXNBU1apfjGsvKqpY1gmtsGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in&ds=l&xdt=1&iif=1&cor=3209553867119195000&adk=2988274607&idt=104&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

920f493395c0d487b0d7e0052781a1c2f10c2ccc7d2adb75292345eaa14a8664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37480
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6724 13 KB
5 KB 53ms
52ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 186504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 08:33:44 GMT
expires: Thu, 01 Feb 2024 08:33:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF96 783 B
534 B 50ms
50ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e5aeef8f7af4b357760a330d6e06cccebf81ec0bdcd700cf4c2cc90656e54611

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9t0wc-6a5EAcSDsz5SyEDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-9t0wc-6a5EAcSDsz5SyEDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:08 GMT
expires: Fri, 03 Feb 2023 12:22:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634094/ Frame 7C33 242 KB
73 KB 245ms
57ms Script
application/javascript 54.217.61.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634094/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.61.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-61-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 20d2c344668f4a9594515514b06745584cfe640663596ca188b9bd296b912363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7C33 106 KB
37 KB 198ms
52ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
Origin: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Feb 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 7C33 8 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cum6FZp6u__0j7uz9Vf4NXolY4Khm7MJwv1lvjn6vjy7cRlH_oJu5QlMnCcYW9feIK7FLvd7K5HoXhvEbpfSaBlBARq4Tjr5G0VsdN7BXqFYyRrHbXRScBssxFHDkKK514qdCRwNIxpTVsv_fI8S6CtuVeUzTvnJZjRAcPzHMrMv8ywMI&dbm_d=AKAmf-A4CV-KUBFCtuDQ54tmEbgbt3-TN7xpEBz-8MT_tdLHGUhQ25BDSFe-PMfCZYjKkmWMVkpGzoHR-qT0eZuMKmV-iw5SbIzE1jkDr7AfqcREdJ49YdNGDaiWIgkUR7A8U_FDrq9tI06KBB0yj9bLxFFKUtLJ022zgISETAUKDL4jfh2IYx6EQtRYxooD0DQmHwEEnmj-1eIXCb1Zo67cqZEfQdZ_WmbuBUpY6btm4xu7ex3Fv-9gYzS1v3jHnZ9jy8HaMVEA6F6QNWCW6xatt3KGPvHe_vZ9RYU05r-HpNq9gsBlCFyobYoNT1dgqUJluR_dwUVX2z10telvX7Oiq7PaF6xwfwHOby6WfcIPIpu1KWWmZjBAM4GQX7XdMUVjwZVKbv47ToPDnmImpfgCCrh6-T7B6j2iK8T6vJ6TaY__3TTGBl3RGZO4oYBRRYSKRXAzRi3K4Af0rG3CQM4aRi8A_pFBEzna1GskuQT8yTLRiDMeOwhFgwBH5YbNXJb4tkPrLRZbAoAgL9raVWqVmDUZquSu0rC1icRAVWtP7WwODhyqiqFrjQtu4M1ldKbkbE7Hn5lIF3I2SHg_ztiGAWpiKwLkHEAeJaoWaW3FTxad0TOeiRcnmHheejRKuyuUGZ_aEwUcD33q5Ru2005v4YX2OUyVqduKEQZooPpqcJ62K4rGp_BPNl5v12dlwQV6bArItVKjhbkHajwNQzXf7NuwHafcwDn733kB5wBS15XSHDEaSWn3bworI5KdbzGEbcQPx-l30mJdMPT5wpMYoihA6jMgKwyrwX8XmZ_YnK1wERwChptMJguRSZ0ws-qyyS5kF3jZ25LyLP6GrgevgabNcERXr3yVsMS1kRD1mdebRLCYQblyLiw522ut488RQi99haGsopGwCZ23FhkiKaKsyB2KMtUqZ7q9jWPoVlhnLrLdRMVyIZ3iVgf8Bx_gRkk3pEVt0efxooCX39x1Y5wwOBbpSHSJRi2Z-oDBi0LhiYc3lj_hrk89fw6TI5VG-VCTwd107xXG-9YJEFZWyNtBB58rtU-qCi6xNCOhXW7AqDf6PAzdmYeGBwLdZrg4Gsg49BHfezPI-WxRTtOvU5QHBH_8IA3fBsJ6gR8A5cJqda-UGbsWwuObP8lIb3R1o9ED9teZhVijGUnHphRoHP_j5IBnsm6hVrCTNegBAJMROxhU055ENxFx5V4dWeOL6QqmHlIrV2E6oJLapCgQWm3MiLD8frG1SecQbipM5wLYIyv3oloMazM8RAefqt0oRKpILuUH-gFEr8Uwfu5S9xdl8rdMbuV231YOor5R1MIVF-8vP-xMMyydkLGqEQscEEWbZ7LEr8xvjdzgvXFsikSJnTTuxQfIMCkX0B22lbBEHbvFgbJZIhWtiad0UjPWIECCtGsDBM0IFOIlf5fMG8heSCW06_B1MsN3p9Kd2dDVHZfZZE21hyel56cdsrI-X9DWFjLw92CRsgJqJNPLli7hBj-QNRnzOXEg-4MJYv_Vhz9sMLQ33wlnWav9zj0fgv5uUm3Q6NPLtI7xKmq4-NGEVMaC9g18FHd0tHPgGMgiIyeBTbF5ufwFH6jMJaqjE_T79G49qCsDQBd3PHcDdxjEwCbuVmn06SCpKqNutWutp0Za9GrXzpR2VGXw4BLkvcqozgkl2Fv0VqLes8DbzyfDgGtVTq9Mi2r5pVyt9s8FPcSd4NarFhSwYQnRpdlMmpM_NPDFe9BrPY6JUN3EKgs7BvNetDzdUzcQ5SwQIm1cibNaMG2sXuKVspGRFDmnuTd6XnkdJryY5kBqcI8LIy8wk-fNyynkg4aIUoYda7ZSpPNRsIrYghct8dhssGJfEIN5aX6Fu6d-T0TBB0ANwkyRjScHciRQBNLFJAJ0vW7lYKU3FVP0ZwN9oT_WgN6LYK8CPj1VEB9FfoqVcEzCmmp6TgB0C5mge2fgzhyYB5iVntdVqAiNwQ4dftSfnwCfEthvZBGJT0wQfTPB9mF7FSoXNKYTJYUI4CnGlDD2tFPvpVqO8tc9kVMg_98OfgO8MU4yrbQB23v_H0Crz5OuocjtEo1poo0Z0mHS1UCxkiX8InMbUKUaYNdeIEJquO12YZwBRO3-Cxxk4HYKCfqhcQnaE9FTWj56U8FHEAQe20moBI4giDou5WQWzM0e-n1MigfrDVA-Bxg1xGERQqkL_6JbLLmbJoXoQHszpbCUOXPYWjY1c-FbSQz4d9GKsDp8QZ7lp327c8NhbGQDnGsI0ZeCp4RS0pA8nwRPauqOi8YCReM7JlCZVvkhG1guRCz5Y_QWee-_3WUZg4HaKtdy3LAcml295Pe-vo2DJZ5f7CxdEdAxnXhAsIfskTZ0zzhzQC-A9RD_gqwIek6M4YB4wodjqYyxSJ4brxbRDDh0PYrGoFtR_73B-yPNNiO5wY9MEfwIk5KUZG46qlYr6cK4shuac3C-yonEuGepaTkf4ZRZeAFVw6Y7X5DJhoFtyu5G_vW2xvJrvExtHcPrAkbFOu55cMmk3idNoKaoEsVaiCmKmvkC0JP8Eo6o6-NBpSmGYwGaIQ_ISsD5wtKrQa8C-OedBjInjoLeTxQGrwVu9sjNJTGzDVLsLFuNR_kf8CUpftuCZNCF0w1tiJA1wX2DHTVlQKZMGwrtf7Ts-Y_LBHFdW9FLuwjBNBgys6iAovUa6_QnnRhveVIPOdUa9TyMVY6A7F-WFmaf8wSGT3SXARN1PwDdpePVWIMpVfNdaJk3KUXovKWtLXxORS_fVMyM2R5PBfVS2VS3rc_bbOMxapDMI-pcAdvgG7OcqSch02M3wsW_8w5KWs5FD5vaQK5dmqNJttBAqkOBtuPe6dLUW22IG2u1jonBGIwuWAfdXedPgps6l1xe4RlBKhNaIwUcabzWGL1VoHgWN3XSPnRiqBtfp8R4mWXlYosQj1n63aVhefN7TtzyJdwVz0Txl0ooPbXm1yLpQmOJW6P24_ubzyW6FiLR15jxTTpOGQIIUnK7xPg4ksIN4aelQvId8OL48nUnEo90iHWgZDatHxeHNe3NdRfP-kCkr7jVoTcu5f9nzF1pT165QH841qnOn0bbc96fQcPgszmXP-8RQfuvy3Y1DEVfc_DqZ7X6ASvvXNA1TFFguHaO-jvEPjKi27qpHMi8PVMuKoiDGIRzeWTNT8iaVrFKmV-AyaHBi6KzJgwMfPJQMWKg7jRx5ErIj_jOfk-_bjengxBWLZon0DS0xaEzYPKDL8T1yb54V6RFL0t9lFDAJPezhhIPlCO6Xg4KezgXHylRIHYUN31TJhGFxRhBmcQKaTI&cid=CAQSKQDUE5ym-nyqPbWzxDZmAs_cKwTX7i82sBaXNBU1apfjGsvKqpY1gmtsGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in&ds=l&xdt=1&iif=1&cor=3209553867119195000&adk=2988274607&idt=104&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:17:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 7C33 28 KB
11 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:43:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF96 0
0 73ms
73ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023013001&jk=88245386324795&rc=
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ 150 KB
51 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8df7917d888f65126838fe69f79047a8cd0d2ea6a029e44fe8837df058b79776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52151
x-xss-protection: 0
server: cafe
etag: 16234036480944425305
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:08 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6724 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C33 41 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BB3D 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7C33 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9e20482afe6a502626ff3aff01c3c325c6bfb63ea2336781596d78742f07814

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BB3D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELD31LZXVFCS51iIkBZStC0&google_cver=1&google_push=Aa02lx9IFtcdlQOcyio52ny7UX8Em_iC8IB49NmGOSRibbOOzoCdNqyPYtWCtVtVbsNwPGcQkjHTflUxm61vgts1x-tCBbWt2yJvXg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY3NTQwNzUwMTc0MzMyNzQ1OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJKGj7oYG0ZOLB-LAVH_F48&google_cver=1

43 B
398 B

77ms
47ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJKGj7oYG0ZOLB-LAVH_F48&google_cver=1
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJKGj7oYG0ZOLB-LAVH_F48&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame BB3D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJH-uuXS0GkfTAOhd1-JIuA&google_cver=1&google_push=Aa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJH-uuXS0GkfTAOhd1-JIuA&google_cver=1&google_push=Aa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxo...

43 B
419 B

216ms
201ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJH-uuXS0GkfTAOhd1-JIuA&google_cver=1&google_push=Aa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 793b21630c749bec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1269
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJH-uuXS0GkfTAOhd1-JIuA&google_cver=1&google_push=Aa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-1SGuiU29JDUedcGaKB-0VkniEUXTc2JXyiGdgmpOUjXfXwkIIca9dI1JWG4PicMRyEoLWFwIsYryqfZrGD5qtehbaHxoU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 793b21619a879bec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB3D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

82ms
81ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8y8EC2eFywwgbwL9rLGW1Nu1BhbvJpOZl8TOyXVfGtKn7LRxi99pl_-1CdUIzJxZOd2YR2thsUguAUcg1JqQrgEwhD8TEm

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8y8EC2eFywwgbwL9rLGW1Nu1BhbvJpOZl8TOyXVfGtKn7LRxi99pl_-1CdUIzJxZOd2YR2thsUguAUcg1JqQrgEwhD8TEm
date: Fri, 03 Feb 2023 12:22:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB3D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL9oAdVcmH7k2CBYP91xRCY&google_cver=1&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1j...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL9oAdVcmH7k2CBYP91xRCY&google_cver=1&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1j...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1jqT8EFIy-HHyoQ&google_hm=GGEGCGZHPSKvthzgSMC5...

170 B
188 B

76ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1jqT8EFIy-HHyoQ&google_hm=GGEGCGZHPSKvthzgSMC5oy9H

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_AihudLePMTRzv4hIFKA9jp0uADK3LmQb-kMDPD0Kh5Ia2p_fdesZtzX-M66LCJHZzassvdPPp606p93X1jqT8EFIy-HHyoQ&google_hm=GGEGCGZHPSKvthzgSMC5oy9H
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB3D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-772f89c3-cf9b-4740-b199-695c8c07da31-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-J8Nx5UP6RZDf5k18X5...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg&google_hm=A3cvicPPm0dAsZlpXIwH2jE

170 B
188 B

77ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg&google_hm=A3cvicPPm0dAsZlpXIwH2jE

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-J8Nx5UP6RZDf5k18X50e2FywuAJvCtFmaZssAFRf3mq2ZC_HTysHg3_L-cfquynba-Bzt5gOoxcZUkJoRJlg5FxUvmgrBJg&google_hm=A3cvicPPm0dAsZlpXIwH2jE
date: Fri, 03 Feb 2023 12:22:09 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX772f89c3cf9b4740b199695c8c07da31003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB3D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPgRkP95aEg-MM7XlJzU_mc&google_cver=1&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4tYO_-bus7UyOxtnk6T...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPgRkP95aEg-MM7XlJzU_mc&google_cver=1&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4tYO_-bus7UyOxtnk6T...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4t...

170 B
188 B

80ms
79ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4tYO_-bus7UyOxtnk6TFDMpTzjyIDDWhFE8XpJMcT6EVN3zI

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_UoQ2G-ibW3PpcqM6O9yndUDam3WWLIFedH5FqwIEa4cRxBeX4tYO_-bus7UyOxtnk6TFDMpTzjyIDDWhFE8XpJMcT6EVN3zI
date: Fri, 03 Feb 2023 12:22:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame BB3D
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHHagWN7xLNgHEexKZQnVwc&google_cver=1&google_push=Aa02lx9sjB87u6qNPLbhVeIGUraYD8A6jBnmScH73V4ZMv3FwZFORG1m2ngH7sdGt1sKq03OuyWlp5GBUSZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9sjB87u6qNPLbhVeIGUraYD8A6jBnmScH73V4ZMv3FwZFORG1m2ngH7sdGt1sKq03OuyWlp5GBUSZkoexsPfg5KXLZzq3gx6w
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

50ms
50ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BB3D 0
59 B 77ms
75ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZXqpSfZKKw5aVu2RsrH_q2YhsgF_zOkv9eu_M62zrMpWgHEIkIIFfQ1lamHVFRBQSGEPzup0

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DB0E 22 KB
8 KB 55ms
53ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 441118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6724 0
10 B 55ms
53ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kyA8SA
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
75ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame A4AD 10 KB
4 KB 42ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 19:23:02 GMT
etag: 10353107486223812946
expires: Thu, 16 Feb 2023 19:23:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame DB0E 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A4AD 4 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 12:10:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A4AD 205 B
649 B 130ms
41ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:53:47 GMT
x-content-type-options: nosniff
age: 5302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Feb 2024 10:53:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A4AD 604 B
694 B 131ms
43ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:12:26 GMT
x-content-type-options: nosniff
age: 583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Feb 2024 12:12:26 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame A4AD 20 KB
8 KB 55ms
55ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 20:41:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
server: cafe
etag: 8727046649480766555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 20:41:50 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17033400417514298334/ Frame 5CD6 116 KB
21 KB 165ms
58ms Document
text/html 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17033400417514298334/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd7ecd6368faa1bb9c8cc7910b4e6b8261d929a83100f12506ba97c4bb0fe48b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 180886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21229
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 10:07:23 GMT
expires: Thu, 01 Feb 2024 10:07:23 GMT
last-modified: Mon, 07 Mar 2022 09:45:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C33 0
0 190ms
85ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJRTPzltbuQch1pGNfEYJj-5KjM0P4vHnAfgugBF-7BZIP02dO1DMbaweUpfTvx7xyvD7DEoe3HoKW9IAAaplO1ddQtV3YR2iC9E91Rvxeu7KJWG00OO3b4eBL3uDvfIefVLPxgfI7gTOLSKiMwFR-rrXmsKubemDM7li9lhzGLI9moVxI35_Dr5olc6IjmdYpYXhSTdYM-rkH3kvOmZl78F98-o318iO2aVD8xiRC4ynZDM026j1xaVhpT_C7Gr0kLWmBnsSKQV3_gvZ7UG8sLKdRx-NtZXDyNRC0jucalMvbz8gQ2SsqQ44telOlQ1o0ZKVBiqKrHIXyB2SSlrW0Tah1Onso4e9RNLnx9EPjWsvan95XYzsvrHbKASYY64hKyHLTIE-AA-D2a3zDOkmr0pOxyZ2G3E0zziNg-69gy6zXFvWVNPaiMVBnX81EhNVTMz2jIO1vpc9Fi2hYvWMNr8s9VFlmgyJVBtcr6bK71TjNIg18WrFx4fWhH7CIbPMps8yY-3geZcXUAi-G6aRoPBH6QosxRnwOTsHNF0tB6C9uatnSYlsI3DDqLalGBxa0KRgYlWv9t-lOsefzpA1Ex7RDqDk8wsgb4ohCVVOUAT2QGFCu9qBsGMVHtklVgT3oqymBSbjhd3K_DwLGuBf3D1biR9zpxlNTiWeH4siZ7vOduy4BgIE01psYDsY0jFLVnKYhPfuv7_DBm5Z7XhjSXIt7d2Z-SDYadFqXa_dxw5-eZpAG2sNz5Z1ec7NEh3L6eDM7JX_5oAzWpgGZzz6g01EArZSwuWk6_vigPEcLblONqGI5ikmDaCdDKZj7E0xUQptywjcSQ4rsRcoULhvD23HgLN2LbT17Fyy1mQNap6RrIqKW7aMfQfMKAGi69iWt18Cvlpb2dN_J9zJ_VofrWASAPZIgPwEE856l-_2KoNTBCX58LOfVhHTI523eehP32WcT1L7Nr2EGAf7rl2KLSU9JOvEHO8D7b6hPoNhvVGf2ExODoX4ry-L0tzQoiv0ivrz0ZOJYbbQ-TIR5tZK5VVhY5AxoBCyiY7qv-d-VLex2nxIPFRvvu8T8yeeh8I8-rcFLga_JebGeSCqPE0ZwG-V2lybkiDR3D7GwaPXNptWGnAcG2yPRYGqRtvsTPGXgBO88oJArdHh6X80MIGuOCI5s2HKNXrQ19CHC4IzDDYHcWHUgpEMDMQ5BWBwWqOZroWkAmc3ljmRLUc6Cf6SLmd3NeCD1x-q5DGdCq_b0LmhMUiuuQ9zjx_OerLvUWMCYInAdG8dwu72GwtedXFuhCD4RREstxdNGFI_sJqlDr9Q&sai=AMfl-YSafEHN7eYYCRN25qV_V1589TrClWb9JcQhFlTxZ6fviNyUW4LRM0XNEgY38WVH0-_5XDV7HvjcrfD11HfxYIs2BDbY93vN7n4oX80DefaAAiY1c3IwLQHh8s2Xtt9TJC2pfG9reMGRpjF5AR0tKiKVPglMhr2rqxz29w0dQWMivm8UN16O_S2_2xyQGngi5-p3bg4nD_mQ&sig=Cg0ArKJSzM-BbHs6LQX2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=275&cbvp=1&cstd=271&cisv=r20230201.79409&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7C33
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_cPzcY5...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

97ms
50ms

Script
application/javascript

2600:9000:214f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2600:9000:214f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:40:39 GMT
x-amz-version-id: bl_DZv7EoIjCRhbVwC6.RCuKzEoZoEqS
content-encoding: gzip
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 63691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 02 Feb 2023 18:40:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ldyCrzRfCS7nTwmPZWMlARnDbPAQWMfB-PpdSMB1yChgyzFDohqHHg==

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 584D 91 KB
23 KB 151ms
46ms Script
application/javascript 2600:9000:214f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 11652353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: zsxVazcr7os0_fdbiyVMxEVnXIWZldCPEHmeYW2Nzpd4UOww3oLGtQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
215 B 451ms
123ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39Ybpk,pingTime:-3,time:42,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:0,renddet:DIV,siq:20%7D&br=c
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
216 B 443ms
118ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39Ybpm,pingTime:-6,time:44,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:0,renddet:DIV,siq:20%7D&tpiLookup=ao:www.irctc.co.in*%2Cassistant.corover.mobi*&br=c
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
215 B 437ms
120ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39Ybpv,pingTime:-2,time:53,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:688,beZ:689,mfA:691,cmA:692,inA:693,inZ:696,prA:696,prZ:702,si:707,poA:707,poZ:725,cmZ:725,mfZ:725,loA:731,loZ:733,ltA:740,ltZ:740%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.50,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:20,sinceFw:32,readyFired:true%7D&br=c
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame A7A9 6 KB
745 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 12:09:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A7A9 2 KB
765 B 56ms
56ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:49:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A7A9 22 KB
9 KB 55ms
55ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:49:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A7A9 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A7A9 18 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A7A9 0
0 52ms
51ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRljM5YS9E2HY2qFX4kKEvETo68r4As35OZ0S7z3F4k01nDH7Q2AgFrOSBrC8BCNjVOGma-0Vyy7xWdxPva4sgYursfKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7A9 157 KB
48 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H2 200 e7273d075fcb3aa60cccf7c8981b1737.js Show response
www.gstatic.com/mysidia/ Frame A7A9 34 KB
14 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e7273d075fcb3aa60cccf7c8981b1737.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d664624b29aa2652a56959c12ec6e660297b410bf06e5e58a0740cce0fa8e827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 00:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14197
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 23:49:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 00:29:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB0E 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs0C3cPzcY5WdIrC89u8Pn5eAsAMAAAAAOAHgBAI&bg=!2dql2p7NAAaq5O5FiuQ7ACkAdvg8WrFjm1tX-tyDRIAobpXq8xs_RIDsVaMs3cpvsWmri3mj4xs52AIAAACBUgAAAAJoAQcKAAQrg4QEmQMKrL9wLGKpXtCOygeSOK4fjzOfaf2Zeg8IPpB_XIkwB7A8vPpCLM12udil215muVqYutkP8caNTiePMqxxVoilyYP1d7PohHQff-g2Y59_B53uWBAoIFOtKcC53dgJk_e7vSvr8J4uDg5SzU8rGof5CyL-1sAD6sGxypHzLFlmABFcg1Kkqx4l3IHwWnRIR5yM5KL_hiYnWl9P1Z2bbgJCvJXv3P9x7edd_4ZlLrnZtmMWWlSzSIfhaqf9Cf9Fl3bIpt3N8x0Lekr2NJhJnzsvek-sbIJZ--v0cjJCicaAhXV7cfIt4gXrzRHDToIxHs5l6XOkBorYs8CiMlbEHynpA4i_oBSE5fQXBmiwAY20QIyXyQqRSJdtQ_SU0W50LKb92TSjxuHb1nsZ4Gk7x6E8Vih48azgk5nxQBG7-JQpVoXXLN4r4AR9XkVKwe7M9-qDtJDqKcYmR8kgHmolRHRUfeodP8bSfiE6N4XWYywrt2-IcrQNzLid9Rb8GDLXqDIK1ST2eQDALmJkUUxkdRq_fUATwe1q0UQWNVZ_ucBvTP0__-tWL2bNT44T-2JNCwOPRMD33DwBpkSJLMv12domA2SzptvmBhSqkJvEqAjSgu3sCBN6saFh_Mn7iBeuCwQL6w69REjKpCekA9eHaB_YaZ5Z_xqDb5euYVm0FLZD0wzGJ6vS4Tjz0qgnr4ubWjQ9nuxIf5vzz5KFkm-u84GYAqSHtPot6VKXj_mVst4dC3rGrk5J_-aWjGs-FZ8ncJd4TNt1Nf-JH0qsS3HuiPOchvH90ZWVTO3hEYiaPNM4N0Gd58f9cgFRJwYfvY1PpAgkmBiXX7bI__509jvM8h8CPFpgefelWgy2ljF3-SemZxBGA8HJHDpAOXeE2Nufc-CtD1_IXw3BvW4HSofOtUEEsFO3v-UhdHRjNILQTFjimpZ7frxqeYy2NFWfkQSNe4Xbu_T9eotb7zPjmbc_wCF7aHMzebfvrJ72G3mtha4rNdWqcosjYR-ZPQFxaMReGMudqB1f3sjnLddACw

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 5CD6 29 KB
10 KB 54ms
53ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 13:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 13:11:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
215 B 370ms
119ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39Ybqz,time:119,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:0,renddet:DIV,siq:20%7D&br=c
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0992 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C33 0
0 77ms
76ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJRTPzltbuQch1pGNfEYJj-5KjM0P4vHnAfgugBF-7BZIP02dO1DMbaweUpfTvx7xyvD7DEoe3HoKW9IAAaplO1ddQtV3YR2iC9E91Rvxeu7KJWG00OO3b4eBL3uDvfIefVLPxgfI7gTOLSKiMwFR-rrXmsKubemDM7li9lhzGLI9moVxI35_Dr5olc6IjmdYpYXhSTdYM-rkH3kvOmZl78F98-o318iO2aVD8xiRC4ynZDM026j1xaVhpT_C7Gr0kLWmBnsSKQV3_gvZ7UG8sLKdRx-NtZXDyNRC0jucalMvbz8gQ2SsqQ44telOlQ1o0ZKVBiqKrHIXyB2SSlrW0Tah1Onso4e9RNLnx9EPjWsvan95XYzsvrHbKASYY64hKyHLTIE-AA-D2a3zDOkmr0pOxyZ2G3E0zziNg-69gy6zXFvWVNPaiMVBnX81EhNVTMz2jIO1vpc9Fi2hYvWMNr8s9VFlmgyJVBtcr6bK71TjNIg18WrFx4fWhH7CIbPMps8yY-3geZcXUAi-G6aRoPBH6QosxRnwOTsHNF0tB6C9uatnSYlsI3DDqLalGBxa0KRgYlWv9t-lOsefzpA1Ex7RDqDk8wsgb4ohCVVOUAT2QGFCu9qBsGMVHtklVgT3oqymBSbjhd3K_DwLGuBf3D1biR9zpxlNTiWeH4siZ7vOduy4BgIE01psYDsY0jFLVnKYhPfuv7_DBm5Z7XhjSXIt7d2Z-SDYadFqXa_dxw5-eZpAG2sNz5Z1ec7NEh3L6eDM7JX_5oAzWpgGZzz6g01EArZSwuWk6_vigPEcLblONqGI5ikmDaCdDKZj7E0xUQptywjcSQ4rsRcoULhvD23HgLN2LbT17Fyy1mQNap6RrIqKW7aMfQfMKAGi69iWt18Cvlpb2dN_J9zJ_VofrWASAPZIgPwEE856l-_2KoNTBCX58LOfVhHTI523eehP32WcT1L7Nr2EGAf7rl2KLSU9JOvEHO8D7b6hPoNhvVGf2ExODoX4ry-L0tzQoiv0ivrz0ZOJYbbQ-TIR5tZK5VVhY5AxoBCyiY7qv-d-VLex2nxIPFRvvu8T8yeeh8I8-rcFLga_JebGeSCqPE0ZwG-V2lybkiDR3D7GwaPXNptWGnAcG2yPRYGqRtvsTPGXgBO88oJArdHh6X80MIGuOCI5s2HKNXrQ19CHC4IzDDYHcWHUgpEMDMQ5BWBwWqOZroWkAmc3ljmRLUc6Cf6SLmd3NeCD1x-q5DGdCq_b0LmhMUiuuQ9zjx_OerLvUWMCYInAdG8dwu72GwtedXFuhCD4RREstxdNGFI_sJqlDr9Q&sai=AMfl-YSafEHN7eYYCRN25qV_V1589TrClWb9JcQhFlTxZ6fviNyUW4LRM0XNEgY38WVH0-_5XDV7HvjcrfD11HfxYIs2BDbY93vN7n4oX80DefaAAiY1c3IwLQHh8s2Xtt9TJC2pfG9reMGRpjF5AR0tKiKVPglMhr2rqxz29w0dQWMivm8UN16O_S2_2xyQGngi5-p3bg4nD_mQ&sig=Cg0ArKJSzM-BbHs6LQX2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=525&vt=11&dtpt=250&dett=3&cstd=271&cisv=r20230201.79409&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H3 200 TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 5CD6 1 KB
631 B 55ms
54ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 0
last-modified: Tue, 27 Nov 2018 13:48:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 12:36:01 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 5CD6 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 12:36:00 GMT

GET
H3 200 head2_family_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 5CD6 12 KB
3 KB 57ms
56ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_family_mob.svg

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3094
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:48:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 12:36:00 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 5CD6 3 KB
1 KB 55ms
54ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 12:36:00 GMT

GET
H3 200 familienzeit_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 5CD6 3 KB
1 KB 58ms
58ms Image
image/svg+xml 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/familienzeit_mob.svg

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:48:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 12:36:00 GMT

GET
H3 200 mob_320x50_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 5CD6 23 KB
23 KB 59ms
58ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/mob_320x50_kv_family.jpg

Requested by

Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c914448e6c05e565d80c198049e3063729255eb8a00c8cd1a8a0945a11c68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:21:00 GMT
x-content-type-options: nosniff
age: 69
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23503
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 09:41:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 12:36:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0992
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdSMTFUYnExUG5WNFo1&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&google_cver=1&google_push=Aa02lx8DSqdWVuYL6ZrkXACuz64K-NBBR9s3YxC2e9gXsDJ...

170 B
188 B

77ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdSMTFUYnExUG5WNFo1&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&google_cver=1&google_push=Aa02lx8DSqdWVuYL6ZrkXACuz64K-NBBR9s3YxC2e9gXsDJjQX7_7N7ebz3Scm0btgpNuV9U0TFvCeT0Ar42BlNSSO8CUaLKmzx1omA

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:08 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDdSMTFUYnExUG5WNFo1&google_gid=CAESEHJRJeM8sfzSrf63MQCiCDo&google_cver=1&google_push=Aa02lx8DSqdWVuYL6ZrkXACuz64K-NBBR9s3YxC2e9gXsDJjQX7_7N7ebz3Scm0btgpNuV9U0TFvCeT0Ar42BlNSSO8CUaLKmzx1omA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0992 70 B
265 B 179ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFq8IMtaXT3HnI4QtXafOV0&google_cver=1&google_push=Aa02lx9bMVAtDmigxj-EKILPa8skbcA758RMsZnDV8NnB0z7YyFLk-Hrip54_RzXvfFoJRhbvSjH1Q-6l8PTBlvkZHnlGdNr62QhdEs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0992
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8uOreHU5nuM76eAY2Vz78&google_cver=1&google_push=Aa02lx94k7JPSyDwCtesF2LeB5K-o2qMdp8Rexfg1FOZtcp0nx4gs_LYvExsx_FMwfGrGLQCP3Y89UOtAqrnU9W0NUMFWsi...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx94k7JPSyDwCtesF2LeB5K-o2qMdp8Rexfg1FOZtcp0nx4gs_LYvExsx_FMwfGrGLQCP3Y89UOtAqrnU9W0NUMFWsiyFlGgQUA&google_hm=eS1VSkxrRml0RTJwRUR...

170 B
188 B

77ms
77ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx94k7JPSyDwCtesF2LeB5K-o2qMdp8Rexfg1FOZtcp0nx4gs_LYvExsx_FMwfGrGLQCP3Y89UOtAqrnU9W0NUMFWsiyFlGgQUA&google_hm=eS1VSkxrRml0RTJwRURnRVg3Wk5mYkNENVVKUUg0NEpFeX5B

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx94k7JPSyDwCtesF2LeB5K-o2qMdp8Rexfg1FOZtcp0nx4gs_LYvExsx_FMwfGrGLQCP3Y89UOtAqrnU9W0NUMFWsiyFlGgQUA&google_hm=eS1VSkxrRml0RTJwRURnRVg3Wk5mYkNENVVKUUg0NEpFeX5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0992 43 B
351 B 199ms
50ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGqxqu2J8GrM_uEG7YR7-GY&google_cver=1&google_push=Aa02lx8XiiR5-le2BWqvkuRYOPxBBZ0_Tg2X0m6AarHLTSLIC7dG5gRzlPWEyja_lQjLcZKWKBEgsyaF_LundEk77gLbFTNryWS4ag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: mbq406879vp66oc38etkkl7rot7duaft

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0992
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAuR36KQFn6KLJi1SN-dQfU&google_cver=1&google_push=Aa02lx8da1m65ssJFOQqfUssSF3YJEdgspN0wEPqgjR4FKYiZ9zXd6XlKBeTAcD-RqdAhaYYXOn-WejzArkI...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8da1m65ssJFOQqfUssSF3YJEdgspN0wEPqgjR4FKYiZ9zXd6XlKBeTAcD-RqdAhaYYXOn-WejzArkIM_NziQyEw5n9lt2njdM

170 B
188 B

85ms
80ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8da1m65ssJFOQqfUssSF3YJEdgspN0wEPqgjR4FKYiZ9zXd6XlKBeTAcD-RqdAhaYYXOn-WejzArkIM_NziQyEw5n9lt2njdM

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8da1m65ssJFOQqfUssSF3YJEdgspN0wEPqgjR4FKYiZ9zXd6XlKBeTAcD-RqdAhaYYXOn-WejzArkIM_NziQyEw5n9lt2njdM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0992
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHlcsQJaWfrcyjlmTaUchEk&google_cver=1&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2saoPfk9EJbGOYNGdScoC1CpM1q1CG0ZIMmk_...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2saoPfk9EJbGOYNGdScoC1CpM1q1CG0ZIMmk_i...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2sa...

170 B
188 B

77ms
77ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2saoPfk9EJbGOYNGdScoC1CpM1q1CG0ZIMmk_ieqaU

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx9-L9PUodp1MZ10RCevcmS8f2yiXZLKTsSL2Fi0fypbI7Tk3K0KObgfp2saoPfk9EJbGOYNGdScoC1CpM1q1CG0ZIMmk_ieqaU
date: Fri, 03 Feb 2023 12:22:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0992
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECHPAIzdc0lghJN8oDRolCs&google_cver=1&google_push=Aa02lx_a0p8Nz9M0E9KqF8E1Wgyxzx8Jm8vgCedZdWQp6MPOjlhK8FwUkqarsSX0GH8cUt229F...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_a0p8Nz9M0E9KqF8E1Wgyxzx8Jm8vgCedZdWQp6MPOjlhK8FwUk...

170 B
188 B

83ms
82ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_a0p8Nz9M0E9KqF8E1Wgyxzx8Jm8vgCedZdWQp6MPOjlhK8FwUkqarsSX0GH8cUt229FNcB3VbdVnZxJOKDNRLwpyYoEgBHxU

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JdnJPUWhaRTJ1RjVZZ2cxOUhCR21yWWJmYk5hWElPMn5B&google_push=Aa02lx_a0p8Nz9M0E9KqF8E1Wgyxzx8Jm8vgCedZdWQp6MPOjlhK8FwUkqarsSX0GH8cUt229FNcB3VbdVnZxJOKDNRLwpyYoEgBHxU
date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0992 0
12 B 82ms
81ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOZ9bGramOJQiQQYvIJ9KLLngdaymSNFTkr7Agm9XHMauGIL-Xd4aUUk74SDYAOG1e3R00OA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 499F 36 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
60ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 4085ms
4084ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
37 KB 440ms
439ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4440361744764487&correlator=4274854267225614&eid=31072031%2C31072043%2C31072044%2C31072120%2C31072166&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=37179215%2CGPT_NWEB_HOME_UPCOMING_JOURNEY_RIGHT1%2CGPT_NWEB_HOME_TOP1%2CGPT_NWEB_HOME_TOP%2CGPT_NWEB_HOME_CENTER%2CGPT_NWEB_HOME_RIGHT_BOTTOM&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C970x90%7C728x90%2C1200x250%7C970x250%7C970x90%7C728x90%2C970x90%7C728x90%2C300x600%7C120x600%7C160x600&ifi=4&adks=2285792808%2C3209336432%2C338379312%2C296702940%2C3369005164&sfv=1-0-40&sc=1&cookie=ID%3Dfec18452125133ec-2294c1f98bdb00c3%3AT%3D1675426926%3ART%3D1675426928%3AS%3DALNI_MYYIAO5RnNoPIsG7zrQZiJU3_SGxQ&gpic=UID%3D00000bae52377736%3AT%3D1675426926%3ART%3D1675426926%3AS%3DALNI_Ma8lgg4TV63m6OtJkQqirwjukwl2g&abxe=1&dt=1675426929275&lmt=1675341674&dlt=1675426922294&idt=642&adxs=-9%2C15%2C15%2C15%2C1005&adys=-9%2C781%2C860%2C1399%2C2223&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C2%7C3&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&frm=20&vis=1&psz=0x-1%7C1600x68%7C1600x2894%7C1600x2894%7C350x0&msz=0x-1%7C1585x15%7C1585x15%7C1585x0%7C350x0&fws=2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1903162748.1675426923&ga_sid=1675426926&ga_hid=602504223&ga_fc=true

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7025f43d0231075a3e02a90f54dfc695bf33a6ce9011be0df4067c5a13621fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37873
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,5506837085,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138416261507,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 348ms
348ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6285f58db924feee38e212f8b9a8713839faeec9f6ebff15dc31a1a028605b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12518
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 41B7 0
0 78ms
78ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023013001&jk=88245386324795&bg=!b2ylbCjNAAaq5O5FiuQ7ACkAdvg8WsS5kI_a9z7kc-J_8JvMPe3oS6sXzJqJ9sguByou-e3HASYw4gIAAACEUgAAAANoAQeZAr_XpbjkpxUPit5v6pkldalHmuIGLuJMSC3y24ang0h6-mBcW2-xGactxXt9IVSgYjI4tKQtCt8p_YRdvBfNBHGs7lZdj43S7Gj2qU9-eCAIHEKkkCOw9_CqPAwqUmUs04loZYADbx9Zgc1XgUdgMC8yYeK1blMfm7e6Q8V_lRhFgfa7ey8kM-g7J7K_bLE1oSYxShurktQc8pO3awwuHn2Jikgji31RX6T4m9FOwQ2iwZsUF4arYjH5mJDWKEtG3QgHWxB5LHJ4jDZxmF8TosLeCnfoPJP0QpCVFOYT2GSBp6ALTw7WZumnEC4lgOdTzUZAk5f79YYgXE7dkIx3s456EoQtGPkvRuIr0hHndTDjbjXsH3a5YM6oTQjzGu9vOVWU7PNcMrJy__snPjCQmnq7ckA-GJ8ThGJooPbzFbxBditRILez8G7VWlbSdTHCZ7vf7TNJ1SMj6tJdwgUJX8864nNufcsDGE91DlCsnSNfLBfYzlk3aQUFjVitWpMybXA_M2ZSMlx2JQN4nZ-MLygLzJ-P2poP30g90Ht1WNOfcznDLkxEYcnvR3nPxAyHbsMrRNYzP0I3Vl2mPc1HHeszzZB8oR-BLk_P9-5FJZdd2yJtsAVr3Eu6VubfbpcRpNjL_UpeCvCNKpGcUlXhDJA9pb4Avjot0moRFZ70oSsR7MOujojA4ObD3VfQCA1DQbnkHyTQN5KC6nnUbFDgGmD8Sp1JsiJHdAD9mmlXRO_YfdJLt_FxEfjda5tcYNRfXy0WBUBDNl0mBxylQ4A1zlNHurBo7nt-GHnRW_1jGD6d6yNQ4iv9Iej3zRMSJjT9EhYES2wcIcH-rPuVS-dPm9cRgegc-g2Q5CmntWuWe6CZLGp7o2jVQXhXjTauPDNo3ZEPGjX93pfg34n_X9GrVb1AzTRhv81ISbrQ2o4l4m_1
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
215 B 119ms
118ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39Ybwz,pingTime:-10,time:491,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675426929503%7C%7Cd24c8a9bf21016b954ca14d7a4486396%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7Ccc342e269370caa8ed546161689754af%7C%7Ca26fa7934a39bd493587a60e8790d042%7C%7C48c28fffdc3368e4023b791d8732de6c%7C%7C88f82a1b9ae3f1e92c7424c36c4769af%7C%7Ceb892702e1a8b95db155c126e058d8af%7C%7C1663701684%7D
Requested by: Host: 775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
URL: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 irctc.js Show response
cdn.unibotscdn.com/clientdata/js/ 589 B
788 B 40ms
39ms Script
application/javascript 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/irctc.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 6f01be0c587e61b2a221d2b0bc090338c0fe9c76e4616bf71a5b2bb347674277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-199
cdn-cachedat: 02/02/2023 15:30:23
cdn-pullzone: 873945
last-modified: Fri, 13 Jan 2023 11:20:40 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 456
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63c13e88-24d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: ea5208849c2486c0d9130b6960b6014e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 irctc.css
cdn.unibotscdn.com/clientdata/css/ 2 KB
1 KB 41ms
40ms Stylesheet
text/css 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/irctc.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 79c9c191c8c75809dee52db9025eb10d5bccbf2821f1fab385fbb4bf3b20ff37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-storageserver: DE-169
cdn-cachedat: 01/09/2023 12:23:59
cdn-pullzone: 873945
last-modified: Mon, 09 Jan 2023 12:18:11 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 85
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63bc0603-68d"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 4be74de9d9cf41da074d535b562c55dc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 4 KB
2 KB 40ms
39ms Stylesheet
text/css 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 5227153a9de496caa2ec6bda8b7daff8e4fdc7d4f309121b094f939a6289da43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: br
cdn-edgestorageid: 1053
cdn-storageserver: DE-168
cdn-cachedat: 02/01/2023 13:54:26
cdn-pullzone: 873945
last-modified: Thu, 05 Jan 2023 12:00:52 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 305
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63b6bbf4-ed7"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: a783d208766bcdeaec6f894045a03670
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
818 B 86ms
42ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 28401
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230037-FRA, cache-hhn-etou8220050-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 142ms
41ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 15:19:48 GMT
content-encoding: gzip
age: 2062941
x-guploader-uploadid: ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 10 Jan 2024 15:19:48 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 148ms
48ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: PT7R964SNBP7V8RF
age: 3537
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 793b21670e239a12-FRA
x-amz-id-2: uEvesaKlwjVmPw/1BiYGgazPWdZbbWYUXHe3LkX/IYzVkqzwJVjNTQs4kSAmClyeGuJuUTYS2hE=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 221ms
99ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Feb 2023 12:22:09 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 157ms
40ms Script
text/javascript 2600:9000:2057:e000:a:e047:752:5701
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e000:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 04:08:01 GMT
Via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 29649
ETag: "aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: OfncaD5QnSz1KmLOdnoFtMGBrnHY6DGEMA3EGScIRdmtUNkl6OXucA==

GET
H3 200 container.html Show response
d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D8D 6 KB
3 KB 44ms
42ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:06 GMT
expires: Sat, 03 Feb 2024 12:22:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3D8D 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CN5lBcfzcY76PFbHGx_APtuSdmAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI3MzAyNjM0NTEzMDg4MDHIAQmpAg6oy9JgR7I-4AIAqAMBqgSWAk_QLErOTM-oks2q9JK6bH2sTpLQ3Ftk5wxIDhRjmA9c5zWMaC2tRhSMIVDyesdb7jNdcbdV-CbTCkGxaW15OcWayzkzQCA9wTF4W4pFGIJLGf8OY-oelS1NePlvqPl3fQxLBKcMBxVhjwEby5-_UJTInKiPRODT73jZHYeD3lWVr0WtJyTmNHr9FETF-dTxRIWMaw3sgujsU7vQ_c5FYR4m3tpNzs3qKpMPsEJ5Wn8Pu5KQdrIMw9iotIOPpFwkIwEbhgFy1j3ITYtWviWs6GPSfy4dxtdw2e-PLey3leKmSM7yyMSITCW86Su5mYenAZXlFMB8I4lvoUmXZvQ8aJvyrzmpeB-y-C_P_YoTgGTcrqdfjxt54AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNzMwMjYzNDUxMzA4ODAxGPjkdQ&sigh=XRc7TmoD3b0&uach_m=[UACH]&cid=CAQSPADUE5ymMOvmSbu0WvX6kRqe6W1VhhHwaifDP_IYtkfqn9SQEU6Bbcd3GZLJmNoSo1V77nwgQRqo60ZqlhgB
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3D8D 0
0 156ms
56ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k4SxEsc1rAL6AZ2DYgICAAAAD38ULK9ODHLkDoXCnVGIjRBw_Nxjb0sN8IlpFV7Lo-oAEgAACg5BUVVCQlFZREJRRUJCUQ&wp=Y9z8cQAFR74IEeMxAAdyNqJX4AY3AnSXuyercQ

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 271965
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F421 107 KB
40 KB 199ms
97ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9z8cQAFR74IEeMxAAdyNqJX4AY3AnSXuyercQ&u=%7CnnsCXnzUBed9uQK7GEaOLrAWue%2B1kHmFmxbHQ11bXRU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyRUAeNv4apnefVPHzpDLsKjCbV-stiONIV7FgfHomxT3MOiAesioRZVTESwDNozL8JSnxd2hQHNSzE6Qvz5ew3EQCt9pfXEao2ikNZET6bs9VMekHpmGHe6MsFggwPgx1sh_52NXalwd2u9zTP8yj_sLCd1ORMgeEhWS8If5gFq43s6k75FlENWcIErzv-Vd5V5Xi7W9jnQLH2EtYW0Xu5VO4sqhKCEEuwgm6prAaGy5YnxN-kp9uOFAFOIE10VFeFlpYgRW3chapALuL_s-8_-hYNshXoqfVciQShZNHQ79Iq_ALJGOVxNMgUyW6xCw5986ulA9ry439ZpQNSG5EzIaGC06hET-DnQ6gMCQep9R9HhuO5wQu08eOehUK8yzAuSl9YvqySUya0CZgILUUwZckRZr0lhzVzaFHOsimS0TzZqT7ALhhCaJLimJhieepArmGFnk34Pc16a2vmpqtkx7JnherBjlQnmtbjMwsOWIN7ATUNIwCAgOP0A-g4T8PBayG0NJkfPWIOR6iqBFR6Yi9BvU7dtv2lu0h2u9d5njFUWi8eXSebk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3YV-cfzcY76PFbHGx_APtuSdmAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI3MzAyNjM0NTEzMDg4MDHIAQmpAg6oy9JgR7I-4AIAqAMBqgSZAk_QLErOTM-oks2q9JK6bH2sTpLQ3Ftk5wxIDhRjmA9c5zWMaC2tRhSMIVDyesdb7jNdcbdV-CbTCkGxaW15OcWayzkzQCA9wTF4W4pFGIJLGf8OY-oelS1NePlvqPl3fQxLBKcMBxVhjwEby5-_UJTInKiPRODT73jZHYeD3lWVr0WtJyTmNHr9FETF-dTxRIWMaw3sgujsU7vQ_c5FYR4m3tpNzs3qKpMPsEJ5Wn8Pu5KQdrIMw9iotIOPpFwkIwEbhgFy1j3ITYtWviWs6GPSfy4dxtdw2e-PLey3leKmSM7yyMSITCW86Su5mYenAdfnNVL7rBV8HtWDxSQBzmP7uzMfcjGqepsHwCzhP3rwtiL1CwjGvTfy4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3rAdilIggCIVpyNoYoGa1n1LjaRw%26client%3Dca-pub-2730263451308801%26adurl%3D

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3d02bdbb642f06ff5a55fa2c7600fb654413048f911aeffa6d5fe729af8cb833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gFZnWgMvGLEdVxHZZ0aCnu5SzyuKcR24lgvTHyCvFPRebxDc5ne3AGQefyUn5HD0bzGbPh-CNtlJjYUVWqlgaIwch9t-uJJvapUntWvVUK9ZAm0F6AzYG0AM5pBH_GJuGnOKJK_VrNs_3EMVu57oq1OowGAZExtOXVV4B5hAATLTcDocLb2JyowHuyw-UyNRDo88djIeu1X-rxOHRoa6q05g-3a0-6-OBaeuHruUvJy-0Xq-oWFZTiwybT3m_nJBB4C1Fg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 18452829
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3D8D 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D38E 1 KB
643 B 46ms
44ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3D8D 18 KB
7 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3D8D 0
0 50ms
49ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmNb6ckm1jsIgMeyCyhtx5QyeXpZ008bk3gjY_285RQ1J2TRO6B2SdQcqhEsOklobKy51r1wVsUUI5o2JNvnmfQSQLPw
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3D8D 24 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 01 Feb 2024 06:14:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D8D 157 KB
48 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H3 200 container.html Show response
d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ACE9 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:06 GMT
expires: Sat, 03 Feb 2024 12:22:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C08 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:06 GMT
expires: Sat, 03 Feb 2024 12:22:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FF1 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQBfliS-RrPGK2c1LgUvEDX16865IIZvTkEPZpyogdUcc2b1mpvUbIv-A9HhejYybsH2K2UAuKpxQv06cWwepNVZspqxGGE_kmy7oYGLFt_rOMXUe6iimaae_7nOUUUFVkT06EP_dxk4AP-alNSu_SNJRQ33SXSmM9ejRIZLZEBrtdUV0vEvbypmuRA1N99Ql7P0uTbitiucMYjXK56xwP33kS2XHAF7-02ss-ohr4LnZL9cMiycEKEk8CL0CAkkEwXIvM1Rt8QdfXrPHx30Yx9idqF1CEoT1yqArGQGukfdNtMH54gdK6XymHv9Ji7pWshaQaQQ&sai=AMfl-YS-2Su28_V5pbSDvkPsHZ2VG9OltBqAVoLIjGmVEjDJDeBDA57bsLX6VRSjcQi-j3_3w0covVjEdFCsRN1UujCfVCjxJv0LV8pJ74eeMDpnXt40dXYwbWugdTiAbI4&sig=Cg0ArKJSzMAIu61Fen0zEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 5FF1 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FF1 157 KB
48 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H3 200 6896575230520559133
tpc.googlesyndication.com/simgad/ Frame 5FF1 55 KB
55 KB 54ms
53ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6896575230520559133

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519538ad530d1ba2e60c8a3a9c864663edd0c1adfb729925c8e665d71c9af6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 09:54:29 GMT
x-content-type-options: nosniff
age: 268060
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56422
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:21:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 09:54:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5FF1 0
0 49ms
48ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmSq_At9oaZaXRTnDetgvvz-6o4XynXTnM2r13JzeDCgsB2Ucr51GV-p3gQcThVtjiRUF6p0zVuXxZd54i8CksOU5Mpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 container.html Show response
d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3042 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:06 GMT
expires: Sat, 03 Feb 2024 12:22:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C33 42 B
64 B 93ms
93ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD1sZ9xgvz5lGrcrluv-LcJAgDHQtumjO7IrfUPtcgy22mCrNSi3LyPPXsFvZBJeJejovgE_GzXHrfTRgm39sYS1_a5CV8gETASMrlZjHKw_5DYbGsS1nqeF51bED_GXmyTwuCCQ&sai=AMfl-YQtN7kiEpJ_TEEDnfYzHTZu8m2QiBKED1Z7Ted8QUPFQaznOHGdBPh34_qMWDjoqINFK9u50Gq6LQWhhQwm7r96lDozXV8VrZo&sig=Cg0ArKJSzP2lvvVkvEv-EAE&cid=CAQSKQDUE5ym-nyqPbWzxDZmAs_cKwTX7i82sBaXNBU1apfjGsvKqpY1gmtsGAE&id=lidar2&mcvt=1062&p=0,0,50,320&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3049664599&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675426928325&rpt=401&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5FF1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c5f5d2804c7ba37ec98d7e95c73a672054da843f63ee70c8fd74675a8203f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dds
rtb.openx.net/sync/ Frame D38E 43 B
135 B 50ms
47ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGqxqu2J8GrM_uEG7YR7-GY&google_cver=1&google_push=Aa02lx_58eJxEoK8lheSpHt2DEimq-ehrt--LSGtHhQbOryLNwA7KijNhEBBOtQou_WV4YyXL5ACSSc5BWrx-eHkU5ZM3HQn8w
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: oqe56rrbr9d5v8ut1s38e6ipcu5g553c

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D38E
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEjuOYla6UsnghlrfcTPFxM&google_cver=1&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEjuOYla6UsnghlrfcTPFxM&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2orxe1_vhrJErFw&google_hm=dWxaTXpQenh2NEVlU1dab...

170 B
188 B

78ms
77ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2orxe1_vhrJErFw&google_hm=dWxaTXpQenh2NEVlU1dab3FNUWg=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:10 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx_O1pHFGwyDlecGvA1RjK_zuExPepx54dLJTjDVzSgNm8eqmptHMMwM-_bYJyR8qj7OVZxQubH23eCr2orxe1_vhrJErFw&google_hm=dWxaTXpQenh2NEVlU1dab3FNUWg=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D38E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

85ms
85ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9UT3yWFyjI7jNi-Tc3iLJFVsf8eIjMrFVRNusKYd2PN2EHLTMJpR39BSg3qgOtpewKJh_TbHgwjmu6KryD_vs8oEXm5Gs

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kq8s9IlET-2iBiBjj2p32Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9UT3yWFyjI7jNi-Tc3iLJFVsf8eIjMrFVRNusKYd2PN2EHLTMJpR39BSg3qgOtpewKJh_TbHgwjmu6KryD_vs8oEXm5Gs
date: Fri, 03 Feb 2023 12:22:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D38E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMm_bsYZTBo9PTDqr1gTxkc&google_cver=1&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdA...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMm_bsYZTBo9PTDqr1gTxkc&google_cver=1&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdA...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdAx6r5etG9t8&google_hm=GGEGCGZHPSKvthzgSMC5oy9H

170 B
188 B

75ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdAx6r5etG9t8&google_hm=GGEGCGZHPSKvthzgSMC5oy9H

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-1WTF2b0EOGoRrltbn95un8nbfpiu-dl6NTyktkrobgHpKp3vEEztnXxo405B-NQGIZmUj3yD67GoP7HDdAx6r5etG9t8&google_hm=GGEGCGZHPSKvthzgSMC5oy9H
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D38E
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEEXkzva8Oam2Hnb2d1P6KD8&google_cver=1&google_push=Aa02lx9ybTGGBUEsrcsjau0MC-MGeNdksTi-i8TYfageDfNDwY8O7-ZCLy7aFnvNPPV4isBTJgz0_4K_bm2uw0kurhW5loP...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx9ybTGGBUEsrcsjau0MC-MGeNdksTi-i8TYfageDfNDwY8O7-ZCLy7aFnvNPPV4isBTJgz0_4K_bm2uw0kurhW5loP4Q7ue&google_hm=Njk0MzM0NjY...

170 B
188 B

74ms
74ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx9ybTGGBUEsrcsjau0MC-MGeNdksTi-i8TYfageDfNDwY8O7-ZCLy7aFnvNPPV4isBTJgz0_4K_bm2uw0kurhW5loP4Q7ue&google_hm=Njk0MzM0NjY4MTg2MTk2NjIyNQ==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx9ybTGGBUEsrcsjau0MC-MGeNdksTi-i8TYfageDfNDwY8O7-ZCLy7aFnvNPPV4isBTJgz0_4K_bm2uw0kurhW5loP4Q7ue&google_hm=Njk0MzM0NjY4MTg2MTk2NjIyNQ==
Date: Fri, 03 Feb 2023 12:22:11 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

report
sync.teads.tv/um/ Frame D38E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJmK9eMQWwywNj9fp92jgWw&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-3N0pVlHxqTa3vVFXlz2gEJKpDwFQXtGrTwCYUoCZkr_7hlxC_gWI8VBdHEMj9QPOgZ1zSDpODG-Pa33RCEzDDEi0FK4w
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

71ms
70ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Fri, 03 Feb 2023 12:22:10 GMT
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D38E
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEELU-UNZa...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEL...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=23976006-fc59-4924-8e4c-49e6204a04ae&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

77ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=23976006-fc59-4924-8e4c-49e6204a04ae&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=23976006-fc59-4924-8e4c-49e6204a04ae&%%GOOGLE_PUSH_PAIR%%
date: Fri, 03 Feb 2023 12:22:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D38E 0
12 B 73ms
72ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-dfcEZvrjjxgSwIm30ADkrKAj0TzFPiE5Wls37nkNZl6uNOju1osrLPFCVAFyam2Q_2iiyvA_

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 596E 624 B
242 B 89ms
80ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYiZWZ3wEwAQ&v=APEucNXc2cePufKq664n6AjWv8dzZlmKIfYnSXs2qCNXtokRcXcAsjTZHF_EZu-uK3wrB_oFKQg5rpzJGBrbn5OeCuNuhtNIs6B22ESdrge0eLF6v5AWWi29MdC0C5c6YcNK1EOIZTblm2z04uO5rCrjS6RchnKD7Rfzp0nEuma3ACeToVHSxPs

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ACE9 78 KB
27 KB 147ms
138ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACE9 42 B
63 B 84ms
75ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ah8CrwzcVPaQxye5PEgwnWXH2tXsu4NYat3Ubnz9vsXkk__MHBGhO98_uZ-AgykQ_LtUnJkXUnfmyPXpUdwbHp6budpHq-zekPqjO4fc1YJiubUio

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACE9 0
20 B 83ms
74ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18239050664558463275&x=1&ct=77

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame ACE9 3 KB
3 KB 165ms
42ms Script
text/javascript 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=61061010;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=468077193&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CR6iGcfzcY4uvFYu5-gbThYZooInMx2vy0_KHqBG1nPW0xAEQASDHzqgjYJXCpoKwB6ABkf7RogPIAQmpAg6oy9JgR7I-qAMBqgSEAk_QvvOPaZ9XwezEDpHjvQkeWnEMy99Mo199Pzu_HstxfXoLR0pKSbEEXyea5snsqwqXF55VV4Eg5bCOmZuSQvH98jJcPd1Xf8JkIiSLMf3pNWE6V1Bu61ntfUQ2h7LOLdAMrQG3kj_8sfppZC8n4570uBdFlGoB1O4wqhf7GGCksug6NCZGr-UFErcMWdfhRUXRRTqY_3FeLUk2eGbnjeSNaDavztnUp6AfS3IfmCS41QZJvqFoobvA9HfDhmWsDY2jNbYS2rF56JNviPaLXmlEmxSygdt4GlzC27ZaxRSlXvRC8wqeQVL6BNusMvXjsBKr8VfZpVzdeap1drHa8HAfMTAIwATu1qrw9QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7aMixLQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&sig=AOD64_1Ai8yJ7WZNSZNoJTG2gGI9NqC65Q&client=ca-pub-6685711026657277&dbm_c=AKAmf-AAi4xXVl6iHDDPG8KZ3XXOTXpYW7XX9uia2ZPccHiRVjVU2se9xdeqhg4v5qvohoKlXf_JUeW1m-UVoUBoJGLMp5xZ15ZYNv2YWzE8ixSE6aoJ_l-7n1sLIri10ug7wIJIS-Z56IY5M6nW4Au_Xe7MVelbuNzFPkakB3KoqUPOxwvrHUk&cry=1&dbm_d=AKAmf-D9hUOqoXsSMoFoHC7RxVE79mkN1kfVTeZVGolpGOL4rU7k_at-_omrLsERPP4yp7lQYE5d8NGMqkDi32rtOaQjqilxv8a5GUd1miAkN_smklYfbjszpVR6uQMaKSFlHaTjRefTw1VZIXcDPpAXWYlI5sZB7DD__nokQ8JGVO6Cz4-Q2DO9Rwcl4MqWQEgaDwZPSKtObrcg4C7a4uxOD7cunMAk4Xn5wTxcTkndHiV8040FwsJuoB1d9kE0Z-V8pCzFnSKTkxK4PdROTeJy6vnI9xfXG2WFCDu1JGY_MlIuqAu9HIKhlcn5gdlsWxt0dxn7bbZKmWpG_NkyI-dQa5WgoD2HRnKjzHmDfcyiyb3-U-rSQ7xiumSpbP9XxzD5UY00nxBA77n9D0D2Kg1msyyopvQlwPKjVwOeXWi5mVhhDqmJfwBB8jPHOurmsTVkaOR9LkJVbYd-GY_k1IyJxsfI4b-T8B7le72hDVD3HVcUDRONmNRZ2-Mv2sRSQ3FlmXdBZe-UHj1smzAYYO7TjLuVJCCTt8i4Zk4aUl14XzkKRhYWr_U&adurl=

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78d9081193cf8f72b27ae0cb9adffdee4f04e48b847ac3b3a48cc532636ad8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2836
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame ACE9 43 B
1 KB 299ms
59ms Script
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=468077193&rnd=1675426929350091

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 03 Feb 2023 12:22:09 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 03 Feb 2023 12:22:10 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame ACE9 3 KB
1 KB 56ms
51ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame ACE9 18 KB
7 KB 59ms
54ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ACE9 0
0 55ms
50ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRCSC2KD2K3IVZreSaU7Ad-1Px4i8CJcZQhCTpVdHZDN7d62L1UY9b0ZvZym8L0-pPAMSWcpLCt55sbHKbqL9XYQf9Wg
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACE9 157 KB
48 KB 57ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1E0F 624 B
242 B 84ms
78ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYxcn33wEwAQ&v=APEucNWRnyBucA9GMWD_edexFtJpzQ846pD55-DHZytv9Pqs_Iz5QaMg-CBIvFe_4wNo5MG4FnQfGxtHcQn8AmJRwBrPLoy2lGI67z4wc7FS3pe75zReh2pSjg1sPGo7VVfhuf8QH-9EtwkThAroqiy30Gx3hVUGjUjVHFU9cgOpoVml1mmJ-EY

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0C08 78 KB
27 KB 207ms
202ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C08 42 B
63 B 81ms
76ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzvzKOM8DV2zq23x6G9cz4wylJqIRVkrxctSnLbLcFqn9lUXxStHmUH1JzsINsK7YLDhXNneXyousZ2ZJmRJkMwFmtbCmp1FhgVPktV9xsUzFiZuw

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C08 0
20 B 81ms
77ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14022020427558166653&x=1&ct=77

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 0C08 3 KB
3 KB 163ms
43ms Script
text/javascript 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=61218350;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=469624005&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CqHgHcfzcY4yvFYu5-gbThYZooInMx2v676bDqRGZ4rnWvAIQASDHzqgjYJXCpoKwB6ABkf7RogPIAQmpAg6oy9JgR7I-qAMBqgSGAk_QD_LSBzCDoDtLDCKN6mBftRXReRThbvTDjA4TJhdOWRrM_T8sCJUxFPUIfxE1QK8Xvbo1gwI7ZoPnwKjRaDtgKBvEzti5I1dz1LUvNeyYi6K6titfDUUAU-3_wkrmzbO78q8oU0tNDuj9vq5i92_bVlpg8Yla1uxVb-tDRHrhODRixNG0GBt4shc6U-OGt-chG1ul1L6lWLlSlY6GvVzjoViYPt8-kwOSDK0KkbqkhWTt7F85AGzNpzOpGujIVwsfEiG4pFPcrXZ9zVwz80yN8rKYhIQ54dBW1i31ItgWy_-pP_gUkyaLrjhx2Cb23BGqZVTgXYiHcjk0JTznBHyqrj3rgTHABO7WqvD1A-AEA5AGAaAGTYAH14GuXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATtoyLEtATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&sig=AOD64_2BkzjI089TQhkYMfs-tCIUlh6kRw&client=ca-pub-6685711026657277&dbm_c=AKAmf-BJnDc46_9LmTYUVY_IbmmhZVgHQisViRk1NNtYv-WGeE1ipRGuDg6aseJD5BHYucjX4fbOuM61wWXx4O0QUPX0K25rKzqSEfCYwqpHBfPQAmapl2YHqe03luajYqjPNIGov3eaP0OVzTiPKj8FzMHTSOHp9KTn-mEqPGft0MiLD_xDbtA&cry=1&dbm_d=AKAmf-BDGzleuDv6s8DJOMhs5g7W6oStnpbowalnRSUrzwDM8v4ypIhldIEFtdnRGgDiD2Ts82xhRsdUW0wSw2bLQ0cmdMO6SlynmiOZebf1tgTEuNZVmK78im6gthixecZ9OmjAySIQcQIIhNXrqUamTQdG4OUZJeVlvMEcjO2spIMifhfIBQ34yScXTHb2_vEuRQdZ6hzn4xyA_KAXV2euMEcsWP88MtcsPr4APQPK3DQXVHUR0LxbX59qbof12CYBeQGnG4mdHBwYHu2dFjrubUW3AUIyeiwdppQ939Jq8EN5fijSpD7MUixKox8UJ2v-CVtBV48JVTFrf8vjK_E8hKbKzoOyJ8ZKRI-DA56iOjy5yrqa4LYxB1hcV4Ep13CP-SkAjh6TBj1ID1ZbWyfUNJEjyXwNqyW-fmPjNXH6HHHMrZUxcO7oIJ_cx9YL796MnQociSvMIjra_M1SiLmDrBCxavnCKmXWcfhHIsCpVpvG8o9L1ryl_l2es56cjd87MvJwpb4l5SVUuriEvdn4SoQtzJMLdz1pZBj0A3KmoD8G_dlyBBU&adurl=

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fbd208131c4807aa595f18252af2227e41bbfa6216e7c3c28cc839f9de0d78d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2821
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame 0C08 43 B
1 KB 293ms
54ms Script
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=469624005&rnd=1675426929350092

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 03 Feb 2023 12:22:09 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 03 Feb 2023 12:22:10 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 0C08 3 KB
1 KB 68ms
64ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 0C08 18 KB
7 KB 62ms
58ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0C08 0
0 52ms
48ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROUpOg51a_SxzjtEME8qrkN67WNwBixwrwKVf-QTRVWbw7NOWwqalVdQ3KgEzYFxtvJkUUXYKTtNQ6sk9_vwEqzLMgGw
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C08 157 KB
48 KB 84ms
80ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&rid=esp&cc=1

85 B
203 B

154ms
153ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&rid=esp&cc=1
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: d131d5e464fdd0fba8595adb790ce5cb6dea4ac67c152b7b7e148398ac465d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Y/4FAcBT9L4NQp2trdqSH+y1pMw"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.irctc.co.in
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 03 Feb 2023 12:22:10 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.irctc.co.in
location: /esp?url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 146ms
47ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.irctc.co.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.irctc.co.in
date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FF1 0
0 87ms
87ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2gazQwRPMkwSmc9PaitaXGTmGmUuWP7SaAIhWcoM8dUMt2NJ6fuFTVgLdJE0iD4K5sKD2pB2n5KOG_9UUImSAVfday0cK5QxSuXFBn8D_TbTS0tbHM_T2MNZHS7XiAbprurbts4lz7k2agaKucz1s8LioyyL3wayBGj45dKkVvLGDK1NsEQFqAkzyiz-UWJpPCnMBP0w7dmQBii6EomR0bxYCT5ISyKYaPk7cH4gS_atvhOx95c6niPhME3MSJPi1znPGBgHKoCX2irQSzsmxxenQXKiE-aAve3i54JDzUhA_9tjYNyWSEjoG5wKtimRUvIIuYKqB&sai=AMfl-YTn2JSMACDHIz4S4LM-WqrnTC_JkVfOGzygI0SE-6ZagLGIc30XWnZrwQ8LV4hG-_iGe8CBoAYba31u6bXgfWSC07d2lEwWDj_dYY_E1rLgHZsS0b3_Lx5zIRtXm2s&sig=Cg0ArKJSzDV7IPBu5V1EEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A3F0 640 B
262 B 91ms
88ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPn2QIQm5vbAhiCma90MAE&v=APEucNUCghZqoFErj9Sjquno2xyD98jjMDTV0BE-YX68jZEcM57iqKnDUUX-jFfVGh4PSEoCU1OBoZjxFDISXXKTrvIXrxfYbCv_O2-IHasInfCKRcC8AuUGPp9KtZR0cZkXdhwf3w_aVzasc0MXQ3wiNt_9qBw-dUr4idCT3TEuU3Pmv80AfKU

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3042 78 KB
27 KB 181ms
178ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 12:22:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3042 42 B
63 B 88ms
86ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNcczkz9ikgW-GXbuf-bjt8ip8RBT1expmsYKUdCd1lLnOfRu3XTnUOml3xEEetHVIRJt6krAFjD9H1SoaoCE0Ipm3jM2S4Nq0vFM9dft4MoPYTdI

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3042 0
20 B 88ms
86ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1645245059392795811&x=1&ct=132

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3042 3 KB
1 KB 57ms
54ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 3042 18 KB
7 KB 57ms
55ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3042 0
0 54ms
51ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVQicosksQ66BxgaTIWsyb6DSP0Kjy74DnMAC4AdrN0dvndUVM2xoaFuQ4JKdh51AGU0jBUyx9wq6Iyq4y3cWz6Tfq-Q
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3042 157 KB
48 KB 87ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:09 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F421 2 KB
1 KB 62ms
61ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9z8cQAFR74IEeMxAAdyNqJX4AY3AnSXuyercQ&u=%7CnnsCXnzUBed9uQK7GEaOLrAWue%2B1kHmFmxbHQ11bXRU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyRUAeNv4apnefVPHzpDLsKjCbV-stiONIV7FgfHomxT3MOiAesioRZVTESwDNozL8JSnxd2hQHNSzE6Qvz5ew3EQCt9pfXEao2ikNZET6bs9VMekHpmGHe6MsFggwPgx1sh_52NXalwd2u9zTP8yj_sLCd1ORMgeEhWS8If5gFq43s6k75FlENWcIErzv-Vd5V5Xi7W9jnQLH2EtYW0Xu5VO4sqhKCEEuwgm6prAaGy5YnxN-kp9uOFAFOIE10VFeFlpYgRW3chapALuL_s-8_-hYNshXoqfVciQShZNHQ79Iq_ALJGOVxNMgUyW6xCw5986ulA9ry439ZpQNSG5EzIaGC06hET-DnQ6gMCQep9R9HhuO5wQu08eOehUK8yzAuSl9YvqySUya0CZgILUUwZckRZr0lhzVzaFHOsimS0TzZqT7ALhhCaJLimJhieepArmGFnk34Pc16a2vmpqtkx7JnherBjlQnmtbjMwsOWIN7ATUNIwCAgOP0A-g4T8PBayG0NJkfPWIOR6iqBFR6Yi9BvU7dtv2lu0h2u9d5njFUWi8eXSebk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3YV-cfzcY76PFbHGx_APtuSdmAnJntKxXNWdkfdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTI3MzAyNjM0NTEzMDg4MDHIAQmpAg6oy9JgR7I-4AIAqAMBqgSZAk_QLErOTM-oks2q9JK6bH2sTpLQ3Ftk5wxIDhRjmA9c5zWMaC2tRhSMIVDyesdb7jNdcbdV-CbTCkGxaW15OcWayzkzQCA9wTF4W4pFGIJLGf8OY-oelS1NePlvqPl3fQxLBKcMBxVhjwEby5-_UJTInKiPRODT73jZHYeD3lWVr0WtJyTmNHr9FETF-dTxRIWMaw3sgujsU7vQ_c5FYR4m3tpNzs3qKpMPsEJ5Wn8Pu5KQdrIMw9iotIOPpFwkIwEbhgFy1j3ITYtWviWs6GPSfy4dxtdw2e-PLey3leKmSM7yyMSITCW86Su5mYenAdfnNVL7rBV8HtWDxSQBzmP7uzMfcjGqepsHwCzhP3rwtiL1CwjGvTfy4AQBgAaa_4uRoOyP78MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3rAdilIggCIVpyNoYoGa1n1LjaRw%26client%3Dca-pub-2730263451308801%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 12:22:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F421 2 KB
1 KB 57ms
56ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 12:22:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F421 308 B
636 B 56ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 29 Jan 2024 12:22:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F421 293 B
621 B 55ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 29 Jan 2024 12:22:10 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame F421 43 B
348 B 304ms
58ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=2BTZDZlaw5Qqj9Ni5qb4AzBDJERwfpz780XFbrLl-RL5ZG7VFO6r_tSdlMwXYJy-kkHudF6sZNWNNoqY99NNzS5b7nIOjX3MzZGCnphMHabl5RVhKx7UDvSz167xo9bpenxNcdu8j20v6QLVfL_aGv5CAYeIiPsmEDREhaXFprGbX67o74ilG7nrYQZG6GWkJemdj1vu6MYJBQ5AVVLqvMSMnkGd16VlnvABILpKShFZOgkLSQTAMOoqAReHuD1-dWxfS8mT33Jp4_v7iInlH4GExm34uJh08KLm-fRdd4kWYLB7EBEg3VTDru2wvQZ2uTWoVpNdBqZDa0IeR5VwycvGKjXax0xaMvDBSawd3XV8N5cyGQ-kVr_VL8Bm-67j87f7wqIEThxMBLyxGRoo0xf0JDzcVmF3goZajHG2nkBRlsY5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1824916
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B53B 15 KB
6 KB 153ms
52ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.irctc.co.in

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 1030415
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1E0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

43 B
632 B

73ms
45ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYxcn33wEwAQ&v=APEucNWRnyBucA9GMWD_edexFtJpzQ846pD55-DHZytv9Pqs_Iz5QaMg-CBIvFe_4wNo5MG4FnQfGxtHcQn8AmJRwBrPLoy2lGI67z4wc7FS3pe75zReh2pSjg1sPGo7VVfhuf8QH-9EtwkThAroqiy30Gx3hVUGjUjVHFU9cgOpoVml1mmJ-EY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1E0F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9z8cJnldljRUpGeepHqnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYxcn33wEwAQ&v=APEucNWRnyBucA9GMWD_edexFtJpzQ846pD55-DHZytv9Pqs_Iz5QaMg-CBIvFe_4wNo5MG4FnQfGxtHcQn8AmJRwBrPLoy2lGI67z4wc7FS3pe75zReh2pSjg1sPGo7VVfhuf8QH-9EtwkThAroqiy30Gx3hVUGjUjVHFU9cgOpoVml1mmJ-EY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1E0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1

43 B
1 KB

51ms
50ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYxcn33wEwAQ&v=APEucNWRnyBucA9GMWD_edexFtJpzQ846pD55-DHZytv9Pqs_Iz5QaMg-CBIvFe_4wNo5MG4FnQfGxtHcQn8AmJRwBrPLoy2lGI67z4wc7FS3pe75zReh2pSjg1sPGo7VVfhuf8QH-9EtwkThAroqiy30Gx3hVUGjUjVHFU9cgOpoVml1mmJ-EY

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:10 GMT
AN-X-Request-Uuid: 1434ad49-0767-4eb2-be94-9af75d44537a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E0F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

170 B
188 B

77ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c2ac8576-197e-48ce-9875-3c0d17e3d778
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 596E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

43 B
632 B

82ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYiZWZ3wEwAQ&v=APEucNXc2cePufKq664n6AjWv8dzZlmKIfYnSXs2qCNXtokRcXcAsjTZHF_EZu-uK3wrB_oFKQg5rpzJGBrbn5OeCuNuhtNIs6B22ESdrge0eLF6v5AWWi29MdC0C5c6YcNK1EOIZTblm2z04uO5rCrjS6RchnKD7Rfzp0nEuma3ACeToVHSxPs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 596E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9z8cJnldljRUpGeepHqnwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1

43 B
632 B

48ms
47ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYiZWZ3wEwAQ&v=APEucNXc2cePufKq664n6AjWv8dzZlmKIfYnSXs2qCNXtokRcXcAsjTZHF_EZu-uK3wrB_oFKQg5rpzJGBrbn5OeCuNuhtNIs6B22ESdrge0eLF6v5AWWi29MdC0C5c6YcNK1EOIZTblm2z04uO5rCrjS6RchnKD7Rfzp0nEuma3ACeToVHSxPs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJbn9eeItjG8oAk-RmP1_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 596E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1

43 B
1 KB

58ms
46ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYiZWZ3wEwAQ&v=APEucNXc2cePufKq664n6AjWv8dzZlmKIfYnSXs2qCNXtokRcXcAsjTZHF_EZu-uK3wrB_oFKQg5rpzJGBrbn5OeCuNuhtNIs6B22ESdrge0eLF6v5AWWi29MdC0C5c6YcNK1EOIZTblm2z04uO5rCrjS6RchnKD7Rfzp0nEuma3ACeToVHSxPs

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:10 GMT
AN-X-Request-Uuid: 9f1997a7-b2be-4547-be53-f331fa82dee5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGvEXSD57ZexRfgTRgxqYFs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 596E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

170 B
188 B

77ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 808bc4be-0225-46cc-9ecc-78830d0ab99c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc1Mjg1Mjk0NDI4NDM2NzcwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F421 12 KB
6 KB 59ms
58ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 12:22:10 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F421 0
128 B 172ms
53ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=gFZnWgMvGLEdVxHZZ0aCnu5SzyuKcR24lgvTHyCvFPRebxDc5ne3AGQefyUn5HD0bzGbPh-CNtlJjYUVWqlgaIwch9t-uJJvapUntWvVUK9ZAm0F6AzYG0AM5pBH_GJuGnOKJK_VrNs_3EMVu57oq1OowGAZExtOXVV4B5hAATLTcDocLb2JyowHuyw-UyNRDo88djIeu1X-rxOHRoa6q05g-3a0-6-OBaeuHruUvJy-0Xq-oWFZTiwybT3m_nJBB4C1Fg&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F421 2 KB
1 KB 67ms
53ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 12:22:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F421 2 KB
1 KB 74ms
59ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 Jan 2024 12:22:10 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A3F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPchxFSoIiUaETvd5--t0ss&google_cver=1

43 B
114 B

87ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPchxFSoIiUaETvd5--t0ss&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPn2QIQm5vbAhiCma90MAE&v=APEucNUCghZqoFErj9Sjquno2xyD98jjMDTV0BE-YX68jZEcM57iqKnDUUX-jFfVGh4PSEoCU1OBoZjxFDISXXKTrvIXrxfYbCv_O2-IHasInfCKRcC8AuUGPp9KtZR0cZkXdhwf3w_aVzasc0MXQ3wiNt_9qBw-dUr4idCT3TEuU3Pmv80AfKU
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPchxFSoIiUaETvd5--t0ss&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A3F0 43 B
304 B 178ms
49ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPn2QIQm5vbAhiCma90MAE&v=APEucNUCghZqoFErj9Sjquno2xyD98jjMDTV0BE-YX68jZEcM57iqKnDUUX-jFfVGh4PSEoCU1OBoZjxFDISXXKTrvIXrxfYbCv_O2-IHasInfCKRcC8AuUGPp9KtZR0cZkXdhwf3w_aVzasc0MXQ3wiNt_9qBw-dUr4idCT3TEuU3Pmv80AfKU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A3F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEF-XJyt_kxuP3DWVuDX33NE&google_cver=1

23 B
172 B

68ms
68ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEF-XJyt_kxuP3DWVuDX33NE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPn2QIQm5vbAhiCma90MAE&v=APEucNUCghZqoFErj9Sjquno2xyD98jjMDTV0BE-YX68jZEcM57iqKnDUUX-jFfVGh4PSEoCU1OBoZjxFDISXXKTrvIXrxfYbCv_O2-IHasInfCKRcC8AuUGPp9KtZR0cZkXdhwf3w_aVzasc0MXQ3wiNt_9qBw-dUr4idCT3TEuU3Pmv80AfKU
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Fri, 03 Feb 2023 12:22:10 GMT
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEF-XJyt_kxuP3DWVuDX33NE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A3F0 23 B
172 B 70ms
70ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPn2QIQm5vbAhiCma90MAE&v=APEucNUCghZqoFErj9Sjquno2xyD98jjMDTV0BE-YX68jZEcM57iqKnDUUX-jFfVGh4PSEoCU1OBoZjxFDISXXKTrvIXrxfYbCv_O2-IHasInfCKRcC8AuUGPp9KtZR0cZkXdhwf3w_aVzasc0MXQ3wiNt_9qBw-dUr4idCT3TEuU3Pmv80AfKU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Fri, 03 Feb 2023 12:22:10 GMT
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACE9 0
20 B 78ms
77ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5979607842939&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACE9 0
20 B 77ms
77ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5979607842939&version=m202301230201&ct=77&x=1&cor=18239050664558463000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ACE9 28 KB
17 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1G8zPUN8n6Ok65NZUZW07Sc4z576k2hN-k7IUmwrAKHXf-jM2Q4jKikKsAA6tMalE-KDaUQsK5hr5KbHRnT-TMt5BHTzUKpAUPTZrZaZc_7FEwUqe-BjOmICo8-QX-VVUyKkX6qyCvlxUaDHiFCcvPEVbTKUBpNu6lVEuzZdLVq2x3x4&cry=1&dbm_d=AKAmf-BLKtb1c-aKEOuxDimWvb92zY3xHZ3Du22g6z8vn83fHN3IoXv3AoNzG_aP4XGx6bqUyTyd6tCsT9bw-KqY7mJtZdrvDeJwljKmNa1tEn_9blI1uevVMu9uMO9rbO8djWxlLHo2eRHzhfVkVqOufhk_ZAui3fsvHbWWM9UScLKqPie7j8d835UT8i-KYW-xLp6RYIt8LyOuHOSaQ0sYzkgAyk1ZgoE-aNvtGcRagWDYZNG3QnSiPYRXpL1Ks10uV-oVDQNJrdNMjFfhiiZnDA0rHKkW2uUGgm7m_4i5m8zBt1JuhlJY78aujzXHtuBqWNyZ2PfahSyf8-jxeli0tmhmUUhW7lpFd4luPk7_QIihIR7h00uBXQ0fvMfdypyVaoMl9CTzUN2CUlqmH9iIXzjAb6hNWpKBeQGje8ecLM7J8G_lcY8UYQEx_6p2Wy36UXGvv0gvk2sA6BMv2BBzUSzqYMRfKbXmmW1TWuKOFQKbFG8UacDDiwDMv38Pm4mtZbQSRkGD0qv_1A1jC9mv2sbs6dsIK1U7Y9Lc0M6hC3eFMpxPgbw6My1-iZuklSlCFZmz5dtg-Hl5is9xKlt-0pvmkQtALQjFzRN8fbB8rsXvIYaPgVxp_V_sAtVY1GnrnVaGrVo1pechIDpYlZJk0lTOfL5MjUFy3l1w26SQt8ViEI7fBxtCNqF51wi7zmxYQLb7J3rBxO5mQYhuy8miFJd0D4sts9mbPw6EN-b40rmUyJ3q-by1_yH7p5pNQMDsGMHrXozeLSptMnu_BcnXR8KjkYQDhzs7-wPOcLlMkIdC3pHwoZxW8jMwUAY-QiVrpUyh5HBb8rs8DIkeKU_wR5upnPpGjtfHdhG0pd_qNHn11Ktox43xwVoKKIXevRfk2wNbZwdyk-3I47bbkAmlB-9VOhWrUSypYy5XC3IudiRwAMv3Dg_daJdp4ko26AZipaZYIChOr660aL3EqFAyKobK1zKZvp5GvG-f-Cg9wRKe_3N74ldyltx9jDtGhM21cv6Nux8Tx7J_1U2bPuDDhPiQeDl0Obsm2sRELNxg8YUxsiMD0oYHNnaZwz547AYxz3QAFLdmgXXEqTcjWGjigKojP2X-o_cOUgeHbJj6_hsoNzh-xlTs-Ri776mW1anwILLmS-G8rtU0LqF7lc7ITFOnUpYNOVMSJaTHnmzV-KkCNuUQA0BIsgikuEG1QbcrassM7Ymngz8EmycGeposFXDFEU1ggxrWJbJA46E58Cdprhm4akTIMDEoDpxB87L7AYqXENwOrjUH-VGNUjOFjb8Yob0IGDR5veHsfODJujfNhDyUfDrBWvcA1x-gKqZDzEd5lDmJFBtYnCOSNhfAZHWsxGVd_kgHYK6TnfyBhfnNuh78sNpJeUVI3_pIXqojAf2e2mYDz4UmpefFBtN1QQQP956Ia7EfeTVbhgBFCMjxIkzpmfeKp1NJl2NAVIMCqB5SjlWJdANztkcX0Is-Y_uADUzfeOHTBkUu84dMOVsbCVSZcK-ud-V2nIj3-4evuHj3wCvdGLfhq85-0QnG1k9FdJa3oVli88iI-qoBfjaUGYSlR8bEsPqu47R5tZcfl-6aASGPZpPgX2lzSzmKC4lYxU5EDy9-F-BOHRXCuSNVaL4yaYYee9Blzndu_PLB7BwWitbZmczSonhOE1ZKNquDkjSF109NvcEPTAgrEzVOv7n0XU6fCzCN2wZXtVy7yhe-92D5t8_nvZ1xPKtHjnmwlGpi3iMa6iVTZOXTIiRQx2uyNZXm5MVj0NkFPP90-SjVLSx0B3QJSZKm4UsTunSKC9ESg56Z-QvHd69SonzvRzsM2POgNTTuIubHvCne308FB8-WSx-h64url9jXVuL8sfKxEmYuDmYoPlDYN4W848UkSaz99ctOiMeNDFCsGBfwDGfHlU7fdFI16i8C73Tgg7xfiu002ugZZu3YrQ7j6wFidAWgB14xse1TElb8rCKMkwaypQz_ml3RtbKcoy9HIWKwms36de4-Qrqwog3iPxhIkH_Y2r-BUljOZwO_Q-ForGL0wiqtRANEb6ISqcOizDgSSopkJMK2OdAQ_HBGWODP6y-8ucMA2El4PLJQkkJTnewbGCsoVNRCYLwZN4ilWI8_LUMrFvXbXfD-lOBLtvwKvjmnOSQuIKoUjF8M34In0mHm7iApazoY-K_fxZF7GxI3k3tF1CseIhu5FfaAEL7gCZqI_WedqwJn_fAHuGfxBdZILrbds2BfwTLWWO5-AdhdokhUj0Mjrdl-z9zjoz3ZNQinBWljQG6ITpMKaQpAz4hjUDk_agfK0Cz0rOZz4pUHEFMdkFChJEJ4EnrkLNMG2R7gp_vMUhYATABLDXNo7cQkIG46N3dbIZF7Ut9jQ5KhAD_mdXwBAK4YWXHHtZfbgh9otFVNHktUR09G_B5BKszgGM5bu9ZDACMHehdRMZzzJI63nmIzDVSwM4HgAnqOgxGt7g2MtE_TsjdQjV4DH8U5illcsDqWWjjJLr_5csl-IUrv0DjldiwLIL5i4DnQUkxlfIJgu6QXrtMeYaYxVddtQUY8QttkoYsRYgJlyBMhpEOW74UyDLqOd_xOdFIh34Asa75_-yQzdpNhVbeXtIphuVUmtNKp8kfVzJ8rKm4kxU1Mj-l0OSJ_T3kOmemB2x1mm_D9_ffpjGKz147c7UFGxxvxf-NncGv5j0pJcSC4XBb0pnEGrZdHauie4ufy9eNmr5A6FvbyMJj4O8kepu6HTB9JWOKzOucIonCrKEXeINmo1Ngha_SY59E4DSqMdxfsiMQTaV0Fgg6vl3SNfPaPQ2MN8Kr4wGPoU_8GDXcxhVMFnP7Ue6_A2MX3r3U3YUCnwSk_-1d0rBRGwEjpw5eHz1DhZ6zjBXKvUz-GKnyuYP06h5lLQFzJzBtcywP8UZZNt1bjABHDx4fGTdfAAaxsblqPft73LHmRMW4QXC6tVDuA0yU-oSxvWZRbmCr8VbRoi4pK4UnLhRXzXFwasqXlMDtpcDrV3mspjseXdQ-lbLJPvrPlFPG4xIued0gQf9zW3-wh7h0Q8Vh3ydufo5becNF1dGoXQN1HDUsE6IoI1kPFaULJx83FRVRAV4sEIt1nKpL6KAbN9OPdEay47-BsdcmbmbS0RMwt3QyFY9guwMircF0s6sSvgYJzlYvC4ykW6IDIpxEfmQytVQcDThuP8RAT2lJruIsahM774HfSo2qVeJ_1zd91-VRXAD9qvt3vyOz03Qh3m6UEyzrXkEkkHNoSD-aHKhiRcGEsfI_cUD3WTu8j_7l_xEz13CTIp8gtR3QJBK__kQbwi3QSUQU9594Q1YiXt-2dBe21veCDC0yzvyVOv2Pyy9j_7hlqM19u_oN8zgTlXNffrCe8qBUyQjgfDKoiaiAD_vpnV4rXdw&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in%2F&ds=l&xdt=1&iif=1&cor=18239050664558463000&adk=2004672170&idt=196&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7ded872a4a073138224de64d20e56f070b847124a2043e5e0022b38132f01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16938
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
215 B 120ms
119ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39YbFI,pingTime:0,time:1058,type:pf,im:%7Bpci:%7Btdr:1010%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:19%7D,%7Bpiv:100,vs:i,r:,t:1058%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1058,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,0~100%5D,as:%5B1051~320.50%5D%7D%7D,%7Bsl:i,t:1058,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1051~0,0~100%5D,as:%5B1051~320.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:123,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:205%7D&br=c
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C08 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4414613799926&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C08 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4414613799926&version=m202301230201&ct=77&x=1&cor=14022020427558167000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0C08 28 KB
17 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcxVHwr9qvIdzG3aociqfgPryIXC6t9qTueqJ6A7ONlFLEX-ghg9PMHOnT86SdP_yarWa7DLgPqXJyAzEZSFWPY5KmAgc_wnqbheoeB9Gt49Sy63ZAeHij49I4ZwcDQmVJnbrgKDY-ZobjcubRe_qO4YYZneC7fWZrwZl68l8SnFBcAGU&cry=1&dbm_d=AKAmf-D48kbm7jFkkgmUdg-eBjGRF5XDtLj-Fg9zIl0azICywUxvjHRxjAq75QynB_QCmOTiFyfWt0_5YZ4NKUK8o2XG3xC8HEjLCyfvxTN5FK47u96u0W2fp8LGXc2iCvNpHAHDR2A5Wy6wW0EtRcGckhVqJDpin8zQyXMo1Mggt0DCYpiZZcbNz4bDVwSmbkcKXR9Ol9zPM91joJNqxaEXN6vWL7RUcwPXG7DI4VjJZn-CNPKFXBBgzPN51XNZdjHWbWB7P2HJbFUfZ_jwWA53veT4Yhvuy_YHbTtys6iF9_OxYCnKanpHfQaUK9Mp-8oDdUVJ4V0pMnRQTR92838Ux9h03qY8T7ddqD66Onp74K56ckykpB9koR2FwIc1avz0shdWlVMdN3Qo8grcSRlOvYWkYbOcvZ2hTyQ2Mr5We0IAzpHqe8_tOybHOPNmuBG34t3IQhxafIh0m8IBrOCTdZ76NzGdnV3PRnE8aNu_4chytTqFFieUzMg3nPOF7I9lNJBfLsB1GdzWPTTo9m2-qQ6fC68GYSxVJASx1vdVS_NPsvwmwrdTWQISRGJNHjw6_T5GdZiAOVh7UMu78FonXT9h-ShLCI9oLksuOpHLsWlDnf9XAtPVu6Jqo_h9-I_Bthl-G_W0GkJOZ0UmIh_ULX8icZNeMgcuStZ9biHgeMkPBR9nx6DTIsBLHqwmKyGLXj67pRNILr6tFhjWDrWSiZDdplLMC4euXJujZy7m1lRIzd_Dnc00y16bWzy8qiyJAVLY2lpO_xzyJu67Z1hlufVZFaR1QOTa_qLRCNrlCkua_us0LsZjHLExVTOkkWX4BGk9_QNCTe3xzjYdI94dPyjEjkmnbC4u7SEkKzXfx-sLNZ2PcP1Ju5bWsltb4uaCb-mtRl6_ks_BU15tDCqi0vpg7XH25PGd1H9NSAPM4JwtI9VrC_RjYKyBRraZ4q7-Q4uu-WSrqMTrz-hmnIOXUpO2lIXPAFF15-EmnWT2lz6i2NG-ANj0dyUx2dDTXJ8u01cnHYDtIE5s_yFyidrTFKgsVEVWujWJ_yqe8-9j1it9DZiU_QJT1PusAlC59hxiJvvKWnfkVM4v2J_qurDLgtaBA1WC8JOLGHN9QL6cf6uNC9A7iN6BXwtPVi9EC6GFE6nfo6JsbswPtXDJg0oyrwpETYJFLSRKCsku-Rx_2_tQdvKHQZYXbBih6W68K_CW_IGPi6ouEP3V28iQX3KifXIlwS03BA0GKInYsbr80g2GCqgL2qfqo4IFklxk99g8TzfPk_08osSf8_N9RRxXYGVNduRIXnSBM9yJdD3KwxcpfBt6EMSibqt0rJgO-b4V3E1dlci7gD0avg3ZG3ETZyn58GoAsOzNIYUYtk_p5lTiVTRJHVnp0FyJWsJ9HxUfgSdLfsenglIrcffSQS4i5AFsbSSiamZSbXmeiL8qmGswnPN-Jtzq1lQE-fMPrsA3v0PciW6YlnPqVnqUXDqH2F4ab3TkB8aKpc2K9rlOaEAJitHZ_8VAwwXZ3mWgWI05U7mUy1q-H6PulFvZz2HMAzv9nWNBvseqY9EK4fl5Ct4JeDFhUpAIzzXnZ2b3t50-WW0Nv6gjCFAPCzBltw_Uk5X3H5jbP0huhiRon3Hsl-9RT0_aegd0YOXZ0DZiAJxEyO_jojRbxzbjZOnDfNhpePD2aBEpjYIWn9XuUv6r07ck80zBqB-b1otTdsqzinwkUqJW-4Hg90A9d9q4A_uh3PASg3yiv3Yr4lAtu8k2iiyy_yhmxgF6LKfUG7-i32a4tkKrHu54sFAAAHYO_sknyhU1eduTchxJxqOdBhbN1GN0CZ9b36ztBD-pQVb2j9fuPEbrTqKrkchYkLozjQHy3S29C3kU7cTWUkWpGyT819_TbSRwQsNUht_9bZi5J1oQBbT7iUnDcGUV4PMzjnP-Cf5s_Om9sBtTYrr7iyQCuh2GwaI5LBeKGVPSiro8m_ifgkX7noGzQEB7vaKGvlfMQ3vE27Pv4FjISaVCuSPUmmbfHe4CFv8DWA12h2iV19WfTp6nxkR46rPWI9GxuXRmdYUun3IXcU4Qt4PjDE67xuJVYMJBaOtlDLnxkldU5QskBLoV43ElKvH0RIgYMgj56Gui4FlaC6BkLQojilAAGUWHLmtncKZuXt0u5VDL_aOG8hXP8pNXuQtgSjLQOE_c9gUnZP7eClZIuHOb_FBl8eupCH51z2um0vroy23qfk8ZdhDk6UXdnPQNjAbidFqTzue8hR05tvMd0A0XGUktPt6yZMSrTHwbn-3SxbNNVn-bS-OSoXluBAnl_W06OtQNVAayOK2TyBor0c13CYOQApJRJ6bqAQqmFkOkInS9A5JBs2zJyqjZY1vofXQd5PY6LPLdeURrvWK4KA6DyrPeUn_LPdDDg5MC52Vbf04ZmSBEoTxadd9L_ABXlf7PVlW0SvYHKbanBnd7BtfnPeCT2nKoQ-a-jewX-sUwwyRPXjEAE97CfxasSrHxkd7QznT0SyDhcG0LTISap-eOIOaPNmPVN0Vmd4XTACTy3qmCe5QRnh2UP8-oOEzOsUYC3XcgT3mC_nEtNu7SdxeJmSce616gs3gvn_DnAeht4l-nVhQKYXUcZy1Gob3kJc-n2A7llrYzv2ehfVB0_Z1Nz4NdtH4ubHVnxjZT6f2wOHrRIbZ32jX9o40i3puno0mnFFhQTqrSDKYpKbNU5U2yKSML4XVzJ4C45x5sn0HyEO-bSGsPmatPdL7_5Co3mpNElC-UtuIiknKUhNI-DFfMCBtL4WxuiRtD9lJQ8aSSKEF-EcwzGKv9Xm2OJv8MwzER31WcbNy17KDMxgCStJnqi7IgcJLmxkP1LQZ5kYVKUk0WQP3EVYCBSBIRZj-s6d7PU4AHx4GbRHEQhRTza01D2u-Q1PvxEg-8pj6lbRmXkC28edYoK95MY_w3zYgpjhCa8YH9jyD94Y0A7SxDs89xP8mDsISO6-b5cOD0IYBYS8aDfYDw7zkYYaH1YpIPNS6tLBbYzWEzJ1eqYrJzdWRaWOVFikLT2lwnaSm1Ed-iyAK5slHGkdAZWCSJ3oAopoyvOtumwqXbCrf82HDJYblg-b7dshPHp8p4MHBPS3b0Sc121uh7fB8C7GIGvneOSVW390Ixzpfzd9bbtiHw-nRjuYF9-Xaiycv6mjvK3RYRZJa9mz0hmUJm7Jz8nn0aLLraOJPTxrSjSGmsnTkYwSGNgsL4ik6nhNh9BkIy-AjQ2DG_PRXVIKqMdu6AL_x4f80Hnb55f8lpUASZ0Q-m4A7hm7mQqFjGQw0zr44UPOKN7n-4wetVcjPcg1fWlX0CJ2BQc-ue7MR2aqYdtiIKfmjyCCL_mi5tdyYfv4o-cL-ZjRtSAZXkWn6Qwy08DnBEmxqeGmH07uG904UnZiHH4kApS3RBaU1sMRAK6vPO7q2pLG_QoT3q4E3Z9S8QKlpLuZSxPXo7-Ok2Hbyq61AO4W8_8sRt3ZmS-4HzTGPiIHaW48oDRI8YmvvDVmtC&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in%2F&ds=l&xdt=1&iif=1&cor=14022020427558167000&adk=792902355&idt=260&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39a8443412f881d4a9c80031acf9acc36195956908203dd6671e47f91cf64e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16912
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3042 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8170127706121&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3042 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8170127706121&version=m202301230201&ct=132&x=1&cor=1645245059392796000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3042 83 KB
35 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ7temx4-OrdH6JdVxVs6oaLxiFa5HEAVw4p3SukMAH-lk6OinLqmsQnh1YgnxhDWADzGk7nJfM0d7YFyS5d5pyImWMYT_QT3ZNaBNNloYTIJ9H9JhrwTKIWI0WWy4PLhVWiLmTrt_KEeJpBpuUrxpnyF7StKY5DK1dpGeWbd4Ti-42-NM6hZ1Oj92CsnG-1lICh5-&cry=1&dbm_d=AKAmf-AsQxrH4OXRKUEdFhRcfgy2QAjX3Jx8v9WvIDtp2nKdIIMAqd7oivbYOT4og187ccevRxaDiJKql3OjSnjIHncrysKq5iADCIq1Y2D79ejEyLoVTGwxeUxZQKBb7PwePOxATwMlFtSAFHu8FCxFFUYYGbTx5Q-dDePeyziVvLP0fyvG3KDBnVLIYv6JlP7tsM4it959ShpGCjSzMdUtoHOLUqlpBX8BNfae8vq0sRMdVW9HOjemMlWp3RTXXMd5on08vHjDbhXyJGUITWW6p86GSBGYcBpNRSqjzggqojXJh0Qv6Zo9PtHJZ-omK-ifaTzH07HbzPP2J4oKzgbSKDWJDkvnJsBlvZ8GMk6Gpr2uf0z3ISwldyVflBj45Dgl9jt5T6XcqfKuwRnmw0wCWrHbyJh4dSF5EkX2UjtxdOhDz8XnTHWxwsWYRVIK_OgXbovY6JpJNJWjIfKQC3UZgujaTPIc05SYzUms61a7Hy5V9wQU3u7aftYQDevMHBmog5goSR2LjRxambz5QUEoUq-dJLNS0m1xPcgPe4ZhW_UPb2UTnuJSgYRkytLl0kbbHaiVExmk6r6KmKK8oJvVipuqBvUiRuyCXO95GjF4fIC1Nd3VQtVaemi_m9GmEBRSriJVjQBq6WiCiA3FHceUdVedrGdWOpXK9ui0oGqKQRpjEj96U6qKr0-L9rPw-4TpiTKsAtiCl0KC_06mUl1kOLthswMskCYm8pE5trnft37z38xBSQh-9LubV0RPUVHLQXup6nmfPUJiMv25qq40O_s8XycYmD4MZcVpWtlps7xBWfg1TokXv9NBS1jlF0GTxiTgzzzTFm_OxIDFt5BJ2ltbLFHqaXXa7O_YBl5-TbjL9cd0fg2SAklM_q6Kr4xcq6fQREuGILLT4ekuLCjHDtncZdSd5wa_e9F302bPJO6V4xXnWxUJiMxjd4AA50L9qT2YXcHL3DKHjN2PKf5EWEgNoku7ABs54IEzCCHQPT-Htq1mOKOrLpu7XzJtRt2t7NjqE_wxTFJj8oYnFWOdlXspbssE4MljW_2dS-Bz94LcWjcWegkOOaz6gcyKcklYVmZApnfTTRUI6JOkefNe2YJY7K5xfRgdvQ9v4nYs2UaNmoWzKhCe9PbMMGyw82c9k6OuAjcKby1qvfXwOOoqsE7dQWDdLsQgPJKdRLd3v5-4Hab69_gMqf5DwFl8q9K6u9fOFBgVVpoaDdzvdl7LxOJb-lHBCjvGTbvoXcsuL1c88yuuA--f40nyJeqHgAs0lm9f1eD4V7PN4-KrV5DC7IJsObMm6xCVXD-mXcdaHAvgVuh8sTTHZz-EPdoBvLJwodsd92KjCkGo39DuzviTTQW2C4_Eir5mjEsmjh3BzbqyUGfcb9goUywyNHv7y26Va73lSnGSIeFKyGqFoiRGnDHKvO1p6mjwQuyOKOzktONjYgAT3joExGvMTufKRWL97FxS_scRepGw_VzVp7FigTSaBIjs7yLG6PSLbWZebuV0jdKF7ECtM15ucl1jMBhtwiXAkPtBkgOMKjVzSbylyjw5842usKz0IhL6wzWsgu7XhmA_6GotNRJxYNBrSbJYMehsloI9XvqArqp_4Y7WmUm_A7ArpemWyW-b4C8zO5KpbP-Kn_xa9DBtN2d6GYPfFB_mrtgj3rbw25yyJONDv6E5n6_HcJuq40nuqFuSbDhf0mkvIXrw-A6awX-UjfHgCS9cMgc8NfK90SP7F6LCXKqAa9RdqrGIwioE4ae2FXaEYbCafBdJGIr2P6zPRqipFW4S_P6qkKWiJSdNpe-Z7UCUH27dkeRLK37kGOmy8Xvs2Ne5fDBu7mX5sQ7xRh_zk6xhkwuW2rnSsElK24HdZxUV1fWxmvA_UF8iDbQlTVYOwxnhCr2YI5fz3sxnnnrKfWp0SAgIY4GuAHYhRJn1HK7pg_Mw5I8Y3UadPE0EwHlJpRFZk-x14wB2Qch8868LF5tS39-3lS1hwNybTFlPqc88UshE9kyB4cp-E_dAp7uBuEGA-_RhIiKXX4_J8xJGI-Qu5Ct7J8o3AKnZvP8YPqf5hwR0wourfqjEaaaeeah-uEKfRjm-4QOmmYMfn6t95NCVd-KBZgTnHqf7bd5vs7JwFde9TeI28KwWPTODljVTy1i5knpNuUJbRcYSqeXo9KzKtwerHrOep3qdeFAkDt2Me6Tkg6KExBqoKIMsdTTevPGxZ67N-R6EaubFb7b3kjfmfm4BpcNgpFtmhzubSjU_3eW3reS7_RoiZreWECng2xOcRL9CcjebKetJnK47abSp2b1Eh2YX6AsSB6o760zWaBgg8Z41n2NYbPYd7eRbXNYwBTJp3EuVUCWnnIdO11ZTFTe0VMITZjs5zbvAZ_CH-5XEwWiuSqDXVzxe-1d4wryZpTIjqiEmPyAU0YDJeBkKXLv7r6UQviC9sKu1uVrkNj3HFCG0nNR7zt94YZeZIAuoIdodtCMR4y6ZUVT6ukuENi6Pavd7Irnsao88uD6LTzd7W8gFOVNz1CIzeSXSe4WO4m_1QSxlpi-jjwLQVIKLjOxaszKPjpbY-gayZAzcSaA2KV5GEqckgytY8j9Ilpb8Be1boalrCwHJ640ShS_zbovbhlrzhlfrWaBPAn2k_lTSo6jN6jRpqCcMiqWlmbFlbkhZn2h8p_j-mHvRK7NdN1Cdc67bRj158_26jX3SsuY4mpe16fkSeun_bvq7B7heE1sg7WwQdxdZXpwYzDLeGKJjybfQhCWswIg0i5qomii7mGBDoa4s1Tv5TERpl4prOr5jUzRWdls5XKm-pvnVWtOdCDInPKEA6wWIVXukXYaNDClhx_OLtvO-8t5Ar2bl4OInOFtevGadLvsMZgFwMH4qru4ObXgAM2DQ7Wt64uNWtULpIIg79UhGHq0093WZndoCkxHgNQAgnO_oiKx8N84ROJpuLT-vRLV77IPExx-vOgZUpsNrVb54Yc0QMXm_YLl-quDSqu1xTe54lzaSqALTKvr-nG9Ekg9ZL5ANs3oTc54tjq7AtCYYsdRmDAhxxx8jKS0brInrikm7gLiEZe8ZDKwvzcnPHHGHQzBZzgq97pxpJe9SjzzR9QGGJM_iMPvhXTPMmWueBZVmPTLrVazzOW1pEX29Hw0-1ImdkNOcI1ElPknj0SlwKzLca3O6H5yC_PK0lQ2JKAic71MGk77z43Y-bG2hzPx8bu2UXnxlo2cWl2JeAWH9mMV8Gbsxo01XX1OsY_H1HLhZOqOWdCYZiFdVSJfilV34ZWjPCd42wUPtAL08VVvaIqD1DUnFa_aR5eoMuC4nhgVGu7L8L56DohRb3S3ZbpZr1g-rkIVao1p67keV3Rg7_ijijmJ1mDXyOHPLlNs-vxTBTOQerOsVPp3h5R1eBuvuP8F5AZEDcfzLpMfNcLwo8-kmpagP2gj0t17FILRi4xu7I4JluOWYs_WaHChEHiAZJH6neVgmK4_TvUfVZEb56SdUiBAI682ZNJi-9cmaXe5IK97i5wriKbrd2Jmc32ubZ__n_fCwr0t81uVSKs-TryCfTuq9hLAxlmDwHEZfAZXmscF5b7vPSaRSzwQn5U8-Qr5LKZ8PGOw2jzYm8Ch50Lqzw9Ys8PO6Iud5zC9zj4-J4FsszKFEuB8vcG_ghQbSq8uFxbhsWIVtvAnBaG70dP2x7BxX_PS0Qf7c4POFc5b-djOAMcl-NjJE-aJcCZ8WcyCjPuBFsyLUYECgvU0FiyOVmc6mo6u4hC1RRDMdBcY3llZAFfPNpLTFi1wa3pm1aCMwvqr7PT_LfLHbvAkbkzD6JpGi8IQqF5wXdZ3XeIfG9DX3GZD06Nl18HtrNEiBN3aKeXRNkA&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in%2F&ds=l&xdt=1&iif=1&cor=1645245059392796000&adk=2265872549&idt=218&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ade9dff20302eb2ca425ad1f043d84d53cf3ca20d645a37a6331a58552264274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35410
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B53B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=irctc.co.in&sn=ChromeSyncframe&so=0&topUrl=www.irctc.co.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=aZypfnxqenpJS29LamVVcG8wd1lkZkE2ZzZwMk40K1VKZDRuT0FTRWZvbU5IditqOXpqWDNJL1RnaHJ4bWROcnE2V25NamFTb3QrWnhYR2Y2MWNVUTlESm5FTHpmYkoyZzY0S2o3WE5ScmlCNTREdkhhOWNZVG91M0kwS2...

419 B
645 B

247ms
43ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aZypfnxqenpJS29LamVVcG8wd1lkZkE2ZzZwMk40K1VKZDRuT0FTRWZvbU5IditqOXpqWDNJL1RnaHJ4bWROcnE2V25NamFTb3QrWnhYR2Y2MWNVUTlESm5FTHpmYkoyZzY0S2o3WE5ScmlCNTREdkhhOWNZVG91M0kwS291N01QS0NpdnJ1cUthbFRmdGdIaStnQm40YjlWZm0zZzduMWhkUzNVRHJFVTM3ZzdyckIwUzhPQy9pd3llaG82RUJGM216UDBoLzRidDBWOWN0d0dUWldJMWQrSmNZSEg1QjhKdllqQUNaK2YyK2gxTjN1b3RCYUU3RTh2THdWeldWZ2NPWkZRN096YWU5NlR1OU9QczVrSVNDMzRydz09fA&cppv=2

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

73d6d939b9d2cc8266e8269372f620c4be69b824ad356919d3c7e527d072d4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2666083
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=aZypfnxqenpJS29LamVVcG8wd1lkZkE2ZzZwMk40K1VKZDRuT0FTRWZvbU5IditqOXpqWDNJL1RnaHJ4bWROcnE2V25NamFTb3QrWnhYR2Y2MWNVUTlESm5FTHpmYkoyZzY0S2o3WE5ScmlCNTREdkhhOWNZVG91M0kwS291N01QS0NpdnJ1cUthbFRmdGdIaStnQm40YjlWZm0zZzduMWhkUzNVRHJFVTM3ZzdyckIwUzhPQy9pd3llaG82RUJGM216UDBoLzRidDBWOWN0d0dUWldJMWQrSmNZSEg1QjhKdllqQUNaK2YyK2gxTjN1b3RCYUU3RTh2THdWeldWZ2NPWkZRN096YWU5NlR1OU9QczVrSVNDMzRydz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 478466
content-length: 0
expires: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame ACE9 28 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1G8zPUN8n6Ok65NZUZW07Sc4z576k2hN-k7IUmwrAKHXf-jM2Q4jKikKsAA6tMalE-KDaUQsK5hr5KbHRnT-TMt5BHTzUKpAUPTZrZaZc_7FEwUqe-BjOmICo8-QX-VVUyKkX6qyCvlxUaDHiFCcvPEVbTKUBpNu6lVEuzZdLVq2x3x4&cry=1&dbm_d=AKAmf-BLKtb1c-aKEOuxDimWvb92zY3xHZ3Du22g6z8vn83fHN3IoXv3AoNzG_aP4XGx6bqUyTyd6tCsT9bw-KqY7mJtZdrvDeJwljKmNa1tEn_9blI1uevVMu9uMO9rbO8djWxlLHo2eRHzhfVkVqOufhk_ZAui3fsvHbWWM9UScLKqPie7j8d835UT8i-KYW-xLp6RYIt8LyOuHOSaQ0sYzkgAyk1ZgoE-aNvtGcRagWDYZNG3QnSiPYRXpL1Ks10uV-oVDQNJrdNMjFfhiiZnDA0rHKkW2uUGgm7m_4i5m8zBt1JuhlJY78aujzXHtuBqWNyZ2PfahSyf8-jxeli0tmhmUUhW7lpFd4luPk7_QIihIR7h00uBXQ0fvMfdypyVaoMl9CTzUN2CUlqmH9iIXzjAb6hNWpKBeQGje8ecLM7J8G_lcY8UYQEx_6p2Wy36UXGvv0gvk2sA6BMv2BBzUSzqYMRfKbXmmW1TWuKOFQKbFG8UacDDiwDMv38Pm4mtZbQSRkGD0qv_1A1jC9mv2sbs6dsIK1U7Y9Lc0M6hC3eFMpxPgbw6My1-iZuklSlCFZmz5dtg-Hl5is9xKlt-0pvmkQtALQjFzRN8fbB8rsXvIYaPgVxp_V_sAtVY1GnrnVaGrVo1pechIDpYlZJk0lTOfL5MjUFy3l1w26SQt8ViEI7fBxtCNqF51wi7zmxYQLb7J3rBxO5mQYhuy8miFJd0D4sts9mbPw6EN-b40rmUyJ3q-by1_yH7p5pNQMDsGMHrXozeLSptMnu_BcnXR8KjkYQDhzs7-wPOcLlMkIdC3pHwoZxW8jMwUAY-QiVrpUyh5HBb8rs8DIkeKU_wR5upnPpGjtfHdhG0pd_qNHn11Ktox43xwVoKKIXevRfk2wNbZwdyk-3I47bbkAmlB-9VOhWrUSypYy5XC3IudiRwAMv3Dg_daJdp4ko26AZipaZYIChOr660aL3EqFAyKobK1zKZvp5GvG-f-Cg9wRKe_3N74ldyltx9jDtGhM21cv6Nux8Tx7J_1U2bPuDDhPiQeDl0Obsm2sRELNxg8YUxsiMD0oYHNnaZwz547AYxz3QAFLdmgXXEqTcjWGjigKojP2X-o_cOUgeHbJj6_hsoNzh-xlTs-Ri776mW1anwILLmS-G8rtU0LqF7lc7ITFOnUpYNOVMSJaTHnmzV-KkCNuUQA0BIsgikuEG1QbcrassM7Ymngz8EmycGeposFXDFEU1ggxrWJbJA46E58Cdprhm4akTIMDEoDpxB87L7AYqXENwOrjUH-VGNUjOFjb8Yob0IGDR5veHsfODJujfNhDyUfDrBWvcA1x-gKqZDzEd5lDmJFBtYnCOSNhfAZHWsxGVd_kgHYK6TnfyBhfnNuh78sNpJeUVI3_pIXqojAf2e2mYDz4UmpefFBtN1QQQP956Ia7EfeTVbhgBFCMjxIkzpmfeKp1NJl2NAVIMCqB5SjlWJdANztkcX0Is-Y_uADUzfeOHTBkUu84dMOVsbCVSZcK-ud-V2nIj3-4evuHj3wCvdGLfhq85-0QnG1k9FdJa3oVli88iI-qoBfjaUGYSlR8bEsPqu47R5tZcfl-6aASGPZpPgX2lzSzmKC4lYxU5EDy9-F-BOHRXCuSNVaL4yaYYee9Blzndu_PLB7BwWitbZmczSonhOE1ZKNquDkjSF109NvcEPTAgrEzVOv7n0XU6fCzCN2wZXtVy7yhe-92D5t8_nvZ1xPKtHjnmwlGpi3iMa6iVTZOXTIiRQx2uyNZXm5MVj0NkFPP90-SjVLSx0B3QJSZKm4UsTunSKC9ESg56Z-QvHd69SonzvRzsM2POgNTTuIubHvCne308FB8-WSx-h64url9jXVuL8sfKxEmYuDmYoPlDYN4W848UkSaz99ctOiMeNDFCsGBfwDGfHlU7fdFI16i8C73Tgg7xfiu002ugZZu3YrQ7j6wFidAWgB14xse1TElb8rCKMkwaypQz_ml3RtbKcoy9HIWKwms36de4-Qrqwog3iPxhIkH_Y2r-BUljOZwO_Q-ForGL0wiqtRANEb6ISqcOizDgSSopkJMK2OdAQ_HBGWODP6y-8ucMA2El4PLJQkkJTnewbGCsoVNRCYLwZN4ilWI8_LUMrFvXbXfD-lOBLtvwKvjmnOSQuIKoUjF8M34In0mHm7iApazoY-K_fxZF7GxI3k3tF1CseIhu5FfaAEL7gCZqI_WedqwJn_fAHuGfxBdZILrbds2BfwTLWWO5-AdhdokhUj0Mjrdl-z9zjoz3ZNQinBWljQG6ITpMKaQpAz4hjUDk_agfK0Cz0rOZz4pUHEFMdkFChJEJ4EnrkLNMG2R7gp_vMUhYATABLDXNo7cQkIG46N3dbIZF7Ut9jQ5KhAD_mdXwBAK4YWXHHtZfbgh9otFVNHktUR09G_B5BKszgGM5bu9ZDACMHehdRMZzzJI63nmIzDVSwM4HgAnqOgxGt7g2MtE_TsjdQjV4DH8U5illcsDqWWjjJLr_5csl-IUrv0DjldiwLIL5i4DnQUkxlfIJgu6QXrtMeYaYxVddtQUY8QttkoYsRYgJlyBMhpEOW74UyDLqOd_xOdFIh34Asa75_-yQzdpNhVbeXtIphuVUmtNKp8kfVzJ8rKm4kxU1Mj-l0OSJ_T3kOmemB2x1mm_D9_ffpjGKz147c7UFGxxvxf-NncGv5j0pJcSC4XBb0pnEGrZdHauie4ufy9eNmr5A6FvbyMJj4O8kepu6HTB9JWOKzOucIonCrKEXeINmo1Ngha_SY59E4DSqMdxfsiMQTaV0Fgg6vl3SNfPaPQ2MN8Kr4wGPoU_8GDXcxhVMFnP7Ue6_A2MX3r3U3YUCnwSk_-1d0rBRGwEjpw5eHz1DhZ6zjBXKvUz-GKnyuYP06h5lLQFzJzBtcywP8UZZNt1bjABHDx4fGTdfAAaxsblqPft73LHmRMW4QXC6tVDuA0yU-oSxvWZRbmCr8VbRoi4pK4UnLhRXzXFwasqXlMDtpcDrV3mspjseXdQ-lbLJPvrPlFPG4xIued0gQf9zW3-wh7h0Q8Vh3ydufo5becNF1dGoXQN1HDUsE6IoI1kPFaULJx83FRVRAV4sEIt1nKpL6KAbN9OPdEay47-BsdcmbmbS0RMwt3QyFY9guwMircF0s6sSvgYJzlYvC4ykW6IDIpxEfmQytVQcDThuP8RAT2lJruIsahM774HfSo2qVeJ_1zd91-VRXAD9qvt3vyOz03Qh3m6UEyzrXkEkkHNoSD-aHKhiRcGEsfI_cUD3WTu8j_7l_xEz13CTIp8gtR3QJBK__kQbwi3QSUQU9594Q1YiXt-2dBe21veCDC0yzvyVOv2Pyy9j_7hlqM19u_oN8zgTlXNffrCe8qBUyQjgfDKoiaiAD_vpnV4rXdw&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in%2F&ds=l&xdt=1&iif=1&cor=18239050664558463000&adk=2004672170&idt=196&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:43:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ACE9 41 KB
15 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 0C08 28 KB
11 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcxVHwr9qvIdzG3aociqfgPryIXC6t9qTueqJ6A7ONlFLEX-ghg9PMHOnT86SdP_yarWa7DLgPqXJyAzEZSFWPY5KmAgc_wnqbheoeB9Gt49Sy63ZAeHij49I4ZwcDQmVJnbrgKDY-ZobjcubRe_qO4YYZneC7fWZrwZl68l8SnFBcAGU&cry=1&dbm_d=AKAmf-D48kbm7jFkkgmUdg-eBjGRF5XDtLj-Fg9zIl0azICywUxvjHRxjAq75QynB_QCmOTiFyfWt0_5YZ4NKUK8o2XG3xC8HEjLCyfvxTN5FK47u96u0W2fp8LGXc2iCvNpHAHDR2A5Wy6wW0EtRcGckhVqJDpin8zQyXMo1Mggt0DCYpiZZcbNz4bDVwSmbkcKXR9Ol9zPM91joJNqxaEXN6vWL7RUcwPXG7DI4VjJZn-CNPKFXBBgzPN51XNZdjHWbWB7P2HJbFUfZ_jwWA53veT4Yhvuy_YHbTtys6iF9_OxYCnKanpHfQaUK9Mp-8oDdUVJ4V0pMnRQTR92838Ux9h03qY8T7ddqD66Onp74K56ckykpB9koR2FwIc1avz0shdWlVMdN3Qo8grcSRlOvYWkYbOcvZ2hTyQ2Mr5We0IAzpHqe8_tOybHOPNmuBG34t3IQhxafIh0m8IBrOCTdZ76NzGdnV3PRnE8aNu_4chytTqFFieUzMg3nPOF7I9lNJBfLsB1GdzWPTTo9m2-qQ6fC68GYSxVJASx1vdVS_NPsvwmwrdTWQISRGJNHjw6_T5GdZiAOVh7UMu78FonXT9h-ShLCI9oLksuOpHLsWlDnf9XAtPVu6Jqo_h9-I_Bthl-G_W0GkJOZ0UmIh_ULX8icZNeMgcuStZ9biHgeMkPBR9nx6DTIsBLHqwmKyGLXj67pRNILr6tFhjWDrWSiZDdplLMC4euXJujZy7m1lRIzd_Dnc00y16bWzy8qiyJAVLY2lpO_xzyJu67Z1hlufVZFaR1QOTa_qLRCNrlCkua_us0LsZjHLExVTOkkWX4BGk9_QNCTe3xzjYdI94dPyjEjkmnbC4u7SEkKzXfx-sLNZ2PcP1Ju5bWsltb4uaCb-mtRl6_ks_BU15tDCqi0vpg7XH25PGd1H9NSAPM4JwtI9VrC_RjYKyBRraZ4q7-Q4uu-WSrqMTrz-hmnIOXUpO2lIXPAFF15-EmnWT2lz6i2NG-ANj0dyUx2dDTXJ8u01cnHYDtIE5s_yFyidrTFKgsVEVWujWJ_yqe8-9j1it9DZiU_QJT1PusAlC59hxiJvvKWnfkVM4v2J_qurDLgtaBA1WC8JOLGHN9QL6cf6uNC9A7iN6BXwtPVi9EC6GFE6nfo6JsbswPtXDJg0oyrwpETYJFLSRKCsku-Rx_2_tQdvKHQZYXbBih6W68K_CW_IGPi6ouEP3V28iQX3KifXIlwS03BA0GKInYsbr80g2GCqgL2qfqo4IFklxk99g8TzfPk_08osSf8_N9RRxXYGVNduRIXnSBM9yJdD3KwxcpfBt6EMSibqt0rJgO-b4V3E1dlci7gD0avg3ZG3ETZyn58GoAsOzNIYUYtk_p5lTiVTRJHVnp0FyJWsJ9HxUfgSdLfsenglIrcffSQS4i5AFsbSSiamZSbXmeiL8qmGswnPN-Jtzq1lQE-fMPrsA3v0PciW6YlnPqVnqUXDqH2F4ab3TkB8aKpc2K9rlOaEAJitHZ_8VAwwXZ3mWgWI05U7mUy1q-H6PulFvZz2HMAzv9nWNBvseqY9EK4fl5Ct4JeDFhUpAIzzXnZ2b3t50-WW0Nv6gjCFAPCzBltw_Uk5X3H5jbP0huhiRon3Hsl-9RT0_aegd0YOXZ0DZiAJxEyO_jojRbxzbjZOnDfNhpePD2aBEpjYIWn9XuUv6r07ck80zBqB-b1otTdsqzinwkUqJW-4Hg90A9d9q4A_uh3PASg3yiv3Yr4lAtu8k2iiyy_yhmxgF6LKfUG7-i32a4tkKrHu54sFAAAHYO_sknyhU1eduTchxJxqOdBhbN1GN0CZ9b36ztBD-pQVb2j9fuPEbrTqKrkchYkLozjQHy3S29C3kU7cTWUkWpGyT819_TbSRwQsNUht_9bZi5J1oQBbT7iUnDcGUV4PMzjnP-Cf5s_Om9sBtTYrr7iyQCuh2GwaI5LBeKGVPSiro8m_ifgkX7noGzQEB7vaKGvlfMQ3vE27Pv4FjISaVCuSPUmmbfHe4CFv8DWA12h2iV19WfTp6nxkR46rPWI9GxuXRmdYUun3IXcU4Qt4PjDE67xuJVYMJBaOtlDLnxkldU5QskBLoV43ElKvH0RIgYMgj56Gui4FlaC6BkLQojilAAGUWHLmtncKZuXt0u5VDL_aOG8hXP8pNXuQtgSjLQOE_c9gUnZP7eClZIuHOb_FBl8eupCH51z2um0vroy23qfk8ZdhDk6UXdnPQNjAbidFqTzue8hR05tvMd0A0XGUktPt6yZMSrTHwbn-3SxbNNVn-bS-OSoXluBAnl_W06OtQNVAayOK2TyBor0c13CYOQApJRJ6bqAQqmFkOkInS9A5JBs2zJyqjZY1vofXQd5PY6LPLdeURrvWK4KA6DyrPeUn_LPdDDg5MC52Vbf04ZmSBEoTxadd9L_ABXlf7PVlW0SvYHKbanBnd7BtfnPeCT2nKoQ-a-jewX-sUwwyRPXjEAE97CfxasSrHxkd7QznT0SyDhcG0LTISap-eOIOaPNmPVN0Vmd4XTACTy3qmCe5QRnh2UP8-oOEzOsUYC3XcgT3mC_nEtNu7SdxeJmSce616gs3gvn_DnAeht4l-nVhQKYXUcZy1Gob3kJc-n2A7llrYzv2ehfVB0_Z1Nz4NdtH4ubHVnxjZT6f2wOHrRIbZ32jX9o40i3puno0mnFFhQTqrSDKYpKbNU5U2yKSML4XVzJ4C45x5sn0HyEO-bSGsPmatPdL7_5Co3mpNElC-UtuIiknKUhNI-DFfMCBtL4WxuiRtD9lJQ8aSSKEF-EcwzGKv9Xm2OJv8MwzER31WcbNy17KDMxgCStJnqi7IgcJLmxkP1LQZ5kYVKUk0WQP3EVYCBSBIRZj-s6d7PU4AHx4GbRHEQhRTza01D2u-Q1PvxEg-8pj6lbRmXkC28edYoK95MY_w3zYgpjhCa8YH9jyD94Y0A7SxDs89xP8mDsISO6-b5cOD0IYBYS8aDfYDw7zkYYaH1YpIPNS6tLBbYzWEzJ1eqYrJzdWRaWOVFikLT2lwnaSm1Ed-iyAK5slHGkdAZWCSJ3oAopoyvOtumwqXbCrf82HDJYblg-b7dshPHp8p4MHBPS3b0Sc121uh7fB8C7GIGvneOSVW390Ixzpfzd9bbtiHw-nRjuYF9-Xaiycv6mjvK3RYRZJa9mz0hmUJm7Jz8nn0aLLraOJPTxrSjSGmsnTkYwSGNgsL4ik6nhNh9BkIy-AjQ2DG_PRXVIKqMdu6AL_x4f80Hnb55f8lpUASZ0Q-m4A7hm7mQqFjGQw0zr44UPOKN7n-4wetVcjPcg1fWlX0CJ2BQc-ue7MR2aqYdtiIKfmjyCCL_mi5tdyYfv4o-cL-ZjRtSAZXkWn6Qwy08DnBEmxqeGmH07uG904UnZiHH4kApS3RBaU1sMRAK6vPO7q2pLG_QoT3q4E3Z9S8QKlpLuZSxPXo7-Ok2Hbyq61AO4W8_8sRt3ZmS-4HzTGPiIHaW48oDRI8YmvvDVmtC&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in%2F&ds=l&xdt=1&iif=1&cor=14022020427558167000&adk=792902355&idt=260&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:43:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0C08 41 KB
15 KB 62ms
61ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame ACE9 34 KB
16 KB 234ms
80ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61061010;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=468077193&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CR6iGcfzcY4uvFYu5-gbThYZooInMx2vy0_KHqBG1nPW0xAEQASDHzqgjYJXCpoKwB6ABkf7RogPIAQmpAg6oy9JgR7I-qAMBqgSEAk_QvvOPaZ9XwezEDpHjvQkeWnEMy99Mo199Pzu_HstxfXoLR0pKSbEEXyea5snsqwqXF55VV4Eg5bCOmZuSQvH98jJcPd1Xf8JkIiSLMf3pNWE6V1Bu61ntfUQ2h7LOLdAMrQG3kj_8sfppZC8n4570uBdFlGoB1O4wqhf7GGCksug6NCZGr-UFErcMWdfhRUXRRTqY_3FeLUk2eGbnjeSNaDavztnUp6AfS3IfmCS41QZJvqFoobvA9HfDhmWsDY2jNbYS2rF56JNviPaLXmlEmxSygdt4GlzC27ZaxRSlXvRC8wqeQVL6BNusMvXjsBKr8VfZpVzdeap1drHa8HAfMTAIwATu1qrw9QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7aMixLQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&sig=AOD64_1Ai8yJ7WZNSZNoJTG2gGI9NqC65Q&client=ca-pub-6685711026657277&dbm_c=AKAmf-AAi4xXVl6iHDDPG8KZ3XXOTXpYW7XX9uia2ZPccHiRVjVU2se9xdeqhg4v5qvohoKlXf_JUeW1m-UVoUBoJGLMp5xZ15ZYNv2YWzE8ixSE6aoJ_l-7n1sLIri10ug7wIJIS-Z56IY5M6nW4Au_Xe7MVelbuNzFPkakB3KoqUPOxwvrHUk&cry=1&dbm_d=AKAmf-D9hUOqoXsSMoFoHC7RxVE79mkN1kfVTeZVGolpGOL4rU7k_at-_omrLsERPP4yp7lQYE5d8NGMqkDi32rtOaQjqilxv8a5GUd1miAkN_smklYfbjszpVR6uQMaKSFlHaTjRefTw1VZIXcDPpAXWYlI5sZB7DD__nokQ8JGVO6Cz4-Q2DO9Rwcl4MqWQEgaDwZPSKtObrcg4C7a4uxOD7cunMAk4Xn5wTxcTkndHiV8040FwsJuoB1d9kE0Z-V8pCzFnSKTkxK4PdROTeJy6vnI9xfXG2WFCDu1JGY_MlIuqAu9HIKhlcn5gdlsWxt0dxn7bbZKmWpG_NkyI-dQa5WgoD2HRnKjzHmDfcyiyb3-U-rSQ7xiumSpbP9XxzD5UY00nxBA77n9D0D2Kg1msyyopvQlwPKjVwOeXWi5mVhhDqmJfwBB8jPHOurmsTVkaOR9LkJVbYd-GY_k1IyJxsfI4b-T8B7le72hDVD3HVcUDRONmNRZ2-Mv2sRSQ3FlmXdBZe-UHj1smzAYYO7TjLuVJCCTt8i4Zk4aUl14XzkKRhYWr_U&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:46:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ABF8 22 KB
8 KB 61ms
60ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 441120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3042 170 KB
59 KB 58ms
58ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Origin: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 17:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 17:08:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 3042 8 KB
3 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ7temx4-OrdH6JdVxVs6oaLxiFa5HEAVw4p3SukMAH-lk6OinLqmsQnh1YgnxhDWADzGk7nJfM0d7YFyS5d5pyImWMYT_QT3ZNaBNNloYTIJ9H9JhrwTKIWI0WWy4PLhVWiLmTrt_KEeJpBpuUrxpnyF7StKY5DK1dpGeWbd4Ti-42-NM6hZ1Oj92CsnG-1lICh5-&cry=1&dbm_d=AKAmf-AsQxrH4OXRKUEdFhRcfgy2QAjX3Jx8v9WvIDtp2nKdIIMAqd7oivbYOT4og187ccevRxaDiJKql3OjSnjIHncrysKq5iADCIq1Y2D79ejEyLoVTGwxeUxZQKBb7PwePOxATwMlFtSAFHu8FCxFFUYYGbTx5Q-dDePeyziVvLP0fyvG3KDBnVLIYv6JlP7tsM4it959ShpGCjSzMdUtoHOLUqlpBX8BNfae8vq0sRMdVW9HOjemMlWp3RTXXMd5on08vHjDbhXyJGUITWW6p86GSBGYcBpNRSqjzggqojXJh0Qv6Zo9PtHJZ-omK-ifaTzH07HbzPP2J4oKzgbSKDWJDkvnJsBlvZ8GMk6Gpr2uf0z3ISwldyVflBj45Dgl9jt5T6XcqfKuwRnmw0wCWrHbyJh4dSF5EkX2UjtxdOhDz8XnTHWxwsWYRVIK_OgXbovY6JpJNJWjIfKQC3UZgujaTPIc05SYzUms61a7Hy5V9wQU3u7aftYQDevMHBmog5goSR2LjRxambz5QUEoUq-dJLNS0m1xPcgPe4ZhW_UPb2UTnuJSgYRkytLl0kbbHaiVExmk6r6KmKK8oJvVipuqBvUiRuyCXO95GjF4fIC1Nd3VQtVaemi_m9GmEBRSriJVjQBq6WiCiA3FHceUdVedrGdWOpXK9ui0oGqKQRpjEj96U6qKr0-L9rPw-4TpiTKsAtiCl0KC_06mUl1kOLthswMskCYm8pE5trnft37z38xBSQh-9LubV0RPUVHLQXup6nmfPUJiMv25qq40O_s8XycYmD4MZcVpWtlps7xBWfg1TokXv9NBS1jlF0GTxiTgzzzTFm_OxIDFt5BJ2ltbLFHqaXXa7O_YBl5-TbjL9cd0fg2SAklM_q6Kr4xcq6fQREuGILLT4ekuLCjHDtncZdSd5wa_e9F302bPJO6V4xXnWxUJiMxjd4AA50L9qT2YXcHL3DKHjN2PKf5EWEgNoku7ABs54IEzCCHQPT-Htq1mOKOrLpu7XzJtRt2t7NjqE_wxTFJj8oYnFWOdlXspbssE4MljW_2dS-Bz94LcWjcWegkOOaz6gcyKcklYVmZApnfTTRUI6JOkefNe2YJY7K5xfRgdvQ9v4nYs2UaNmoWzKhCe9PbMMGyw82c9k6OuAjcKby1qvfXwOOoqsE7dQWDdLsQgPJKdRLd3v5-4Hab69_gMqf5DwFl8q9K6u9fOFBgVVpoaDdzvdl7LxOJb-lHBCjvGTbvoXcsuL1c88yuuA--f40nyJeqHgAs0lm9f1eD4V7PN4-KrV5DC7IJsObMm6xCVXD-mXcdaHAvgVuh8sTTHZz-EPdoBvLJwodsd92KjCkGo39DuzviTTQW2C4_Eir5mjEsmjh3BzbqyUGfcb9goUywyNHv7y26Va73lSnGSIeFKyGqFoiRGnDHKvO1p6mjwQuyOKOzktONjYgAT3joExGvMTufKRWL97FxS_scRepGw_VzVp7FigTSaBIjs7yLG6PSLbWZebuV0jdKF7ECtM15ucl1jMBhtwiXAkPtBkgOMKjVzSbylyjw5842usKz0IhL6wzWsgu7XhmA_6GotNRJxYNBrSbJYMehsloI9XvqArqp_4Y7WmUm_A7ArpemWyW-b4C8zO5KpbP-Kn_xa9DBtN2d6GYPfFB_mrtgj3rbw25yyJONDv6E5n6_HcJuq40nuqFuSbDhf0mkvIXrw-A6awX-UjfHgCS9cMgc8NfK90SP7F6LCXKqAa9RdqrGIwioE4ae2FXaEYbCafBdJGIr2P6zPRqipFW4S_P6qkKWiJSdNpe-Z7UCUH27dkeRLK37kGOmy8Xvs2Ne5fDBu7mX5sQ7xRh_zk6xhkwuW2rnSsElK24HdZxUV1fWxmvA_UF8iDbQlTVYOwxnhCr2YI5fz3sxnnnrKfWp0SAgIY4GuAHYhRJn1HK7pg_Mw5I8Y3UadPE0EwHlJpRFZk-x14wB2Qch8868LF5tS39-3lS1hwNybTFlPqc88UshE9kyB4cp-E_dAp7uBuEGA-_RhIiKXX4_J8xJGI-Qu5Ct7J8o3AKnZvP8YPqf5hwR0wourfqjEaaaeeah-uEKfRjm-4QOmmYMfn6t95NCVd-KBZgTnHqf7bd5vs7JwFde9TeI28KwWPTODljVTy1i5knpNuUJbRcYSqeXo9KzKtwerHrOep3qdeFAkDt2Me6Tkg6KExBqoKIMsdTTevPGxZ67N-R6EaubFb7b3kjfmfm4BpcNgpFtmhzubSjU_3eW3reS7_RoiZreWECng2xOcRL9CcjebKetJnK47abSp2b1Eh2YX6AsSB6o760zWaBgg8Z41n2NYbPYd7eRbXNYwBTJp3EuVUCWnnIdO11ZTFTe0VMITZjs5zbvAZ_CH-5XEwWiuSqDXVzxe-1d4wryZpTIjqiEmPyAU0YDJeBkKXLv7r6UQviC9sKu1uVrkNj3HFCG0nNR7zt94YZeZIAuoIdodtCMR4y6ZUVT6ukuENi6Pavd7Irnsao88uD6LTzd7W8gFOVNz1CIzeSXSe4WO4m_1QSxlpi-jjwLQVIKLjOxaszKPjpbY-gayZAzcSaA2KV5GEqckgytY8j9Ilpb8Be1boalrCwHJ640ShS_zbovbhlrzhlfrWaBPAn2k_lTSo6jN6jRpqCcMiqWlmbFlbkhZn2h8p_j-mHvRK7NdN1Cdc67bRj158_26jX3SsuY4mpe16fkSeun_bvq7B7heE1sg7WwQdxdZXpwYzDLeGKJjybfQhCWswIg0i5qomii7mGBDoa4s1Tv5TERpl4prOr5jUzRWdls5XKm-pvnVWtOdCDInPKEA6wWIVXukXYaNDClhx_OLtvO-8t5Ar2bl4OInOFtevGadLvsMZgFwMH4qru4ObXgAM2DQ7Wt64uNWtULpIIg79UhGHq0093WZndoCkxHgNQAgnO_oiKx8N84ROJpuLT-vRLV77IPExx-vOgZUpsNrVb54Yc0QMXm_YLl-quDSqu1xTe54lzaSqALTKvr-nG9Ekg9ZL5ANs3oTc54tjq7AtCYYsdRmDAhxxx8jKS0brInrikm7gLiEZe8ZDKwvzcnPHHGHQzBZzgq97pxpJe9SjzzR9QGGJM_iMPvhXTPMmWueBZVmPTLrVazzOW1pEX29Hw0-1ImdkNOcI1ElPknj0SlwKzLca3O6H5yC_PK0lQ2JKAic71MGk77z43Y-bG2hzPx8bu2UXnxlo2cWl2JeAWH9mMV8Gbsxo01XX1OsY_H1HLhZOqOWdCYZiFdVSJfilV34ZWjPCd42wUPtAL08VVvaIqD1DUnFa_aR5eoMuC4nhgVGu7L8L56DohRb3S3ZbpZr1g-rkIVao1p67keV3Rg7_ijijmJ1mDXyOHPLlNs-vxTBTOQerOsVPp3h5R1eBuvuP8F5AZEDcfzLpMfNcLwo8-kmpagP2gj0t17FILRi4xu7I4JluOWYs_WaHChEHiAZJH6neVgmK4_TvUfVZEb56SdUiBAI682ZNJi-9cmaXe5IK97i5wriKbrd2Jmc32ubZ__n_fCwr0t81uVSKs-TryCfTuq9hLAxlmDwHEZfAZXmscF5b7vPSaRSzwQn5U8-Qr5LKZ8PGOw2jzYm8Ch50Lqzw9Ys8PO6Iud5zC9zj4-J4FsszKFEuB8vcG_ghQbSq8uFxbhsWIVtvAnBaG70dP2x7BxX_PS0Qf7c4POFc5b-djOAMcl-NjJE-aJcCZ8WcyCjPuBFsyLUYECgvU0FiyOVmc6mo6u4hC1RRDMdBcY3llZAFfPNpLTFi1wa3pm1aCMwvqr7PT_LfLHbvAkbkzD6JpGi8IQqF5wXdZ3XeIfG9DX3GZD06Nl18HtrNEiBN3aKeXRNkA&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.irctc.co.in%2F&ds=l&xdt=1&iif=1&cor=1645245059392796000&adk=2265872549&idt=218&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:17:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 3042 28 KB
11 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:43:48 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0C08 34 KB
16 KB 162ms
94ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=61218350;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=469624005&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CqHgHcfzcY4yvFYu5-gbThYZooInMx2v676bDqRGZ4rnWvAIQASDHzqgjYJXCpoKwB6ABkf7RogPIAQmpAg6oy9JgR7I-qAMBqgSGAk_QD_LSBzCDoDtLDCKN6mBftRXReRThbvTDjA4TJhdOWRrM_T8sCJUxFPUIfxE1QK8Xvbo1gwI7ZoPnwKjRaDtgKBvEzti5I1dz1LUvNeyYi6K6titfDUUAU-3_wkrmzbO78q8oU0tNDuj9vq5i92_bVlpg8Yla1uxVb-tDRHrhODRixNG0GBt4shc6U-OGt-chG1ul1L6lWLlSlY6GvVzjoViYPt8-kwOSDK0KkbqkhWTt7F85AGzNpzOpGujIVwsfEiG4pFPcrXZ9zVwz80yN8rKYhIQ54dBW1i31ItgWy_-pP_gUkyaLrjhx2Cb23BGqZVTgXYiHcjk0JTznBHyqrj3rgTHABO7WqvD1A-AEA5AGAaAGTYAH14GuXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATtoyLEtATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&sig=AOD64_2BkzjI089TQhkYMfs-tCIUlh6kRw&client=ca-pub-6685711026657277&dbm_c=AKAmf-BJnDc46_9LmTYUVY_IbmmhZVgHQisViRk1NNtYv-WGeE1ipRGuDg6aseJD5BHYucjX4fbOuM61wWXx4O0QUPX0K25rKzqSEfCYwqpHBfPQAmapl2YHqe03luajYqjPNIGov3eaP0OVzTiPKj8FzMHTSOHp9KTn-mEqPGft0MiLD_xDbtA&cry=1&dbm_d=AKAmf-BDGzleuDv6s8DJOMhs5g7W6oStnpbowalnRSUrzwDM8v4ypIhldIEFtdnRGgDiD2Ts82xhRsdUW0wSw2bLQ0cmdMO6SlynmiOZebf1tgTEuNZVmK78im6gthixecZ9OmjAySIQcQIIhNXrqUamTQdG4OUZJeVlvMEcjO2spIMifhfIBQ34yScXTHb2_vEuRQdZ6hzn4xyA_KAXV2euMEcsWP88MtcsPr4APQPK3DQXVHUR0LxbX59qbof12CYBeQGnG4mdHBwYHu2dFjrubUW3AUIyeiwdppQ939Jq8EN5fijSpD7MUixKox8UJ2v-CVtBV48JVTFrf8vjK_E8hKbKzoOyJ8ZKRI-DA56iOjy5yrqa4LYxB1hcV4Ep13CP-SkAjh6TBj1ID1ZbWyfUNJEjyXwNqyW-fmPjNXH6HHHMrZUxcO7oIJ_cx9YL796MnQociSvMIjra_M1SiLmDrBCxavnCKmXWcfhHIsCpVpvG8o9L1ryl_l2es56cjd87MvJwpb4l5SVUuriEvdn4SoQtzJMLdz1pZBj0A3KmoD8G_dlyBBU&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:46:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E911 22 KB
8 KB 53ms
52ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 441120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8B3B 0
91 B 65ms
51ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 03 Feb 2023 12:22:10 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3042 41 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4CF7 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3042 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ba58c0f73f9506cad74852841c992c4e2fe59b17fa58eab734b5054ecf012e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame ABF8 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 165 KB
36 KB 84ms
84ms Document
text/html 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5945f222d89a08973a9cdde19cfdbabbc56e8b72541be990732f00fa421f274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:10 GMT
expires: Sat, 03 Feb 2024 12:22:10 GMT
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3042 0
0 85ms
84ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-ycS-Z4dtEWe1kvkOdkL1v6zarE9o2C8TwHXx6fWivg2fiK5AHIRzZ5BSaHHuB_dJdcn8SDsm6rz1EXeDGEZPIgDSrWhBVusNvieijh9jBhluKvjz8SRGy_MQkUS0QwHOPC6nZRzVu6xTI5zZrpizN0a6A0cN_e1UgMGeSdUQLMe7-ti7xT8d_84qL5uzsnKbeHdhYXDhrkAlrEvm2VtFkgVFvmowSnLcvs1Ztqsn8dPRXtWPGEa8jkFDo5ELjeMo5nZqcKnd5oOpZJdp_3aV2hmeaN9IOUilOVThr23WoF_KUH18t-X0mOVWQdZmujBUyoXe4N7A-4ITi-WiepOuIxKv6SiwqE9unqSPid1hp2Z9pIWx8JXNPkUVWjerGiTiRcMTPGvq1NrLLn97NmwgSmohFSc0wqukTzjEbrED5dmnl2rc7i0ghORUGDMbyjSjHOMjye-VdvrIrUnayQRe1KRqibiS08KqmLlzzNNSVsV7VyDHmNjDC6_r-WKDSl_l2I-rmaid8__FRu-gt6bEkylRXBUJa7kloxspgj83gcB-C72P0DMyFYs7_rz7YfmfHUJ3BkjCZssfzeeyatPmL7-6TMoXKBk42cEA8KiDnT0-UmF1tyg8WYmx6lEw2IFoTrgkRDgk-bg_QHF-0_Zfvkl9AyWxN0cuvjJujM76v6_mmoFJIPx01XS72NIUAmhI0APFKKr_iibSMCG0VMmaPZfE0cwytMKKDxW_9uV4Zo2ysnwEmSPF0RmW-MtZLXMB-Sei8_5AJ-zVgNoiDhlHh4UNh7dLRmDiE5SVIdc6cqLOUCsVIig8oJlFUnRRKefOZiQ3dwFMPE7nMuCyxG5bVMucyqhqggluK7uORzpm507qWMGVFdfUhQ4O9GdFcT-DPmNN5FKwLFeSb4HF8DMy3TV54wcp0CRN1LGkB29BNvKLV9ipLBGQFlCW-nYyZd_gy-vo0RrsSIicCwfUeMDlWw63E3IMwdRH6HrXXHxmsOqrtSn1Udmy7RctRg6NrtufyevL3ipOodWV-gnr4LuvcPw3m7lFqKSSgdGEW3X6Olgo4Ywzr_MqRO1Kq0F2gxlcarc3S7ho4sXVqmlH_6X7UESJ-f0MEN-QfYAZlFoTo-ml9v6OsG4iJzRURTtwYS4-F27uBmO1jRuvKpbyGFRJM__Ay5EozoE2qq0hAFjxgMMAzGdByB8wbVDoZ3tfJvuYo5zr0RWZhssTn3trrxOQlKUoL9rFI-ghZuWJNUc&sai=AMfl-YSVsGzIBTb_0VmPGFsZ2jupnyh_bwLzdb8u8bftVeeK9wgT6n-rEQxwgCXqpg1F8Kc2kQM6bilT-7A9BQGlpcUigcDgNWvpcbyiHj8uS88edt_gGncqbW-GFreJZAoIu8gFvBvVS1Je2qT5bxIyJX2x2cB7yGi78b0LHwMpTJpJ7PSFauv1xrqFHTSVPNLrX4i3HFyFujBIoGFcnvDEX7CfiRatXeA95dSoFGqd2rxsIPFJ4QF_oRMxZDyazYHL4GsD5Ss&sig=Cg0ArKJSzEiM3EADvSSZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=166&cisv=r20230201.41041&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:10 GMT

GET
H2 200 B24472818.278557825;dc_trk_aid=472677702;dc_trk_cid=136869765;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0huC5VlVhPlv0zNzr9Mnmt8;dc_pubid=5;dc_dbm_token...
ad.doubleclick.net/ddm/trackimp/N105603.3892527AXA_DE/ Frame 3042 42 B
440 B 250ms
87ms Image
image/gif 142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N105603.3892527AXA_DE/B24472818.278557825;dc_trk_aid=472677702;dc_trk_cid=136869765;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_exteid=ABAjH0huC5VlVhPlv0zNzr9Mnmt8;dc_pubid=5;dc_dbm_token=AD1EzRQAAADVCs0BCgwIABUAAAAAHQAAAAASDAgAFQAAAAAdAAAAACIRCL7fvxSoApub2wKwArDHgwdAAdICKhgBIhMIzqvi16v5_AIVi5zeCh3TggENKAEwATj69qS-ihBAAkgBWIiBIKoDWENBUVNQQURVRTV5bVA2b0pvYWNrdGZxSldfWlU4dnpVTk54NGJxSW9aOHYxYVBmV2p1OTlLeWZBbVdhLWVMXzRRTy1wWlRGRzJLN3BFZnVkT3hFck54Z0KyAxEIgOGAEBABGB0yAqoCOgKAQBCCma90w5o0RMGJrmZj8ow1V6bQ7g?

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4CF7 35 B
463 B 141ms
41ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG7622QEyvrGukngqlx9dqg&google_cver=1&google_push=Aa02lx8VNqtdhV6Bdo-_UoKn8og-1Yhi3JKrFfkIhbPiA2PKfWey2JBcGQGnYfOjMJUZOTMuufFp9qhob_W8eD7bgAIPkP-jQuFZ

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMOsvGUgHKgdX9BVMJ7aX38&google_push=Aa02lx8_GFMtlMzcBf2LP0bsgCiJx-KgLXijmOfH1hjZTM2suyDCdn3q0T...

170 B
188 B

88ms
87ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMOsvGUgHKgdX9BVMJ7aX38&google_push=Aa02lx8_GFMtlMzcBf2LP0bsgCiJx-KgLXijmOfH1hjZTM2suyDCdn3q0TyEFO5nJooMdj36BfJlKvTqUq5eV3swDKIhiVYdfb5D

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220034-HHN
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1675426931.598837,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMOsvGUgHKgdX9BVMJ7aX38&google_push=Aa02lx8_GFMtlMzcBf2LP0bsgCiJx-KgLXijmOfH1hjZTM2suyDCdn3q0TyEFO5nJooMdj36BfJlKvTqUq5eV3swDKIhiVYdfb5D
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4CF7 70 B
264 B 58ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFq8IMtaXT3HnI4QtXafOV0&google_cver=1&google_push=Aa02lx8p5YKgpUWlsVrdO61DAVAsJ060Rso-PrmvaHg3r3Yreu_imv7eZ4pEM0TYWNY8qGVsTqkPBpyZ2gle_l5SGRZlnwDdGvRd
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4CF7 0
174 B 170ms
51ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE3JXMdQEhGu0dGLHi4opJU&google_cver=1&google_push=Aa02lx_AUDoT8G_wwbZYQGKaXh2bKdATAeyq5oYJ2LNahpvPEZO9YSoI6pt05HqNQ50fuRsPAwmW4Xatx4X3PSFZTIxZTfQwBmZ-
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CF7
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEH-RWFra3TA8EU4k2KpZuLg&google_cver=1&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr_8...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEH-RWFra3TA8EU4k2KpZuLg&google_cver=1&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr_8-8zE

170 B
188 B

76ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr_8-8zE

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8oEz5WK3Qg8VbZGOp3w0cnLLENRC26f_5G4PFzNwn80WFJ8KYP0MzUiPCYDVkUq3WEgHczNt78p8BdM7XD1Z5Lr_8-8zE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 200 dds
rtb.openx.net/sync/ Frame 4CF7 43 B
64 B 54ms
52ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGqxqu2J8GrM_uEG7YR7-GY&google_cver=1&google_push=Aa02lx-F8dFVLzWfRsF_ZYvu1qhLsGk7vvTWOgj6TU6xSUV6oZbyb-tLgxowAKOvq2kT_d02Om63_5fR1XKwPwAI6T69a_cy7Gs
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fcejck9n6hvc6g4nu355n0r2bgrfcac0

GET
H2

200

/
onetag-sys.com/match/ Frame 4CF7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAuR36KQFn6KLJi1SN-dQfU&google_cver=1&google_push=Aa02lx95B1zKovXSoeovtmoIc_yzocvyBW7Dzn-H7qqNaNqvNXXH3oE-UsUYYTrdsTs3S5gtmObW-dp7ugz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx95B1zKovXSoeovtmoIc_yzocvyBW7Dzn-H7qqNaNqvNXXH3oE-UsUYYTrdsTs3S5gtmObW-dp7ugzdxcDo1elurBRki6OS
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

40ms
40ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4CF7 0
12 B 75ms
74ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KK93fgrpGxmXsYGowgYOdTGV8vH5Vc2FDTkx1uVDX7y2J_avpx27RFgPMDpno2hzuN4qrBtQ

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame E911 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4386 22 KB
8 KB 52ms
52ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 441120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame ACE9 2 KB
3 KB 180ms
40ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=61061010&sid=1523392&dvregion=0&unit=728x90&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037616&aucrtv=57128402&auadid=1523392&c6=1617446&c8=&auplc=9041715&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=zflip4_wechselbonus_230123_tec367a_728x90&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
X-GUploader-UploadID: ADPycdtNtAjlYdrta-l3UqO7FDE-_iwXAjfeaJIoKxhbJdY-eR9FHPhh5_adX6s8buye_b84yVlklAZf9vx9b3Inf8t_6lQSbDxc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 1922
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
x-goog-meta-previous-generation-number: 1673253614982549
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
Cache-Control: max-age=86400
x-goog-stored-content-length: 1922
Accept-Ranges: bytes
x-goog-meta-pipeline-id: 742670731
Expires: Wed, 18 Jan 2023 13:56:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 0C08 2 KB
3 KB 178ms
41ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=61218350&sid=1523392&dvregion=0&unit=970x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037616&aucrtv=57201242&auadid=1523392&c6=1617446&c8=&auplc=9041715&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=s23ultra_launch_230130_970x250&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
X-GUploader-UploadID: ADPycdtNtAjlYdrta-l3UqO7FDE-_iwXAjfeaJIoKxhbJdY-eR9FHPhh5_adX6s8buye_b84yVlklAZf9vx9b3Inf8t_6lQSbDxc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 1922
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
x-goog-meta-previous-generation-number: 1673253614982549
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
Cache-Control: max-age=86400
x-goog-stored-content-length: 1922
Accept-Ranges: bytes
x-goog-meta-pipeline-id: 742670731
Expires: Wed, 18 Jan 2023 13:56:00 GMT

GET
H3 200 Enabler_01_242.js Show response
s0.2mdn.net/879366/ Frame 1326 107 KB
37 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_242.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 21:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37452
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 15:49:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 21:42:10 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C33 0
20 B 75ms
73ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1682757049060&version=m202301230201&ct=76&x=1&cor=3209553867119195000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4386 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H3 200 SourceSansPro-Black.woff2
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 78 KB
78 KB 54ms
53ms Font
application/octet-stream 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/SourceSansPro-Black.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b2f5f468e077f4b6a2e3d2a9244a7cd60913c5504b587159a00ca5d7bcdd62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 06:29:45 GMT
x-content-type-options: nosniff
age: 453145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80208
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 06:29:45 GMT

GET
H3 200 SourceSansPro-Bold.woff2
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 82 KB
82 KB 59ms
58ms Font
application/octet-stream 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/SourceSansPro-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 08:56:11 GMT
x-content-type-options: nosniff
age: 271559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83468
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 08:56:11 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame ACE9 57 KB
19 KB 46ms
45ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=61061010&sid=1523392&dvregion=0&unit=728x90&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037616&aucrtv=57128402&auadid=1523392&c6=1617446&c8=&auplc=9041715&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=zflip4_wechselbonus_230123_tec367a_728x90&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame 0C08 57 KB
19 KB 46ms
45ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=61218350&sid=1523392&dvregion=0&unit=970x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037616&aucrtv=57201242&auadid=1523392&c6=1617446&c8=&auplc=9041715&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=s23ultra_launch_230130_970x250&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H3 200 prod_studio_01_242_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 1326 30 KB
10 KB 103ms
103ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_242_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_242.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68a1eb809781154c2c6dd9ef157e3ffa54c45afade2bb70edd006707d28c3a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 16:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10358
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 15:49:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 16:33:11 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame ACE9 1 KB
901 B 365ms
47ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_704913036724&jsTagObjCallback=__tagObject_callback_704913036724&num=6&ctx=11655933&cmp=2661571&plc=61061010&sid=1523392&advid=&adsrv=&unit=728x90&isdvvid=&uid=704913036724&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=109&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661571&aucrtv=57128402&auorder=84037616&auplc=9041715&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=zflip4_wechselbonus_230123_tec367a_728x90&c5=DV360-donotuse1&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=21&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3AC4E4%5D4%40%5D%3A%3FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3AC4E4%5D4%40%5D%3A%3FTar9EEADTbpTauTau5%60gf6gbaab_efc37cea%60662b35e_3%60_h%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.40&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_704913036724
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 7fa80c1d5b9c1b4564d2129120f1fa9d6610b9c88207d7bc2ab2ff2883581746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:11 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 02/02/2023 12:22:11

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 0C08 656 B
675 B 366ms
52ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_755502698723&jsTagObjCallback=__tagObject_callback_755502698723&num=6&ctx=11655933&cmp=2661571&plc=61218350&sid=1523392&advid=&adsrv=&unit=970x250&isdvvid=&uid=755502698723&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=109&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661571&aucrtv=57201242&auorder=84037616&auplc=9041715&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=s23ultra_launch_230130_970x250&c5=DV360-donotuse1&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=21&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3AC4E4%5D4%40%5D%3A%3FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3AC4E4%5D4%40%5D%3A%3FTar9EEADTbpTauTau5%60gf6gbaab_efc37cea%60662b35e_3%60_h%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=2.60&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_755502698723
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 4dd1288750cf3933460719bd57bee4f9ee47b77be8e067d60c78adb1ad144d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:11 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 02/02/2023 12:22:11

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABF8 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bavr_cvzcY-abBqvC7_UPn4KFoAgAAAAAOAHgBAI&bg=!7u2l7anNAAaq5O5FiuQ7ACkAdvg8WtfIqFXeQHyA3ymuquJtR8JhQdVL7hKL64-tiOR-gFsCWCAgoAIAAAE4UgAAAAJoAQeZAvsro_nfSgagVE28hLTVbSaLG6DFOUDQ-8y1bexXu6BB15XMY1qH4EZ8cn6g8QuJNqet9aumscLW-A1rSa4zedojNWE7j0OhjhcWtwE9LSNJnj4a-R2yBbBhw3qWBhQukh4l_jhCmXgva0JmYTC0BXoToGGSZ6y8Hrq14SZOLR36btiNYDZXw6lcGiy8q71VquZgt33QRBAk_WoblWdfs22Cl1b-T3PKSYO33ntA39Tp0OSrDiNlnnTHjBrlwzaCSv4t7v6ffehrFkmQ9w73M0jGzNrPLXjqDLIAQsrj4KH2vGALgD0J2hyOVx_Da20LKI6x8vgAuxG_ZUNbgHTy0Ds37c73K-TbiDgeolawytH7J7TysUBcddyxH_ho6CaAK-t9A2zV_Z6K0xj50W8JMU6t4p74BvRAu0tVXyXff3zZBAbnjCEAUW9q-DpoIeJHpfQ26MrrfRnI5OAfxzNl7MwDaAAzyOLdeHE2Cd_2j59EpkK6VPfOW_jkgi9Q6SnaDALRibKVWCWIt5eC9c8SXvywaSpyqHnQRZA8wRoA9nN_AiWz6JFXtvEgHYjW5sfJmBt6Zq9hjBRmgojSzGEGbK73XLybJr99t0V4SsZeFsq5lMkb97078PXr_C8AqpZ1lLhiXj_9PYdr8NhN2WO0wR-dpLUXTcCJlWCZ_a5OSt2xbyX0nTVD70uiuXiu3QFcQVxG2Xn-SRclg5RqHSMxr2ajNvsnxkVfqw1CJ8YVszg8aCnKdPSfOUhiERfIC7jh_hrhhF1ye9VDy5zzpe-wrlqBHPwX0IOTnLI8ARY4R9QYJw8nYx5tyfn88ui5Ah2hohAknfYZQQxcp--posfIX2fNC891mBWxVF5mBz66ixAMft_4V3fHTkFD_CAMKUntdcx-ul78e2MbYgtmI52W4_pArrXhOmtDnimY_x2JaGydDSYl_rudm4tammo8J7F8D-yCbKb-4NJneFzNiGa_p6K0dWRy-DSey0g2CH18zBWWcx9VvG9pU-s-cewA

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E911 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bst4bcvzcY_mPC5Cl9u8Ph5WkoAIAAAAAOAHgBAI&bg=!Tk2lTQnNAAaq5O5FiuQ7ACkAdvg8Wt01BQrtfKeIuXbq3Hx_ilr9VMaezxGk-NbZ_sRbAKPWLREm3AIAAAEeUgAAAANoAQeZAuzwp5wMCpxnwYLviAus0MtDkIEz0260C1fW8Jg1IchZ23a2DbOYOOxQ5eLRemfNMe0ok_EqcThSJs2QQqH6_hVNQp-zN0g09G3fkUNksytMaImqJwnaDgqkLU6N1fK1fDNEc87fmRNrCR4Je-ZxXKxAB05V2uGsnJEDl5h6khz-7Kha7nycHs3lCrkqgAXX_jIlGDoXN5XAcvI_IsC9LLg9br9oTlyMnEp4czb0F-1Ayuw26-8QvvSJGLlfZzdOwn24Opw0NPEtx4QSmBZPLVQQmSYOi3lHONkwI0lh4dfKIYHkAPMDwSFIRGpkrTzE-GdudHEmjaKqXduQLuLhQbmfvPd-NTGyQVM_YoGAxTrj7lSnG8JzLUQrMkkMyR6ZYyK62UTOVAMxb8LENTsfi0V6ugA_xjpkkdBYXmqT5chEfBXnRbi6idAcNSQoAtwHNoOccPTyYmrYZIO1w4aUV75WgFq3s1uG-Nz3Mj2lzBJC7A5LrX_ivMnv2TyfHElcgVAqi0MeuFLct2sXWQGi2m2ejyE-qmVbt77sXLn0b1jyr0PGSCNV0fbXrui45tpR-Ng5sNLVJQjPB9JwH2hUKVmbaEDUZjQzBMJcIBN4FbDlaE7upJSER-I7pcVVYyc8PjzZgB7Na7mH2bqeiAdriFhYMDBtmKbEfLo_lb_sEZSgiBA0yc9p5zGk-ULG01vtuOXGqlap6gsToJsq_ENiEd7Og7DG1RlpNewmzV0MyHFNLB5arhX7xRT0VZjHlh-mknkUTNCi0csdIN3kNmsimxPe2frgI-yJIFBQlQzDSU-sLJiNivFYpAjVmgJR4alp8TEFse5wGPx8iPOjvfcIRCcvolwjf-tULxRuqVWAm9G9XhCBZNWk-Mi5EsaVQyQgW5CQjdkAoS68nV1-I_QgmfeCyrFGkGNIRJ3ztAaqi46C4uroo3C06oW9ODgaWAPFK_QcQEimMo2ZrVcB559WEDGP3j8S5ltElqn70s_n

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3042 0
0 79ms
79ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-ycS-Z4dtEWe1kvkOdkL1v6zarE9o2C8TwHXx6fWivg2fiK5AHIRzZ5BSaHHuB_dJdcn8SDsm6rz1EXeDGEZPIgDSrWhBVusNvieijh9jBhluKvjz8SRGy_MQkUS0QwHOPC6nZRzVu6xTI5zZrpizN0a6A0cN_e1UgMGeSdUQLMe7-ti7xT8d_84qL5uzsnKbeHdhYXDhrkAlrEvm2VtFkgVFvmowSnLcvs1Ztqsn8dPRXtWPGEa8jkFDo5ELjeMo5nZqcKnd5oOpZJdp_3aV2hmeaN9IOUilOVThr23WoF_KUH18t-X0mOVWQdZmujBUyoXe4N7A-4ITi-WiepOuIxKv6SiwqE9unqSPid1hp2Z9pIWx8JXNPkUVWjerGiTiRcMTPGvq1NrLLn97NmwgSmohFSc0wqukTzjEbrED5dmnl2rc7i0ghORUGDMbyjSjHOMjye-VdvrIrUnayQRe1KRqibiS08KqmLlzzNNSVsV7VyDHmNjDC6_r-WKDSl_l2I-rmaid8__FRu-gt6bEkylRXBUJa7kloxspgj83gcB-C72P0DMyFYs7_rz7YfmfHUJ3BkjCZssfzeeyatPmL7-6TMoXKBk42cEA8KiDnT0-UmF1tyg8WYmx6lEw2IFoTrgkRDgk-bg_QHF-0_Zfvkl9AyWxN0cuvjJujM76v6_mmoFJIPx01XS72NIUAmhI0APFKKr_iibSMCG0VMmaPZfE0cwytMKKDxW_9uV4Zo2ysnwEmSPF0RmW-MtZLXMB-Sei8_5AJ-zVgNoiDhlHh4UNh7dLRmDiE5SVIdc6cqLOUCsVIig8oJlFUnRRKefOZiQ3dwFMPE7nMuCyxG5bVMucyqhqggluK7uORzpm507qWMGVFdfUhQ4O9GdFcT-DPmNN5FKwLFeSb4HF8DMy3TV54wcp0CRN1LGkB29BNvKLV9ipLBGQFlCW-nYyZd_gy-vo0RrsSIicCwfUeMDlWw63E3IMwdRH6HrXXHxmsOqrtSn1Udmy7RctRg6NrtufyevL3ipOodWV-gnr4LuvcPw3m7lFqKSSgdGEW3X6Olgo4Ywzr_MqRO1Kq0F2gxlcarc3S7ho4sXVqmlH_6X7UESJ-f0MEN-QfYAZlFoTo-ml9v6OsG4iJzRURTtwYS4-F27uBmO1jRuvKpbyGFRJM__Ay5EozoE2qq0hAFjxgMMAzGdByB8wbVDoZ3tfJvuYo5zr0RWZhssTn3trrxOQlKUoL9rFI-ghZuWJNUc&sai=AMfl-YSVsGzIBTb_0VmPGFsZ2jupnyh_bwLzdb8u8bftVeeK9wgT6n-rEQxwgCXqpg1F8Kc2kQM6bilT-7A9BQGlpcUigcDgNWvpcbyiHj8uS88edt_gGncqbW-GFreJZAoIu8gFvBvVS1Je2qT5bxIyJX2x2cB7yGi78b0LHwMpTJpJ7PSFauv1xrqFHTSVPNLrX4i3HFyFujBIoGFcnvDEX7CfiRatXeA95dSoFGqd2rxsIPFJ4QF_oRMxZDyazYHL4GsD5Ss&sig=Cg0ArKJSzEiM3EADvSSZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=676&vt=11&dtpt=505&dett=3&cstd=166&cisv=r20230201.41041&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:11 GMT

GET
H3 200 replay_W.png
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 1 KB
1 KB 53ms
52ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/replay_W.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9dd56fc4490e2a228973163514867e3d557e450921e646a2166f429ed82f804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:11:01 GMT
x-content-type-options: nosniff
age: 177070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1252
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 11:11:01 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 215 B
248 B 57ms
55ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/cta.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ffd4a691acac9fe2f5aaaef66d17fb06d64e86912e8de5bd8a9417ec20b295d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:13:53 GMT
x-content-type-options: nosniff
age: 587298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Jan 2024 17:13:53 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 2 KB
2 KB 55ms
54ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/logo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4faf5b6b443de346ec29d3fad7acbb6a21eabeb71023583486f1996bff19498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:43:33 GMT
x-content-type-options: nosniff
age: 196718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2460
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:43:33 GMT

GET
H3 200 line.png
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 4 KB
4 KB 64ms
62ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/line.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d87402d6ac551a34ac003e6a7d04f34ae884bc2c5df5c125467ba85c272c2651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:47:56 GMT
x-content-type-options: nosniff
age: 437655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4353
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 10:47:56 GMT

GET
H3 200 Shape2.png
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 5 KB
5 KB 57ms
56ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/Shape2.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e20f2ccf8d883a67b3418bccdddfad8297d8b380db80dfdd2e8a249b8fcd6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:11:01 GMT
x-content-type-options: nosniff
age: 177070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5318
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 11:11:01 GMT

GET
H3 200 Shape1.png
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 5 KB
5 KB 56ms
55ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/Shape1.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3a405349999e66ed87c4fbb2cdc9eebcb33ec19a430f9bcdd5fe1b69c91f199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 06:29:48 GMT
x-content-type-options: nosniff
age: 453143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5349
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 06:29:48 GMT

GET
H3 200 4678653594135875509
s0.2mdn.net/simgad/ Frame 1326 37 KB
38 KB 58ms
57ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4678653594135875509

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ef7499de0575f5086e5ca02ec239a254883d0c7f584e6a15ca0a84f7101c9f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:24:25 GMT
x-content-type-options: nosniff
age: 111466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38392
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 08:30:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 05:24:25 GMT

GET
H3 200 bg.png
s0.2mdn.net/sadbundle/14689676914833634921/ Frame 1326 7 KB
7 KB 63ms
63ms Image
image/png 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14689676914833634921/bg.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbca15ae8645163da40a4ed7e3e5f26cd9fb4dc3fa1a8b2661831d871847f220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:54:38 GMT
x-content-type-options: nosniff
age: 156453
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7369
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 16:54:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4386 0
21 B 82ms
81ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPEDBcvzcY5zxC_vJx_APt9ml6A4AAAAAOAHgBAI&bg=!mJulm9_NAAaq5O5FiuQ7ACkAdvg8WqrSjQN6I97A6HekAjyWmnKj5D95jHyM2hUfvSTK0AX64GLw4gIAAADHUgAAAANoAQeZAudKS9j0HeQYnzK6m_mqySjgI8Ovapq2kbqJ9ZUYy4etkWIyoGVlo8oOGw3xW2hzIri_yHCMUAZyRZfGig2GaE4SVGU31dF4w272qBh0wBDBu9a-rp6121K1GT1P5oug6pUAYrHNI-iJybqy0T-_uZwEYSMNRdKXLsKfFFny9RCGExp_G7uGJfzq3UcMe4rZJoDquJdT3AM49hR9s-GFHIA-b4EIzO1CIUIGe_w7E12-YkGH9tmQrcmnvQO6gmyhotLfdMOw46fMmImqHGXcaoAqfGkYDi-eiCV8uxEdukgLyS6A9NJaK2ISTITsiCVCWAdIgt9sqDEFd7GGULGc9lNMvywp3Siqk3GkNaS-z-77vdh8iGYSLbLy_Ii6KC2rbN7r_W0UUulhpD-Nt1oz9t2iLMT-G2uIUO297S6olzNPoTsFiHsRQcH8pOmkOhb47k974WU7jmLZqbh-QnrWUc_eKTAI26q7go9KdcKOBH32jeodY9jXUT5aE7lk-OEZJYcHuVqEjKVgorkeaNUz4rEPwmvaafReH9j1dgcTUKTdXIF3nhAWu1nRNJWoii9gr5ZMfuARNjd-_L1QOsJBwaGjktwA1galKgIcnYBITzKAc0gCTu0X49b_gjsIlx_wk0zDW_IEdGeZYaDKFRuYBzSo-ZVqLKzNn5ecIzmdIWbYoMX3ycvJzCKxY111Rsb-vToc76_Sy0ffGINE4PCp4hrPWhlIASeQodvypiIMzDbdV_UH3mWXCANqfHqnv4lshh6Y9bxqLPUk9pBEgyCvpa0YQ-TLvzRCh2sBWZuC3JdffEnoNVItPa-hZ7eERtl05arW4ybZwv9se0H3Jxg4UpsgsPGmIfFHQRMU0aEk3TARkiZg_M45UTElw78PtqkQPDJG4DPn_30FVsu8lLbCZ82m3ZL9STjmydXEyp8024NGbqBjjF_HUxbTaFVoo40DTuVzzyoiej1UVL404wawLp28y13-2aCAeg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1326 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 4678653594135875509
s0.2mdn.net/simgad/ Frame 1326 37 KB
38 KB 58ms
57ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4678653594135875509

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ef7499de0575f5086e5ca02ec239a254883d0c7f584e6a15ca0a84f7101c9f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14689676914833634921/index.html?e=69&leftOffset=0&topOffset=0&c=BH7pdHBAd8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:24:25 GMT
x-content-type-options: nosniff
age: 111466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38392
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 08:30:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 05:24:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39YbWc,pingTime:1,time:2080,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:19%7D,%7Bpiv:100,vs:i,r:,t:1058%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1022,o:1058,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,1~100%5D,as:%5B1052~320.50%5D%7D%7D,%7Bsl:i,t:1058,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1021~100%5D,as:%5B1021~320.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:138,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:205%7D&br=c
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C33 43 B
215 B 119ms
118ms Image
image/gif 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7360d3c9-aa7a-4716-7478-7f4f3f4df7d4&tv=%7Bc:39YbWd,pingTime:1,time:2081,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:19%7D,%7Bpiv:100,vs:i,r:,t:1058%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1023,o:1058,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0,1~100%5D,as:%5B1052~320.50%5D%7D%7D,%7Bsl:i,t:1058,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~320.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:138,fm:tuNOEo4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1*.990511-61634094%7C1a11%7C1a12%7C1a131%7C1a14%7C1a2%7C1a3%7C1b%7C1c%7C1d,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:205,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame ACE9 0
234 B 132ms
44ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=14ac7189e1a64a10a7e8bf3b8a009412&vfdur=366&cbust=1675426931259422
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 02/02/2023 12:22:11

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame ACE9 28 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519d5bd967e0830146e37151a545865f3d8ce232d3586b5f65e7bed8baefb871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10632
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 13:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:44:12 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 0C08 0
234 B 134ms
44ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=12b3521b8b584418970f872fee0282e2&vfdur=367&cbust=1675426931261198
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 03 Feb 2023 12:22:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 02/02/2023 12:22:11

GET
H2 200 globalpassback_970x250.gif
cdn.besafe.global/ Frame 0C08 37 KB
37 KB 191ms
46ms Image
image/gif 2600:9000:2057:1200:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_970x250.gif
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1200:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 04:36:55 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 20:03:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 27917
etag: "9bb76ce5aa5d929a4f69f37b75f469f1"
x-amz-meta-sha256: 496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf
content-type: image/gif
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 37581
x-amz-cf-id: wv7oow87GSXNGVCrMYQEdzpL8VPMGnvkeS9h_P2LlinEydfyD1Lf1A==
x-amz-meta-s3b-last-modified: 20220630T185152Z

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame 0C08 0
333 B 40ms
40ms Script
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=61218350;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=469624005&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CqHgHcfzcY4yvFYu5-gbThYZooInMx2v676bDqRGZ4rnWvAIQASDHzqgjYJXCpoKwB6ABkf7RogPIAQmpAg6oy9JgR7I-qAMBqgSGAk_QD_LSBzCDoDtLDCKN6mBftRXReRThbvTDjA4TJhdOWRrM_T8sCJUxFPUIfxE1QK8Xvbo1gwI7ZoPnwKjRaDtgKBvEzti5I1dz1LUvNeyYi6K6titfDUUAU-3_wkrmzbO78q8oU0tNDuj9vq5i92_bVlpg8Yla1uxVb-tDRHrhODRixNG0GBt4shc6U-OGt-chG1ul1L6lWLlSlY6GvVzjoViYPt8-kwOSDK0KkbqkhWTt7F85AGzNpzOpGujIVwsfEiG4pFPcrXZ9zVwz80yN8rKYhIQ54dBW1i31ItgWy_-pP_gUkyaLrjhx2Cb23BGqZVTgXYiHcjk0JTznBHyqrj3rgTHABO7WqvD1A-AEA5AGAaAGTYAH14GuXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATtoyLEtATANgTDdgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&sig=AOD64_2BkzjI089TQhkYMfs-tCIUlh6kRw&client=ca-pub-6685711026657277&dbm_c=AKAmf-BJnDc46_9LmTYUVY_IbmmhZVgHQisViRk1NNtYv-WGeE1ipRGuDg6aseJD5BHYucjX4fbOuM61wWXx4O0QUPX0K25rKzqSEfCYwqpHBfPQAmapl2YHqe03luajYqjPNIGov3eaP0OVzTiPKj8FzMHTSOHp9KTn-mEqPGft0MiLD_xDbtA&cry=1&dbm_d=AKAmf-BDGzleuDv6s8DJOMhs5g7W6oStnpbowalnRSUrzwDM8v4ypIhldIEFtdnRGgDiD2Ts82xhRsdUW0wSw2bLQ0cmdMO6SlynmiOZebf1tgTEuNZVmK78im6gthixecZ9OmjAySIQcQIIhNXrqUamTQdG4OUZJeVlvMEcjO2spIMifhfIBQ34yScXTHb2_vEuRQdZ6hzn4xyA_KAXV2euMEcsWP88MtcsPr4APQPK3DQXVHUR0LxbX59qbof12CYBeQGnG4mdHBwYHu2dFjrubUW3AUIyeiwdppQ939Jq8EN5fijSpD7MUixKox8UJ2v-CVtBV48JVTFrf8vjK_E8hKbKzoOyJ8ZKRI-DA56iOjy5yrqa4LYxB1hcV4Ep13CP-SkAjh6TBj1ID1ZbWyfUNJEjyXwNqyW-fmPjNXH6HHHMrZUxcO7oIJ_cx9YL796MnQociSvMIjra_M1SiLmDrBCxavnCKmXWcfhHIsCpVpvG8o9L1ryl_l2es56cjd87MvJwpb4l5SVUuriEvdn4SoQtzJMLdz1pZBj0A3KmoD8G_dlyBBU&adurl=;js=1;adfxid=2x;10233;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.irctc.co.in

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 impl_v94.js Show response
www.googletagservices.com/dcm/ Frame ACE9 60 KB
23 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v94.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0313c42048efbbd0b5ea187ac6bb5f9f6fb8a99776b3cb981c346243b8e0e978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 19:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23493
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 19:50:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 19:57:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD11 1 KB
645 B 44ms
41ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0C08 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef2b9a8eddd12173128613b3e6f07030d55cc1f079c116d2bc0ef56bf339f2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 B9689862.280630144;dc_ver=94.277;sz=728x90;u_sd=1;dc_adk=2047333271;ord=6c14lt;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.irctc.co.in%2F$0;xdt=1;crlt=J... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame ACE9 55 KB
26 KB 117ms
116ms Script
text/javascript 142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=94.277;sz=728x90;u_sd=1;dc_adk=2047333271;ord=6c14lt;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.irctc.co.in%2F$0;xdt=1;crlt=Jbl7gYBZY1;stc=1;chaa=1;sttr=56;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v94.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

5ba9ef08595cb26c76134a6107931f89a2aad68fcec3c271dd8b4fbc8a7626ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26624
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame BD11 0
104 B 222ms
88ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAq1c6vD5g4R2WqBYtA07Qk&google_cver=1&google_push=Aa02lx9tIgYPP7YA9VKAoYEkbAclfxUmF-ZRK6xwvOKfpVBUMPZx9OLsIa7d-t-4O8Ao4AWQmhVJP1jytYJFBYVV2X2DwG3FdpNj1A
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD11
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPbE4apRYAffXyOkMypSUcM&google_cver=1&google_push=Aa02lx8ru6qzX0Ur4-eYNJdm_C1u9jpebdL7xyqcnykYlPuPM-6q9Soueb5SbF8r5a4hFJ0EiSKtGu89jHoZzuWDJEYvAWhCg2uy
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D2255BAB0224085B11809B27DE8B52E&google_push=Aa02lx8ru6qzX0Ur4-eYNJdm_C1u9jpebdL7xyqcnykYlPuPM-6q9Soueb5SbF8r5a4hFJ0EiSKtGu89jHoZzuW...

170 B
188 B

76ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D2255BAB0224085B11809B27DE8B52E&google_push=Aa02lx8ru6qzX0Ur4-eYNJdm_C1u9jpebdL7xyqcnykYlPuPM-6q9Soueb5SbF8r5a4hFJ0EiSKtGu89jHoZzuWDJEYvAWhCg2uy

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0D2255BAB0224085B11809B27DE8B52E&google_push=Aa02lx8ru6qzX0Ur4-eYNJdm_C1u9jpebdL7xyqcnykYlPuPM-6q9Soueb5SbF8r5a4hFJ0EiSKtGu89jHoZzuWDJEYvAWhCg2uy
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 02 Feb 2023 12:22:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD11
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE3JXMdQEhGu0dGLHi4opJU&google_cver=1&google_push=Aa02lx80noOxsmBTzJI6S_pBCSAHQJdYilXDsEaK00Mzm7Jl9iD2jwqFpOQIaxWSabN4Gci4QXdo3CEDI3_zLc...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx80noOxsmBTzJI6S_pBCSAHQJdYilXDsEaK00Mzm7Jl9iD2jwqFpOQIaxWSabN4Gci4QXdo3CEDI3_zLc4N_7oZ1qgkd6DCAg&google_hm=hmPc_HLM0aqbXbd...

170 B
188 B

76ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx80noOxsmBTzJI6S_pBCSAHQJdYilXDsEaK00Mzm7Jl9iD2jwqFpOQIaxWSabN4Gci4QXdo3CEDI3_zLc4N_7oZ1qgkd6DCAg&google_hm=hmPc_HLM0aqbXbdQ7A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63DCFC72CCD1AA9B5DB750ECBLIS

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx80noOxsmBTzJI6S_pBCSAHQJdYilXDsEaK00Mzm7Jl9iD2jwqFpOQIaxWSabN4Gci4QXdo3CEDI3_zLc4N_7oZ1qgkd6DCAg&google_hm=hmPc_HLM0aqbXbdQ7A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63DCFC72CCD1AA9B5DB750ECBLIS
date: Fri, 03 Feb 2023 12:22:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD11
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8uOreHU5nuM76eAY2Vz78&google_cver=1&google_push=Aa02lx_a6a1McB9a8rS_JfUj1n-iZsdD8CoNyMoULA46QgYmTTT-RWTwCu9ZXwkso3CwijCVfJJBPYOj2fBdWrQiR8pAvnl...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_a6a1McB9a8rS_JfUj1n-iZsdD8CoNyMoULA46QgYmTTT-RWTwCu9ZXwkso3CwijCVfJJBPYOj2fBdWrQiR8pAvnlBbs8mhg&google_hm=eS1VSkxrRml0RTJwRURn...

170 B
188 B

76ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_a6a1McB9a8rS_JfUj1n-iZsdD8CoNyMoULA46QgYmTTT-RWTwCu9ZXwkso3CwijCVfJJBPYOj2fBdWrQiR8pAvnlBbs8mhg&google_hm=eS1VSkxrRml0RTJwRURnRVg3Wk5mYkNENVVKUUg0NEpFeX5B

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_a6a1McB9a8rS_JfUj1n-iZsdD8CoNyMoULA46QgYmTTT-RWTwCu9ZXwkso3CwijCVfJJBPYOj2fBdWrQiR8pAvnlBbs8mhg&google_hm=eS1VSkxrRml0RTJwRURnRVg3Wk5mYkNENVVKUUg0NEpFeX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD11
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP7aGwdLAjVr2XUQTkMwz0U&google_cver=1&google_push=Aa02lx_tKzsJPMTMGTCy0e1uL8d9wCUZ1hOHQPKhgJPVjc2lNf6I9HaSjOlAOzL7rdNRuBj-M8SI1A11...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx_tKzsJPMTMGTCy0e1uL8d9wCUZ1hOHQPKhgJPVjc2lNf6I9HaSjOlAOzL7rdNRuBj-M8SI1A...

170 B
188 B

76ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx_tKzsJPMTMGTCy0e1uL8d9wCUZ1hOHQPKhgJPVjc2lNf6I9HaSjOlAOzL7rdNRuBj-M8SI1A11UzyI06F4HByfyQuQeU9U

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx_tKzsJPMTMGTCy0e1uL8d9wCUZ1hOHQPKhgJPVjc2lNf6I9HaSjOlAOzL7rdNRuBj-M8SI1A11UzyI06F4HByfyQuQeU9U
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD11
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEH-RWFra3TA8EU4k2KpZuLg&google_cver=1&google_push=Aa02lx_ixKN77XED4rh8t4_D06yFzoUy9teDBmi2MLkkz8fRayPsPWikL26NkQ2iTjypLH-CWxIoIF2D2R_6aHKXiae_dSc...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ixKN77XED4rh8t4_D06yFzoUy9teDBmi2MLkkz8fRayPsPWikL26NkQ2iTjypLH-CWxIoIF2D2R_6aHKXiae_dScQ93N1LA

170 B
188 B

76ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ixKN77XED4rh8t4_D06yFzoUy9teDBmi2MLkkz8fRayPsPWikL26NkQ2iTjypLH-CWxIoIF2D2R_6aHKXiae_dScQ93N1LA

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_ixKN77XED4rh8t4_D06yFzoUy9teDBmi2MLkkz8fRayPsPWikL26NkQ2iTjypLH-CWxIoIF2D2R_6aHKXiae_dScQ93N1LA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD11
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHlcsQJaWfrcyjlmTaUchEk&google_cver=1&google_push=Aa02lx8rwopFKEisxfT1qUdCkI-59MLJtdJTdQD-5Hiy2Fhh2e2_tMQd_9frmYcYO7KhCdilwGA9ZfdD30cqpzRa8dJBCsd-u4...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx8rwopFKEisxfT1qUdCkI-59MLJtdJTdQD-5Hiy2Fhh2e2_tMQd_9frmYcY...

170 B
188 B

76ms
76ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx8rwopFKEisxfT1qUdCkI-59MLJtdJTdQD-5Hiy2Fhh2e2_tMQd_9frmYcYO7KhCdilwGA9ZfdD30cqpzRa8dJBCsd-u4Azsw

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMxMjAyMjMzMjQzOTcxNzA2ODYw&google_push=Aa02lx8rwopFKEisxfT1qUdCkI-59MLJtdJTdQD-5Hiy2Fhh2e2_tMQd_9frmYcYO7KhCdilwGA9ZfdD30cqpzRa8dJBCsd-u4Azsw
date: Fri, 03 Feb 2023 12:22:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BD11 0
12 B 76ms
73ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7SrOkid_bdGNgfdi2aOB3nEmSwdAzLENM30_dTwy3_NU8iEtzMigQDhsxYjJmiegU8eRK

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame ACE9 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=94.277;sz=728x90;u_sd=1;dc_adk=2047333271;ord=6c14lt;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.irctc.co.in%2F$0;xdt=1;crlt=Jbl7gYBZY1;stc=1;chaa=1;sttr=56;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:17:54 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACE9 0
0 77ms
77ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstx-ep2gdtBGXhmAz6OwmPX5erQyiPQOVXrmXB1CDoRAfKqvflbc_N2INIo-WjGI4rGyHZwWK_JdcC11ny2te4EXnC5HuKeGm3hrqP9HhxZiZw2Kcly8eAXn2Knn_SYKPk1hrkC4qPH04DqJxSq_QgH55bGKo4DyIc&sai=AMfl-YS2zKrBAW1LuJCNm-e45V9OxocnG3ERFTDf-c5-QFZm9Uu8DEeyYUp0b2jA1iNqD9oEto4UoCBUsxPdjEBSIuiHYX3XCW6dgaLg6A&sig=Cg0ArKJSzA_BYjgmRBF0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230201.06761&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ACE9 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 16962963768266320094
s0.2mdn.net/simgad/ Frame ACE9 33 KB
33 KB 53ms
53ms Image
image/jpeg 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16962963768266320094

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:53:24 GMT
x-content-type-options: nosniff
age: 325727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34175
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:29:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 17:53:24 GMT

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame ACE9 0
333 B 41ms
40ms Script
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=61061010;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=468077193&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CR6iGcfzcY4uvFYu5-gbThYZooInMx2vy0_KHqBG1nPW0xAEQASDHzqgjYJXCpoKwB6ABkf7RogPIAQmpAg6oy9JgR7I-qAMBqgSEAk_QvvOPaZ9XwezEDpHjvQkeWnEMy99Mo199Pzu_HstxfXoLR0pKSbEEXyea5snsqwqXF55VV4Eg5bCOmZuSQvH98jJcPd1Xf8JkIiSLMf3pNWE6V1Bu61ntfUQ2h7LOLdAMrQG3kj_8sfppZC8n4570uBdFlGoB1O4wqhf7GGCksug6NCZGr-UFErcMWdfhRUXRRTqY_3FeLUk2eGbnjeSNaDavztnUp6AfS3IfmCS41QZJvqFoobvA9HfDhmWsDY2jNbYS2rF56JNviPaLXmlEmxSygdt4GlzC27ZaxRSlXvRC8wqeQVL6BNusMvXjsBKr8VfZpVzdeap1drHa8HAfMTAIwATu1qrw9QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7aMixLQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&sig=AOD64_1Ai8yJ7WZNSZNoJTG2gGI9NqC65Q&client=ca-pub-6685711026657277&dbm_c=AKAmf-AAi4xXVl6iHDDPG8KZ3XXOTXpYW7XX9uia2ZPccHiRVjVU2se9xdeqhg4v5qvohoKlXf_JUeW1m-UVoUBoJGLMp5xZ15ZYNv2YWzE8ixSE6aoJ_l-7n1sLIri10ug7wIJIS-Z56IY5M6nW4Au_Xe7MVelbuNzFPkakB3KoqUPOxwvrHUk&cry=1&dbm_d=AKAmf-D9hUOqoXsSMoFoHC7RxVE79mkN1kfVTeZVGolpGOL4rU7k_at-_omrLsERPP4yp7lQYE5d8NGMqkDi32rtOaQjqilxv8a5GUd1miAkN_smklYfbjszpVR6uQMaKSFlHaTjRefTw1VZIXcDPpAXWYlI5sZB7DD__nokQ8JGVO6Cz4-Q2DO9Rwcl4MqWQEgaDwZPSKtObrcg4C7a4uxOD7cunMAk4Xn5wTxcTkndHiV8040FwsJuoB1d9kE0Z-V8pCzFnSKTkxK4PdROTeJy6vnI9xfXG2WFCDu1JGY_MlIuqAu9HIKhlcn5gdlsWxt0dxn7bbZKmWpG_NkyI-dQa5WgoD2HRnKjzHmDfcyiyb3-U-rSQ7xiumSpbP9XxzD5UY00nxBA77n9D0D2Kg1msyyopvQlwPKjVwOeXWi5mVhhDqmJfwBB8jPHOurmsTVkaOR9LkJVbYd-GY_k1IyJxsfI4b-T8B7le72hDVD3HVcUDRONmNRZ2-Mv2sRSQ3FlmXdBZe-UHj1smzAYYO7TjLuVJCCTt8i4Zk4aUl14XzkKRhYWr_U&adurl=;js=1;adfxid=1x;6158;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.irctc.co.in

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACE9 0
0 76ms
75ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstx-ep2gdtBGXhmAz6OwmPX5erQyiPQOVXrmXB1CDoRAfKqvflbc_N2INIo-WjGI4rGyHZwWK_JdcC11ny2te4EXnC5HuKeGm3hrqP9HhxZiZw2Kcly8eAXn2Knn_SYKPk1hrkC4qPH04DqJxSq_QgH55bGKo4DyIc&sai=AMfl-YS2zKrBAW1LuJCNm-e45V9OxocnG3ERFTDf-c5-QFZm9Uu8DEeyYUp0b2jA1iNqD9oEto4UoCBUsxPdjEBSIuiHYX3XCW6dgaLg6A&sig=Cg0ArKJSzA_BYjgmRBF0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=64&vt=11&dtpt=63&dett=2&cstd=0&cisv=r20230201.06761&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 12:22:11 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BF5B 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 441121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 7C33 0
0

GET
DATA 200
OK truncated
/ Frame 3D8D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2c940f44831a0c963a34d7ba56f369a2446eeb8abe825d1096c1feaa9e1c829

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F421 5 KB
5 KB 175ms
57ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=100&m=0&partner=93397&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F93397%2F230201%2F7c4db63bcfc0473999861e8d8d56e43c_taschen_logo.png&v=3&w=596&s=1k97HPwcqJWNNBnIxtLjWg1E

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

76b999b7e04ef87b733664cbc266bb1b39a1791c9867e721503228fa7c1e4b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31005563
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4878
expires: Sun, 28 Jan 2024 09:01:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 86FB 1 KB
645 B 41ms
41ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:41:55 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:41:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ACE9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 920426acd013aac6792419819d8473796229b532bd1659dd92925af8705e237c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame BF5B 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 86FB 70 B
264 B 57ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFq8IMtaXT3HnI4QtXafOV0&google_cver=1&google_push=Aa02lx9BdABFJUf3a8QEAOor8P8TzscIr54SCgSk6M9nqIDsTr_0b_TwK9B7j_wvtH5qQg6SfqjZF2lsdVjxN1WRuHqgj21byIQ
Requested by: Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE3JXMdQEhGu0dGLHi4opJU&google_cver=1&google_push=Aa02lx8uNQkIc5RigSnfyp9-_mtMixsWmpsUpLb1f8d84VMCHCx2ujMXTQZUWjJ3Uyj32m1gdoJfVYaqiTcEvZ...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8uNQkIc5RigSnfyp9-_mtMixsWmpsUpLb1f8d84VMCHCx2ujMXTQZUWjJ3Uyj32m1gdoJfVYaqiTcEvZluDdnPAnEj8g&google_hm=hmPc_HLM0aqbXbdQ7A&...

170 B
188 B

80ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8uNQkIc5RigSnfyp9-_mtMixsWmpsUpLb1f8d84VMCHCx2ujMXTQZUWjJ3Uyj32m1gdoJfVYaqiTcEvZluDdnPAnEj8g&google_hm=hmPc_HLM0aqbXbdQ7A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63DCFC72CCD1AA9B5DB750ECBLIS

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=Aa02lx8uNQkIc5RigSnfyp9-_mtMixsWmpsUpLb1f8d84VMCHCx2ujMXTQZUWjJ3Uyj32m1gdoJfVYaqiTcEvZluDdnPAnEj8g&google_hm=hmPc_HLM0aqbXbdQ7A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D63DCFC72CCD1AA9B5DB750ECBLIS
date: Fri, 03 Feb 2023 12:22:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP7aGwdLAjVr2XUQTkMwz0U&google_cver=1&google_push=Aa02lx-pGxl371qWiYW-S4Bw6CbfxBMrhbrQ49fuC_Bu70_caipIdMxBj2Fx67wtLkEQda5dT7QstQ6o...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-pGxl371qWiYW-S4Bw6CbfxBMrhbrQ49fuC_Bu70_caipIdMxBj2Fx67wtLkEQda5dT7QstQ...

170 B
188 B

76ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-pGxl371qWiYW-S4Bw6CbfxBMrhbrQ49fuC_Bu70_caipIdMxBj2Fx67wtLkEQda5dT7QstQ6oSaoh8JDo1k3mvWpToO4

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-pGxl371qWiYW-S4Bw6CbfxBMrhbrQ49fuC_Bu70_caipIdMxBj2Fx67wtLkEQda5dT7QstQ6oSaoh8JDo1k3mvWpToO4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP7aGwdLAjVr2XUQTkMwz0U&google_cver=1&google_push=Aa02lx-Nl6Dp2tXoiXYLcsJD5IMbMJDcWKwruBq0XCglGLFSpMjj3ZVy5kTAYR8jd0VpJ0VaCxz0eayW...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-Nl6Dp2tXoiXYLcsJD5IMbMJDcWKwruBq0XCglGLFSpMjj3ZVy5kTAYR8jd0VpJ0VaCxz0ea...

170 B
188 B

75ms
74ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-Nl6Dp2tXoiXYLcsJD5IMbMJDcWKwruBq0XCglGLFSpMjj3ZVy5kTAYR8jd0VpJ0VaCxz0eayWUqE55rE1iYJD48RJu0M

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA1MDcyODAxMTM4NDMwNzMxMQ&google_push=Aa02lx-Nl6Dp2tXoiXYLcsJD5IMbMJDcWKwruBq0XCglGLFSpMjj3ZVy5kTAYR8jd0VpJ0VaCxz0eayWUqE55rE1iYJD48RJu0M
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELJ55THcDyM8HaM9Jm4jrhM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELJ55THcDyM8HaM9Jm4jrhM&google_hm=Y9z8cJnldljRUpGeepHqnwAADREAAAIB&google_nid=index&google_push=Aa02lx9nHpoJAC10DZs3VqYzsIb_-5uPgM0V9...

170 B
188 B

75ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELJ55THcDyM8HaM9Jm4jrhM&google_hm=Y9z8cJnldljRUpGeepHqnwAADREAAAIB&google_nid=index&google_push=Aa02lx9nHpoJAC10DZs3VqYzsIb_-5uPgM0V9O6mVncjRJMVXXXknJd5p1lkMer-C3Z9FBBu1MWr50Q1vTb_BqMtyIDP76DT-XE

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8wg7vc8EevjXeTL7GI98cikqzJ0YvZ9fiCmS9Rzt6CYn05w6R%2FqIJNEvhQZDt65l1phUs10Jfyb6dCKfTDkbiZc0OpNRBPxNl6treffj4EOLLi%2F1o3n7vT0CsaSWicg0ut64DDbN6dNZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELJ55THcDyM8HaM9Jm4jrhM&google_hm=Y9z8cJnldljRUpGeepHqnwAADREAAAIB&google_nid=index&google_push=Aa02lx9nHpoJAC10DZs3VqYzsIb_-5uPgM0V9O6mVncjRJMVXXXknJd5p1lkMer-C3Z9FBBu1MWr50Q1vTb_BqMtyIDP76DT-XE
cache-control: no-cache
cf-ray: 793b21748c6a9042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBU7wXp2aOyo49qNrJW3SvI&google_cver=1&google_push=Aa02lx_0ddnG56mZvC8DXHzDm1eqkI9xp6GAl-mtBDB6icQcqpjmFmYwbnkK1NMDg35HWuBGuD7zohQ9GTEm4Ygb...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_0ddnG56mZvC8DXHzDm1eqkI9xp6GAl-mtBDB6icQcqpjmFmYwbnkK1NMDg35HWuBGuD7zohQ9GTEm4YgbPtvwTyOA53E

170 B
188 B

76ms
75ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_0ddnG56mZvC8DXHzDm1eqkI9xp6GAl-mtBDB6icQcqpjmFmYwbnkK1NMDg35HWuBGuD7zohQ9GTEm4YgbPtvwTyOA53E

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 12:22:11 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_0ddnG56mZvC8DXHzDm1eqkI9xp6GAl-mtBDB6icQcqpjmFmYwbnkK1NMDg35HWuBGuD7zohQ9GTEm4YgbPtvwTyOA53E
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 5-kwnFoFKpDgSHzD6nfLANS121jWXNM3b2Rp8ql8PxjSjNABfDZtxg==

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 86FB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58408/sync?_origin=1&redir=true&google_gid=CAESECHPAIzdc0lghJN8oDRolCs&google_cver=1&google_push=Aa02lx_R0rkv6qKDn9eEczczkJkvMDFtphGLlWVNB9q2V1fZPG7bgUle2t1_8x55...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&axid=y-lMNeETFE2uI.mRf3oZODxjiLqLC8zl4-~A

70 B
264 B

59ms
55ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&axid=y-lMNeETFE2uI.mRf3oZODxjiLqLC8zl4-~A
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&axid=y-lMNeETFE2uI.mRf3oZODxjiLqLC8zl4-~A
date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 86FB 0
12 B 74ms
72ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYVIT8LdREwCc0SCD_em-aUzJYcvKr6FahfseYT_AhBJc4esww-ePJTOFCU2uo18mT0WrsOA

Requested by

Host: d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F421 5 KB
5 KB 53ms
53ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

76b999b7e04ef87b733664cbc266bb1b39a1791c9867e721503228fa7c1e4b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31005562
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4878
expires: Sun, 28 Jan 2024 09:01:34 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3042 0
21 B 75ms
75ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8170127706121&version=m202301230201&ct=132&x=1&cor=1645245059392796000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF5B 0
22 B 78ms
78ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeTADc_zcY8maGrCnx_AP3tSayAcAAAAAOAHgBAI&bg=!Pj2lPXnNAAaq5O5FiuQ7ACkAdvg8WkIP0G29WS3MN7pqru_yjtFqhT0TUepJprPRjXsWV_UFVIxQuwIAAABcUgAAAAJoAQeZAvUMzzCBszufUtGAAxnC4My2Yk7BuaMW56YJN18vBZTz_ysNnYwuPM8ncPODxmeVvBL6llpi7QOwQRnA9GrStGPaAkz9V-I--MSzfTTUzKQe3DKumcRu2lSBwPqF4P3IKnyZfjQUBkI39tOOHZj8kl8aSu82cMSd5bb7Ad0Lhb_bNWpKl1TL-fq9HizfZdGTNnG0FloGEVHACdsuSXIFSwI49yeDyJzq7viyXVoPHKoMYw4VuLMPhYCNVEzdaJaMcHw8GYeioCerGF15ijCxfCMZwqGARcahNVWK9i3HJvM5h31snhMO3B2cFm47uRsVfKFOba9eQNTGx24oSnLniMlu26ceJlHCoBcPDpF-kUNUxdc1YW3O9KcM_8DHCCQfi8HUFMUaj0acaxGOfjx2X2pm-aDO5FuD9gNGOOwpxlzQO8Kc1CDARP_fpoJq_tKNqrTOFr2WYsj49b6C7cW6O4jt4imHYtHzyVBBdEnJGWYTZL9-bWaXPw94-QaSmg6fIK0f-qvq60KaqnCj-PYHigB3WXhGVZtHKqVb2TBtVoMdDLELSLc9L5Oq7AKG3-U4iCa0rLJTNyxpfifTdKAWPv0JJhs9XSxdnlN3Vp5DZ2SxyJeCrTTe0ckrMh3_4Q4oT61WmDg9zkoFhbCRhposVm716X-ALXCM5RUbe5ciSbUsIWdJtW01t6-FYQfnOo1NvT8uYMjJd1zKxKXgzXHIPNr2OIG2YuRc6PBzOZIoBm58GUJYJD5e5o7rBQgSBytwlKxsZSQVlyXaVxfA445N9zsywbD_bEslB_DrYn1x-ERFjaTRID25wWLRCKrTNbh61BSQgKXiBL03LQNYBSQvduKmnM83UlzZuXgg_Juf8spGNhMrdtGZNHUL-tdGkMoUihyAskOJZk1IOK5seJzgdL8o5liNSy1-qFyi9hHRGsGtW08q1HmFnCGVVFkc33IaCbyFoRJaF9kooNiGsLiIaaufKXuK6izDsoPWNnRalX26Pb0VWHOf

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C08 0
22 B 73ms
73ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4414613799926&version=m202301230201&ct=77&x=1&cor=14022020427558167000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0C08 42 B
64 B 85ms
85ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZXL3cEnIwWOzCSTlL5y3O6ua_UhxMY-sF6UT-fV0fRWyalgc-oK4Q4UbGEUbuq17ksPUlv_33Wp-toXSjvt4p6UYsFdRwtul4-9LQQv84Y2URNfpKA3xx9w9Rkd9EGemF1hSyPg&sai=AMfl-YQFb3n4eDtmuGIMzlooZFwW2dT2i2PXgGuf8IBG917wUbSK0k4gC9vCr-1pZmbSGc_HAeVa2ZGc6TEpcafSTrMDW6AqzmOB6LsnrOa-Z4Vd0L00zzCx8XCHJPW-&sig=Cg0ArKJSzDJ60ac00kk9EAE&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&id=lidar2&mcvt=1007&p=950,323,1204,1293&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=338379312&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675426929768&rpt=1741&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACE9 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-eLrtzB1zIfM-SeqOY64XF-358jxmeBac2xucFk4e1jbss-5G6I-S3xaRXafR_XY7lcL-L8B-d_YWzAXvzOn8QrJy1llR&sig=Cg0ArKJSzMpcv2rORtJoEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2047333271&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675426929757&rpt=1858&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACE9 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwjnmjMxAxWNCr4nIxxpt4tmzY9eul0wDT3z4l6GJjBN0hSRz6kok1Hzi1s0x5KqSFqJq35FunlFAw71ouLgO-SMkelczMu76LWF5WT5QwvtEYkv1Mfp6qRzgD4RUgX65_GH8fNg&sai=AMfl-YSyJpytu8qgD2ju-8-FxwjE9sfk2qUR4El36KlmWVvnPxem09A336sFHhcE123suFfZ_wptSWvAndfpy95acKMkjVhuhipRVVD06rxwFJR5bsFAACdcwVBk7Zw4&sig=Cg0ArKJSzE0LjaGJkfMMEAE&cid=CAQSPADUE5ymP6oJoacktfqJW_ZU8vzUNNx4bqIoZ8v1aPfWju99KyfAmWa-eL_4QO-pZTFG2K7pEfudOxErNxgB&id=lidar2&mcvt=1005&p=781,444,875,1172&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3209336432&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675426929757&rpt=1855&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D8D 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstp301p6jJn4-_puwCjLquRMv4ROVZ6Nl8xr6DlDyivKOysp0XHqZR6996F23qPiW_wxOXsLjC3RTjA9oBB3XEvVA0&sig=Cg0ArKJSzO1L3jNUSlDmEAE&cid=CAASF-Rou39kYe1IkupIcHb29Bd8-chynCiN&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=1033719140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675426929656&rpt=202&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F421 0
127 B 49ms
49ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 12:22:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACE9 0
22 B 74ms
73ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5979607842939&version=m202301230201&ct=77&x=1&cor=18239050664558463000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 12:22:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 92ms
92ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020201&st=env

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af806893d618363ced6eba7b51aecd5fcb5e455541f4dae3939bb9036d3a2f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11188
x-xss-protection: 0

GET
H/1.1 200
OK eyJrZXkiOiJiODRlZGIzNjg2M2U5MjNhZTNlYmRmNmJhMmQ3YTdmNyIsImN1YmVCb3hJZCI6Im5scEN1YmVCb3gyMDBYMjAwIiwiY3ViZVdpZHRoIjoyMDAsImN1YmVIZWlnaHQiOjIwMH0= Show response
cube.nlpcaptcha.in/index.php/cubes/getCubeBox/ 347 B
1 KB 320ms
150ms Script
application/javascript 65.21.246.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cube.nlpcaptcha.in/index.php/cubes/getCubeBox/eyJrZXkiOiJiODRlZGIzNjg2M2U5MjNhZTNlYmRmNmJhMmQ3YTdmNyIsImN1YmVCb3hJZCI6Im5scEN1YmVCb3gyMDBYMjAwIiwiY3ViZVdpZHRoIjoyMDAsImN1YmVIZWlnaHQiOjIwMH0=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

65.21.246.46 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.46.246.21.65.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4303321f7c206c70dc06d4ce85a7401fa90c738b679daf94a864dd06722fca34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 12:22:13 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Connection: keep-alive
Content-Length: 347
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"15b-Q4qXljqAwA4g3CD7Toj5G9fsZnk"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-Download-Options: noopen

GET
H2 200 cross.png
cdn.nlpcaptcha.in/cdn_images/cubebox/ 5 KB
6 KB 49ms
48ms Image
image/png 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlpcaptcha.in/cdn_images/cubebox/cross.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 5767ea37cc6e0f007949ede91dbcc11f56460cbf2bdd4cd488d8a1f2904c56d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
cdn-edgestorageid: 1075
cdn-cachedat: 01/31/2023 10:47:24
cdn-pullzone: 87331
content-length: 5287
last-modified: Tue, 26 Apr 2022 05:49:03 GMT
server: BunnyCDN-DE1-722
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "626787cf-14a7"
content-type: image/png
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: b8266538cdb5c75196c467237f2ca194
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 drag.png
cdn.nlpcaptcha.in/cdn_images/cubebox/ 5 KB
5 KB 49ms
48ms Image
image/png 185.59.220.199
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlpcaptcha.in/cdn_images/cubebox/drag.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-199.bunnyinfra.net
Software: BunnyCDN-DE1-722 /
Resource Hash: 65d6673b64cd70f41775af32a63a74d40bfaf3b9946575cc5ee4d1cadba12efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 01/05/2023 13:19:31
cdn-pullzone: 87331
content-length: 5192
last-modified: Tue, 26 Apr 2022 05:49:03 GMT
server: BunnyCDN-DE1-722
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "626787cf-1448"
content-type: image/png
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: 0ca47b1f7c7849bb9d1efaa3dbe62b40
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 145ms
145ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 12:22:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA7C 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 186509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 08:33:44 GMT
expires: Thu, 01 Feb 2024 08:33:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4C2F 783 B
534 B 51ms
50ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48260b1c2440feb07c193d0794dba8f9198fc1a9f349820ac1c067f0df280cc2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0G0wMMddrtU1kECa7Sl5Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-0G0wMMddrtU1kECa7Sl5Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 12:22:13 GMT
expires: Fri, 03 Feb 2023 12:22:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4C2F 0
0 76ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020201&jk=4440361744764487&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame CA7C 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 11:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 11:45:50 GMT

GET
H2 200 index.html Show response
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/ Frame A9DB 3 KB
1 KB 153ms
39ms Document
text/html 2400:52e0:1e00::1075:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1075:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1075 /
Resource Hash: 7ca4630d850597a3460cfe35ee6df2f97aae1271ffe737465eeac11505b449d5

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 01/05/2023 13:19:49
cdn-edgestorageid: 1082
cdn-proxyver: 1.03
cdn-pullzone: 753745
cdn-requestcountrycode: DE
cdn-requestid: f442299a7c729ca1dd1a995563e2ecc2
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
content-encoding: br
content-type: text/html
date: Fri, 03 Feb 2023 12:22:13 GMT
etag: W/"63773bce-c67"
last-modified: Fri, 18 Nov 2022 08:01:18 GMT
server: BunnyCDN-DE1-1075
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CA7C 0
11 B 54ms
54ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eulCKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1_fly.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame A9DB 54 KB
54 KB 62ms
56ms Image
image/jpeg 2400:52e0:1e00::1075:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/1_fly.jpg
Requested by: Host: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1075:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1075 /
Resource Hash: 76eabc96435859ae7042324511237080bc1926fe0206e65486fdcef2a97d8e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
cdn-edgestorageid: 1053
cdn-cachedat: 02/01/2023 13:55:16
cdn-pullzone: 753745
content-length: 55235
last-modified: Fri, 18 Nov 2022 08:01:18 GMT
server: BunnyCDN-DE1-1075
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63773bce-d7c3"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: 81397b5c9c3ea2d95f2207aed59664d1
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2_hotel.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame A9DB 52 KB
52 KB 125ms
119ms Image
image/jpeg 2400:52e0:1e00::1075:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/2_hotel.jpg
Requested by: Host: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1075:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1075 /
Resource Hash: e0e5e2711c41975976b74d241e2dc7e4cd862e47daa4b88ff6235631db7613e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
cdn-edgestorageid: 722
cdn-cachedat: 12/03/2022 13:25:07
cdn-pullzone: 753745
content-length: 53178
last-modified: Fri, 18 Nov 2022 08:01:18 GMT
server: BunnyCDN-DE1-1075
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63773bce-cfba"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: 030c6e628e07bfd1688fedec0ee24e78
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 3_bus.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame A9DB 60 KB
60 KB 124ms
118ms Image
image/jpeg 2400:52e0:1e00::1075:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/3_bus.jpg
Requested by: Host: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1075:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1075 /
Resource Hash: 4f7e00b0df983ece0933bd48bc5f477ad37da6e4aacae07223da044f8c96521d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
cdn-edgestorageid: 865
cdn-cachedat: 12/03/2022 13:25:07
cdn-pullzone: 753745
content-length: 61190
last-modified: Fri, 18 Nov 2022 08:01:18 GMT
server: BunnyCDN-DE1-1075
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63773bce-ef06"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: c3e793a71e1d7e44b3035ec88ba3d9bd
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4_glance.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame A9DB 60 KB
60 KB 124ms
119ms Image
image/jpeg 2400:52e0:1e00::1075:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/4_glance.jpg
Requested by: Host: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1075:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1075 /
Resource Hash: 35c3dabc326eceba576444a373cdc4fd8168204f7993a6b8a5581f8936768f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:22:13 GMT
cdn-edgestorageid: 755
cdn-cachedat: 12/03/2022 13:25:07
cdn-pullzone: 753745
content-length: 61145
last-modified: Fri, 18 Nov 2022 08:01:18 GMT
server: BunnyCDN-DE1-1075
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63773bce-eed9"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: 7e152b68229007bbe7ebad6a1e471615
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020201&jk=4440361744764487&bg=!oaKloubNAAaq5O5FiuQ7ACkAdvg8Wu4-OvdwICgNNGxmwYRzlRWCtMPsvU6MeAdyWa0JjRO66SGkTwIAAABOUgAAAARoAQcKAHwf7iKyo_gOsuFhNWsSgK6HKzjlZbO3Ax-5LYclaF3k3Q1Ac063jHDEBb4oRb3QMlLafZjV3BwgZzeTvERd0s2dcEVItXFxSNlVGbZgIJYeIERdtWIYpBJ40rQwaNRUONqoOh8gwRLrN-4lBc_SvGmR-yStxsK71mBNxSoCmQKaRPn6UDBZ1bNHioBLjdfbcxWa0FT2W2vIYwgW6FYQgo8bTeDn79AuLJsPDPJ8jQCSXnMP_qp8nhQtQGfchqdUvxMoZDTlXRD-sYiHPDGG1eSbPcU3DJBgRGiOATTIu6BRwk0PYrP6SRYFDG1nKxTen3Cqcz3LKeKYsvL5gPKEg8l5_kfj9Fll3aE641O5etEfn2zGMK70He9M39iyG4pLzZurS2gTWqukzTrhHTI1GNFkySMm5fD2tWyk77ue8qAL_W-gbmlNhJsPpVTtQZrRVgAcKeTsX0rk6pHgzKsr7fMdOQmw-P6bSlBI3gbp-nTbzoH2aUg3Sb14LS_J27HAt2Wk1usNPWjCGI-LyDQmBeCcw3cCYYcyJWGjoyAozJPQt3PZ4pTRzXNUCUIRKmaYixLgZmNV3RHHkgqB1lK1aU6JpxbwifN-b8lSQFRy2XCAlkOBlj-10eK5aRuAer386kJN7XudOuVe4YcFZ2gglR4oNcoTsboYUFuAJeze0oI9yhaQQwH69UlEQ1ZiICTXxqoePedwHvMvPKeDYHQPKb6v3Tzwz4g1qc36aAFSL0QIoLd9GF1ncSAVaUuaZ_qzGM8U3KVBa3VMBC1nc_B5QtocncWLp1HDITRk_FnLyA7XKIghiRbmNAyIpG96wPPonO7bXBjNDoEOiDCze-EvT5RSCgUyUqHgvbVrnw8v8N3rBNjldYoJrF_ZsY1ixDTDELxH88lNHjY-dBP23kZ2-vLypXjkLHemFE9XpYG3eotbcWcy5NO-LO3A4mcOMT9HBzyKvDgmgk-Zs7X99YuLcLC1_ZpIWGC0vQtlkvuXn6I1l63f7N_JUnkUyWCo6JoteHjXNHfgA0Yh1qfNrw_1DuyZ-ph6HbE0ardp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame F421 0
127 B 50ms
49ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 12:22:17 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.irctc.co.in
URL: https://www.irctc.co.in/eticketing/StationLinguisticNames?hl=en_hi

Domain: assistant.corover.mobi
URL: https://assistant.corover.mobi/320x50_placeholder.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD1sZ9xgvz5lGrcrluv-LcJAgDHQtumjO7IrfUPtcgy22mCrNSi3LyPPXsFvZBJeJejovgE_GzXHrfTRgm39sYS1_a5CV8gETASMrlZjHKw_5DYbGsS1nqeF51bED_GXmyTwuCCQ&sai=AMfl-YQtN7kiEpJ_TEEDnfYzHTZu8m2QiBKED1Z7Ted8QUPFQaznOHGdBPh34_qMWDjoqINFK9u50Gq6LQWhhQwm7r96lDozXV8VrZo&sig=Cg0ArKJSzP2lvvVkvEv-EAE&cid=CAQSKQDUE5ym-nyqPbWzxDZmAs_cKwTX7i82sBaXNBU1apfjGsvKqpY1gmtsGAE&id=lidartos&mcvt=2931&p=0,0,50,320&mtos=2931,2931,2931,2931,2931&tos=2931,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3049664599&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=b&rst=1675426928325&rpt=401&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Verdicts & Comments Add Verdict or Comment

300 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.izooto.com/	1970-01-20 18:59:46	Name: IZCID Value: 93da9fc6-1a99-4106-9dd1-e3ff77c59b13
.irctc.co.in/	1970-01-20 18:59:46	Name: _ga Value: GA1.3.1903162748.1675426923
.irctc.co.in/	1970-01-20 09:25:13	Name: _gid Value: GA1.3.1561190370.1675426923
.irctc.co.in/	1970-01-20 18:09:22	Name: FCNEC Value: %5B%5B%22AKsRol8QcC0Xnmk0NhJwWsT3xnd3vhTt8VBUTOQYT6CoX2X-sq1Akk4lkbLG15axk4tHG7VDsOlwK4qWotnV6d1JeUFmyv3BoZ68UKZ6gyBf5HDIvhln3ENN61feMWI9kMl81XSiEk82lwL94nKOfKALDczcL5BYWQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.irctc.co.in/	1970-01-20 18:45:22	Name: __gpi Value: UID=00000bae52377736:T=1675426926:RT=1675426926:S=ALNI_Ma8lgg4TV63m6OtJkQqirwjukwl2g
.irctc.co.in/	1970-01-20 09:23:46	Name: _gat_gtag_UA_122267849_1 Value: 1
www.irctc.co.in/	1969-12-31 23:59:59	Name: JSESSIONID Value: WkAXOhNWlDjNQ9JRt1riyp7kgO0qdbgdf9qz2DKOUK162ZdwPvgi!588467518
www.irctc.co.in/	1969-12-31 23:59:59	Name: et_appVIP1 Value: 688016906.17183.0000
.contents.irctc.co.in/	1969-12-31 23:59:59	Name: TS01016c05 Value: 01d83d9ce73615b712ca2aef90cbf5e427ea6313ec94cb48922a3decbea2767c405e89ccba7fb43ba6f768ce04c9f2f598212d6c35
.doubleclick.net/	1970-01-20 18:45:22	Name: IDE Value: AHWqTUkXNwJvPzT0AootGnmmTXjoSbY-0FiE6oLl1OCSpP6dJcuX_X83T6xCYYa05tQ
.adnxs.com/	1970-01-20 11:33:22	Name: uuid2 Value: 8752852944284367708
.casalemedia.com/	1970-01-20 18:09:22	Name: CMID Value: Y9z8cJnldljRUpGeepHqnwAA
.casalemedia.com/	1970-01-20 11:33:22	Name: CMPS Value: 3345
.casalemedia.com/	1970-01-20 11:33:22	Name: CMPRO Value: 3345
.yahoo.com/	1970-01-20 18:09:44	Name: A3 Value: d=AQABBHD83GMCEErunZrgQJudx91UlEPJyt4FEgEBAQFN3mPmYwAAAAAA_eMAAA&S=AQAAAvY0ue3ITzwVYHyx8lWBVWo
.pubmatic.com/	1970-01-20 09:25:13	Name: KTPCACOOKIE Value: YES
.1rx.io/	1970-01-20 18:09:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-772f89c3-cf9b-4740-b199-695c8c07da31-003%22%7D
.pubmatic.com/	1970-01-20 18:09:22	Name: KADUSERCOOKIE Value: 92AF2CF4-8944-4FED-A206-20638F6A77D9
.targeting.unrulymedia.com/	1970-01-20 18:09:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-772f89c3-cf9b-4740-b199-695c8c07da31-003%22%7D
.turn.com/	1970-01-20 13:42:58	Name: uid Value: 7675407501743327458
.tribalfusion.com/	1970-01-20 11:33:22	Name: ANON_ID Value: apntmIRkP6j6eCno77EhMFPZaregureEWcGZaa4jDo9rCufZa4sq99tYZdtm0Ao6Lw3mC78E37sQMl2r1m5lbGwkmdqZd
.3lift.com/	1970-01-20 11:33:22	Name: tluid Value: 431202233243971706860
.w55c.net/	1970-01-20 18:51:08	Name: wfivefivec Value: H7R11Tbq1PnV4Z5
.w55c.net/	1970-01-20 10:06:58	Name: matchgoogle Value: 5
.irctc.co.in/	1970-01-20 18:45:22	Name: __gads Value: ID=fec18452125133ec-2294c1f98bdb00c3:T=1675426926:S=ALNI_MYYIAO5RnNoPIsG7zrQZiJU3_SGxQ
.adform.net/	1970-01-20 10:04:06	Name: C Value: 1
.criteo.com/	1970-01-20 18:45:22	Name: uid Value: 269e90b3-ccc0-4daa-83c1-f132b4af9e54
.openx.net/	1970-01-20 18:09:22	Name: i Value: cb273a47-e973-4f47-9ee4-a2266fbaa57d\|1675426930
.adnxs.com/	1970-01-20 11:33:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1o:FwL!]tb?8i_iqf!oN/@E'zz<Z0QuK4CZCq+h8[:9by`1OLUtWYPZ`uosf8@iH)TD._PlZ[C[-kX-R5'7Z
m.exactag.com/	1970-01-20 11:33:22	Name: exactag_new_gk Value: a697b6851e064538a8ee4a15662cd197%7c04.04.2023+12%3a22%3a09
m.exactag.com/	1970-01-20 13:42:58	Name: exactag_new_uk Value: 95690a3b05064ade88a150c82e11d510%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: ec501fdeb23d4f3b9c5a3ad7
.bidswitch.net/	1970-01-20 18:09:22	Name: tuuid Value: 23976006-fc59-4924-8e4c-49e6204a04ae
.bidswitch.net/	1970-01-20 18:09:22	Name: c Value: 1675426930
.bidswitch.net/	1970-01-20 18:09:22	Name: tuuid_lu Value: 1675426930
.lijit.com/	1970-01-20 18:09:22	Name: ljt_reader Value: GGEGCGZHPSKvthzgSMC5oy9H
.irctc.co.in/	1970-01-20 18:45:22	Name: cto_bundle Value: EvUdVF9rWHFXYzRLRXBGcksyOVVqTFlVNlpUajFJVVJIWktqTHh6T2RXSVIlMkJxSEVDY1VHdm01SlJSb0k3UmV1QlA4Rk92MndqSllJQWRFQVFKZ3kwTU9BOWE5WjNxRzljVjFMenVmQzVGazBldk1tVE5CQnc4NmE4TndYUUt2VkF1U2xYeTdURyUyQk5RNFZkRHQ0TUFoRUFndGhRJTNEJTNE
.quantserve.com/	1970-01-20 11:33:22	Name: d Value: ECoBCQGaKIEA
.quantserve.com/	1970-01-20 18:54:01	Name: mc Value: 63dcfc72-9183e-d6348-407d8
.zemanta.com/	1970-01-20 18:09:22	Name: zuid Value: ulZMzPzxv4EeSWZoqMQh
.blismedia.com/	1970-01-20 18:09:26	Name: b Value: 63DCFC72CCD1AA9B5DB750ECBLIS
.de17a.com/	1970-01-20 18:02:10	Name: guid Value: 1.424538047759316992
.everesttech.net/	1970-01-20 18:09:22	Name: everest_g_v2 Value: g_surferid~Y9z8cgAES79-kgAh
.rfihub.com/	1970-01-20 18:45:22	Name: rud Value: H4sIAAAAAAAA_-MSNrM0MTY2MTOzMLQwM7Q0MzMyMhXiM9Q10zXNC_fPzbPM8_IDACUbQJ4lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrM0MTY2MTOzMLQwM7Q0MzMyMhXiM9Q10zXNC_fPzbPM8_IDACUbQJ4lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dY3IripLtPBPzDXyyEsySjEMMPN2sQAA2HcaXB4AAAA
.rfihub.com/	1970-01-20 18:45:22	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dY3IripLtPBPzDXyyEsySjEMMPN2sQjiNTQzNzUxMrM0NjQ0N33FiMI3AwBXPPKSPQAAAA
.adform.net/	1970-01-20 10:50:10	Name: uid Value: 4050728011384307311
.simpli.fi/	1970-01-20 18:10:49	Name: suid Value: 0D2255BAB0224085B11809B27DE8B52E
.analytics.yahoo.com/	1970-01-20 18:09:22	Name: IDSYNC Value: "18yx~29sc:192g~29sc"
.nlpcaptcha.in/	1970-01-20 12:09:22	Name: nlpcaptchasessid Value: nlpcaptcha9cb6cdcd7fe641e7377bd0652d18e6d5

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.irctc.co.in/nget/train-search Message: Mixed Content: The page at 'https://www.irctc.co.in/nget/train-search' was loaded over HTTPS, but requested an insecure element 'http://contents.irctc.co.in/en/Web_alerts_700x90.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=469624005&rnd=1675426929350092' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v94.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17041403958&extPm=17041403958&extCr=468077193&rnd=1675426929350091' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

775d569a60906e99e6857f12c3167190.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.unibots.in
assistant.corover.mobi
b1sync.zemanta.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.besafe.global
cdn.doubleverify.com
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.nlpcaptcha.in
cdn.prod.uidapi.com
cdn.truenotify.co.in
cdn.unibotscdn.com
cm.g.doubleclick.net
cms.quantserve.com
contents.irctc.co.in
csm.eu.criteo.net
cube.nlpcaptcha.in
cubecdn.nlpcaptcha.in
d187e832230674bf4621eea3bd60b109.safeframe.googlesyndication.com
d5p.de17a.com
dclk-match.dotomi.com
dishav3.ap-south-1.linodeobjects.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eticket.ap-south-1.linodeobjects.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
irctc.co.in
m.exactag.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.fr.eu.criteo.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
sdk.irctc.corover.ai
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
uiresource.ap-south-1.linodeobjects.com
uiresource.blob.core.windows.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.irctc.co.in
x.bidswitch.net
assistant.corover.mobi
pagead2.googlesyndication.com
www.irctc.co.in
103.252.142.19
103.252.142.22
103.252.142.27
104.111.217.42
104.18.33.19
13.235.143.202
13.32.27.3
141.95.98.65
142.250.180.226
142.250.180.230
142.250.185.66
15.197.193.217
151.101.130.49
178.250.0.160
178.250.2.146
18.156.0.31
18.184.182.132
185.59.220.199
185.64.190.78
185.80.39.216
185.89.211.116
193.0.160.128
20.150.114.33
209.191.163.208
213.155.156.165
213.19.147.45
213.202.235.10
2400:52e0:1e00::1075:1
2400:52e0:1e00::723:1
2400:8901::f03c:92ff:fe35:5c07
2400:8901::f03c:92ff:fe35:5c7e
2400:8901::f03c:92ff:fe35:a93f
2600:1f18:1aca:4281:63d2:3f57:3ae1:e59d
2600:9000:2057:1200:8:455e:4a00:93a1
2600:9000:2057:e000:a:e047:752:5701
2600:9000:211e:4e00:1b:5138:8a40:93a1
2600:9000:214f:1e00:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700::6812:1375
2606:4700::6812:19ad
2606:4700::6812:bcf
2606:4700::6812:d941
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a00:1450:400d:803::2001
2a00:1450:400d:804::2008
2a00:1450:400d:808::2006
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::2
2a02:2638::21
2a02:2638::b
2a02:2638::c
2a02:26f0:6c00::210:ba11
2a02:fa8:8806:20::2010
2a04:4e42::485
2a05:d018:d29:3605:6b2a:5cae:833b:4670
3.67.159.22
34.102.146.192
34.120.107.143
34.149.12.213
34.91.62.186
34.96.105.8
35.227.252.103
35.244.159.8
37.157.3.20
37.157.3.28
37.157.6.235
45.79.126.27
46.228.164.11
51.89.9.253
54.217.61.24
64.74.236.223
65.21.246.46
76.223.111.18
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0249990b2729bc3064b6ab3ca227955708e9599ff362008931c7d73b9eccee4c
0313c42048efbbd0b5ea187ac6bb5f9f6fb8a99776b3cb981c346243b8e0e978
06a7502e1de32067b728f917bda871dccd54e6e205b74f2c195f38392d04252d
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09abcd93a612c0eff446b57176ab9520a6826bf88fadbae6c10093b389ce51cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
11ebf641b813e8a0a052556192651e12b650e6386f8a252b46843c8bd20e9a84
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1515d1510afa03ddf92abd325d92ac50ff2cdeb4a7a490e82f01ec756cb433ef
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
172d69ea24f81ead966ddd005f1868a2d0c34748229f85265e8c48e61c25f1e8
18b2f5f468e077f4b6a2e3d2a9244a7cd60913c5504b587159a00ca5d7bcdd62
1a435e38d1ebd36e06475ba4851e212bc3e800007ac9e1d874dedf10691134b6
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e20f2ccf8d883a67b3418bccdddfad8297d8b380db80dfdd2e8a249b8fcd6f2
1e7040c451bdb461c17703133d2540606f274f0e733dd80ee72c9db6d54be8fa
20d2c344668f4a9594515514b06745584cfe640663596ca188b9bd296b912363
262963e8e03e2668c715978d71b6c65cc44688477bc24ed857049cc816494472
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
29395c5352fa16a6e5db9b6db042b016b4703c3f13c2ac2e50daf2fcbe80917a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2d83b2e0e18e725022509374fe2accb0f9d653e68ca8106093f0844097e09f80
2d8a9d9440779033ef22fda8f3e83636de66dae6fb36720c3c9a077bc4e19a25
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3052919fe7a3f7192c6b86f9dacf0fcd2d558403fbd516774ec5938a52e79acf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33637f6b6a3662f9c036a67e1d0fd93836de662694bfe8b32d60acb164a752ff
35c3dabc326eceba576444a373cdc4fd8168204f7993a6b8a5581f8936768f90
38a9402c194c04c8938d549d6f8c2bec5f4b67a105d9443bb0a928795898b937
38fa9ef0a9b1bfed89c84a815e2f827a690dd92cbdcda7a4f74f2020ccd9d7f3
39a8443412f881d4a9c80031acf9acc36195956908203dd6671e47f91cf64e17
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
39ee5508aa4a59ddc7898282960c7b114b61dbf8e2754db3fcf8657ff5586f1f
3d02bdbb642f06ff5a55fa2c7600fb654413048f911aeffa6d5fe729af8cb833
3f37eb0856b2e98ed1bd7967c16fd34882e3a399ffd2d0d4b15b8c37c25e39cc
3fbb064d01b24448eaed943710487f7cf539bd2f56d8650d96fd110121e892f6
41b7af74bd7f547d790e7842d575f99e18d0933971ece4160ad262103a030193
4303321f7c206c70dc06d4ce85a7401fa90c738b679daf94a864dd06722fca34
43065e1a04c96cf817e244a58f9efb5222e24d40714a6003274a43df40bbb0a3
44acb0e3beaf912bc3a2f20095391d10757fa7de79ca67489584bcdb9004d2e9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48260b1c2440feb07c193d0794dba8f9198fc1a9f349820ac1c067f0df280cc2
485dee28b836ceffebb2603513be31de136e0ab4f06eaa07192c9599ccbebb0d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf
4983ef1951e326ec6d5e0210c3f2b0eb0a6de637731e2479d227c0a6ddbaa8ad
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c38c1305457e7dc04054c965de0d9b61fdd4539701260a567a52b26a5f0c37d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc56c750713f32eca2279a7c5f231687bad8a0e061163190467c8b233f48075
4dd1288750cf3933460719bd57bee4f9ee47b77be8e067d60c78adb1ad144d3a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e332dddbbf42315e57389a1acceeba09e8e557301137fa7c17084463d90ee10
4f410f1c19a8457ade7e6df8f46efed9788301d7beda6e0d49d6ccbc2d4fcc19
4f7e00b0df983ece0933bd48bc5f477ad37da6e4aacae07223da044f8c96521d
4fbda464b0ab362bf4a8767ef18fcce104801dc20ea391eb390dff26bc5b5287
500708ff8ecf24f8d44c4e16df98b8b93ad5035b51f2b9d956866013aac28cbf
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505abc1690dd417f3d28d544d6b2dd170786c05922f17b409c758fa95376e3c7
519538ad530d1ba2e60c8a3a9c864663edd0c1adfb729925c8e665d71c9af6b2
519d5bd967e0830146e37151a545865f3d8ce232d3586b5f65e7bed8baefb871
51d089cdaf0c968c94b80671489d22b6f79b1c57de80df880b008e9b37b49788
5227153a9de496caa2ec6bda8b7daff8e4fdc7d4f309121b094f939a6289da43
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5767ea37cc6e0f007949ede91dbcc11f56460cbf2bdd4cd488d8a1f2904c56d3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ba5e420bc8592ac1d1c281ecf90ad92c17f023e96c8a2bd9e12d072cb75cdce
5ba9ef08595cb26c76134a6107931f89a2aad68fcec3c271dd8b4fbc8a7626ea
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb2bf4429b408e5f51945a23e3cd8fea4b311b4665a9ec65dab6b196d25233f
5ce8bf6ae4d027eba517d00945ea878f377dd31272849fd33d553dffad1f7d04
5ed8e43c88fcddea19fc1ca953fa736916195f311463ed76b23bcf0a6254f1e5
617c7d38ce3d2eb6e227e61cdf0cee6229608648fb285914091f66bb4f62cd3c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6285f58db924feee38e212f8b9a8713839faeec9f6ebff15dc31a1a028605b1d
628894604d36be4c70d51be1ec3fdedc0a71b530c0693d019155151bb7804667
65d6673b64cd70f41775af32a63a74d40bfaf3b9946575cc5ee4d1cadba12efb
66287d6e66f6823abe9c9ee9eaaf6355936571e002236a9cc75aeacc5eb86c4a
675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d
68a1eb809781154c2c6dd9ef157e3ffa54c45afade2bb70edd006707d28c3a7c
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6ba58c0f73f9506cad74852841c992c4e2fe59b17fa58eab734b5054ecf012e0
6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab
6ef7499de0575f5086e5ca02ec239a254883d0c7f584e6a15ca0a84f7101c9f4
6f01be0c587e61b2a221d2b0bc090338c0fe9c76e4616bf71a5b2bb347674277
6ffd4a691acac9fe2f5aaaef66d17fb06d64e86912e8de5bd8a9417ec20b295d
7025f43d0231075a3e02a90f54dfc695bf33a6ce9011be0df4067c5a13621fbf
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73d6d939b9d2cc8266e8269372f620c4be69b824ad356919d3c7e527d072d4e2
74d955fc1fabc21de7667611927dae6d60804e5696684359564d897970095203
76b999b7e04ef87b733664cbc266bb1b39a1791c9867e721503228fa7c1e4b0d
76eabc96435859ae7042324511237080bc1926fe0206e65486fdcef2a97d8e4a
78d9081193cf8f72b27ae0cb9adffdee4f04e48b847ac3b3a48cc532636ad8d3
798ddfc68ce50b0c89a0d358621cd3b3f419ccb147535c3058af8c3e206390f3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c9c191c8c75809dee52db9025eb10d5bccbf2821f1fab385fbb4bf3b20ff37
7ca4630d850597a3460cfe35ee6df2f97aae1271ffe737465eeac11505b449d5
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
7fa80c1d5b9c1b4564d2129120f1fa9d6610b9c88207d7bc2ab2ff2883581746
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8600726486c2065e1f5c13a5f7fdeaff05ac6098bb5c6d9726e5f93f1e7ae345
8830352e98600fe962b1e37f9ef58d533cd5ef339bfc7e218411015e101f5b48
88d6097c7ba2f13047bedd278df6f7a530352beb534af2f3d94cd712f0711eb9
8d37ba57f34de55fa31f52bc2bfbd915dc265fd6008d16a03702bce45b11d8a5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df7917d888f65126838fe69f79047a8cd0d2ea6a029e44fe8837df058b79776
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
920426acd013aac6792419819d8473796229b532bd1659dd92925af8705e237c
920f493395c0d487b0d7e0052781a1c2f10c2ccc7d2adb75292345eaa14a8664
94499175047491038f44a62b1d7a658ccee12d833c405e980b8fe2621464431e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b048c6923acbaead832cbf4da52658759e4a503436a3b7aca36eb647e0749c3
9b4a1e3c947129ed44d27ce5c0ebdee25212381d1172fdb4f517bc9c58bafacb
9c5f5d2804c7ba37ec98d7e95c73a672054da843f63ee70c8fd74675a8203f3a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09313dd1f2240830483ad2c58a565f548c551d6fe29a83347085f7b61b2eb17
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c940f44831a0c963a34d7ba56f369a2446eeb8abe825d1096c1feaa9e1c829
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51b849270fefbfd714cc4b625cb0f91b29025cbf33fb3da985a3bde40894ccc
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5945f222d89a08973a9cdde19cfdbabbc56e8b72541be990732f00fa421f274
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9e20482afe6a502626ff3aff01c3c325c6bfb63ea2336781596d78742f07814
a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9
ade9dff20302eb2ca425ad1f043d84d53cf3ca20d645a37a6331a58552264274
ae7ded872a4a073138224de64d20e56f070b847124a2043e5e0022b38132f01e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0adad8f6b3ec873225cd59fd77f30da7beedd545e417bb6ca245095b0a8ff8
af35cff9e5c54ebfb078d8f6c3f1220e8cd98f34e4dfecbfa1e9b8da15037cf9
af806893d618363ced6eba7b51aecd5fcb5e455541f4dae3939bb9036d3a2f59
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49e528328c3d7303f855c6146be6a97fda6ea1715c4c59f9bac9ce44388c30e
b56ae65a1211ae8c92bb0befb5a4d93155b641f4993e6bdbae5a1d0b5a08939b
bd2ab55f0c3f815827b29222e282e6d787daa928e68505f03f891d2ab5718d03
c276285708800494d413ec1eb5884caf4d2e4e2b6e39b63c2f1e4988e568b2ed
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3a405349999e66ed87c4fbb2cdc9eebcb33ec19a430f9bcdd5fe1b69c91f199
c4faf5b6b443de346ec29d3fad7acbb6a21eabeb71023583486f1996bff19498
c62958fc98ac3452f7687435a0e5f11a44812aae297ed4849a5dbe02770b7c19
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c793dd8a847fe4f25969decc6f72cabe54099061f550f5536bd8661de6121eb5
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
caa3291280c6817ef3716377f85cead6dac8b80db67a70d2a8069f996889d128
cd7ecd6368faa1bb9c8cc7910b4e6b8261d929a83100f12506ba97c4bb0fe48b
cdf52f83d9e402b936bbf65818f2fec7270ae54d83883d69baded01cf0d3228b
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
cff247c4d6c20697eb3565e8cdce376842e41201d0e7a571e3649d1e92f7ed39
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d131d5e464fdd0fba8595adb790ce5cb6dea4ac67c152b7b7e148398ac465d40
d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff
d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53
d664624b29aa2652a56959c12ec6e660297b410bf06e5e58a0740cce0fa8e827
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
d87402d6ac551a34ac003e6a7d04f34ae884bc2c5df5c125467ba85c272c2651
d9dd56fc4490e2a228973163514867e3d557e450921e646a2166f429ed82f804
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0e5e2711c41975976b74d241e2dc7e4cd862e47daa4b88ff6235631db7613e0
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e2927f16c3d19be6cfa6a76cd46151a348682feb5492b4547eba7043122ef57f
e2c914448e6c05e565d80c198049e3063729255eb8a00c8cd1a8a0945a11c68b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5aeef8f7af4b357760a330d6e06cccebf81ec0bdcd700cf4c2cc90656e54611
e7d216bc3ccbc2487aff1649e35d2ee3d329d941e48cd2e9f8ba83f7412ea10d
ed988b9e45ba388c6d237e75853f2d50c6747151a47d3705aedbf29d53a5258e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2b9a8eddd12173128613b3e6f07030d55cc1f079c116d2bc0ef56bf339f2ec
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f2b015db432876cfc6cd3ec5a9e0218d1e61def1ffa90a749e0b68868ffa268b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fbca15ae8645163da40a4ed7e3e5f26cd9fb4dc3fa1a8b2661831d871847f220
fbd208131c4807aa595f18252af2227e41bbfa6216e7c3c28cc839f9de0d78d6
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fd703ef56efbb4bd984727e547e21e9591ad9ccbdf0349e1fee0d6b526a8f80e
fd717dd825a505eae20728b83a9058feb690059b9fa3abe91cd8e3c55ac14c07

www.irctc.co.in Open in urlscan Pro 103.252.142.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

404 Requests

87 %HTTPS

50 %IPv6

58 Domains

96 Subdomains

74 IPs

15 Countries

6383 kBTransfer

13094 kBSize

51 Cookies

85 Outgoing links

Page URL History

Redirected requests

404 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.irctc.co.in Open in urlscan Pro
103.252.142.19 Public Scan

Screenshot
Live screenshot

Full Image

404
Requests

87 %
HTTPS

50 %
IPv6

58
Domains

96
Subdomains

74
IPs

15
Countries

6383 kB
Transfer

13094 kB
Size

51
Cookies

404 HTTP transactions
7 data transactions