www.bgr.in Open in urlscan Pro
2a02:26f0:3500:88e::2965 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/aAT3l6LOuO
Effective URL:
https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Submission: On April 07 via manual (April 7th 2022, 5:44:06 am UTC) from IN — Scanned from DE

Summary HTTP 227 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 70 IPs in 10 countries across 45 domains to perform 227 HTTP transactions. The main IP is 2a02:26f0:3500:88e::2965, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.bgr.in. The Cisco Umbrella rank of the primary domain is 303198.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 9th 2021. Valid for: a year.

This is the only time www.bgr.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a02:26f0:350... 2a02:26f0:3500:88e::2965	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
36	23.216.77.31 23.216.77.31	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2 4	2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	108.138.7.31 108.138.7.31	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:353	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.111 18.66.112.111	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	63.32.16.90 63.32.16.90	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	108.138.3.177 108.138.3.177	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	18.195.158.152 18.195.158.152	16509 (AMAZON-02) (AMAZON-02)
5	185.64.190.84 185.64.190.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	52.57.231.46 52.57.231.46	16509 (AMAZON-02) (AMAZON-02)
1 2	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
3 9	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223f:7e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
5 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:e962:9753:e8e7:32b5	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.1.163 3.120.1.163	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
1 1	50.31.142.223 50.31.142.223	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2800:3f0:4002... 2800:3f0:4002:805::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.13.157 142.250.13.157	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:6f::8	15169 (GOOGLE) (GOOGLE)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	141.95.3.10 141.95.3.10	16276 (OVH) (OVH)
1	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
227	70

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:88e::2965 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bgr.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 23.216.77.31 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-31.deploy.static.akamaitechnologies.com

st1.bgr.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f21c:80e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-31.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:353 (United States)

ASN13335 (CLOUDFLARENET, US)

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-111.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.16.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-16-90.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.3.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-177.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.158.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-158-152.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.84 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ow.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

zeemedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.231.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-231-46.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.38.124 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:e962:9753:e8e7:32b5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.1.163 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-1-163.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.223 (Chicago, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4002:805::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.13.157 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:6f::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednsk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.10 (France)

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 125	254 KB
38	bgr.in www.bgr.in — Cisco Umbrella Rank: 303198 st1.bgr.in — Cisco Umbrella Rank: 281102	333 KB
28	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 95 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 bid.g.doubleclick.net — Cisco Umbrella Rank: 492 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	284 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 pix.eu.criteo.net — Cisco Umbrella Rank: 7880 csm.eu.criteo.net — Cisco Umbrella Rank: 7886	152 KB
10	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 566 eb2.3lift.com — Cisco Umbrella Rank: 325	5 KB
9	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 453 ow.pubmatic.com — Cisco Umbrella Rank: 8299 hbopenbid.pubmatic.com Failed image6.pubmatic.com — Cisco Umbrella Rank: 610 t.pubmatic.com — Cisco Umbrella Rank: 4458	202 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	95 KB
6	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 937 r3---sn-4g5ednsk.c.2mdn.net — Cisco Umbrella Rank: 686560 s0.2mdn.net — Cisco Umbrella Rank: 257	103 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 290 s.amazon-adsystem.com — Cisco Umbrella Rank: 278	41 KB
6	google.com www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	173 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 imasdk.googleapis.com — Cisco Umbrella Rank: 405	126 KB
5	instagram.com 3 redirects platform.instagram.com — Cisco Umbrella Rank: 6517 www.instagram.com — Cisco Umbrella Rank: 1098	10 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 624 script.hotjar.com — Cisco Umbrella Rank: 958 vars.hotjar.com — Cisco Umbrella Rank: 1008 in.hotjar.com — Cisco Umbrella Rank: 1743	66 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11668 ads.eu.criteo.com — Cisco Umbrella Rank: 7887 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10021	50 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 326	2 KB
3	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 470 ssum.casalemedia.com — Cisco Umbrella Rank: 1346	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	2 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 579 syndication.twitter.com — Cisco Umbrella Rank: 828	133 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	1 KB
2	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 pixel.rubiconproject.com — Cisco Umbrella Rank: 348	4 KB
2	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1149	593 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 602	1017 B
2	openx.net zeemedia-d.openx.net — Cisco Umbrella Rank: 195300 u.openx.net — Cisco Umbrella Rank: 730	467 B
2	google.de www.google.de — Cisco Umbrella Rank: 5640 adservice.google.de — Cisco Umbrella Rank: 8069	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	83 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 13168	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1418 id.crwdcntrl.net — Cisco Umbrella Rank: 1694	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	5 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 607	528 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 558	301 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 230	595 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 906	324 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 370	1003 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 385	705 B
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 2591	104 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 728	241 B
1	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2662	1 KB
1	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 1840	156 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2303	259 B
1	facebook.com graph.facebook.com — Cisco Umbrella Rank: 112	657 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	38 KB
1	t.co t.co — Cisco Umbrella Rank: 463	582 B
0	izooto.com Failed cdn.izooto.com Failed
227	45

	Domain	Requested by
36	st1.bgr.in	www.bgr.in st1.bgr.in
27	pagead2.googlesyndication.com	www.bgr.in 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com t.co www.googletagservices.com
19	tpc.googlesyndication.com	5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com imasdk.googleapis.com googleads.g.doubleclick.net tpc.googlesyndication.com t.co
9	static.criteo.net	ads.eu.criteo.com
9	eb2.3lift.com	3 redirects ads.pubmatic.com eb2.3lift.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com t.co
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net t.co
6	5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	cm.g.doubleclick.net	5 redirects eb2.3lift.com
5	pix.eu.criteo.net	ads.eu.criteo.com
5	googleads.g.doubleclick.net	5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com t.co
5	ow.pubmatic.com	ads.pubmatic.com www.bgr.in eb2.3lift.com
5	www.googletagservices.com	www.bgr.in 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com t.co
5	www.google.com	www.bgr.in 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	c.amazon-adsystem.com	www.bgr.in c.amazon-adsystem.com
4	www.instagram.com	2 redirects www.bgr.in
3	s0.2mdn.net	5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com t.co
3	match.adsrvr.org	2 redirects ads.pubmatic.com
3	fonts.googleapis.com	st1.bgr.in 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.bgr.in
2	csm.eu.criteo.net	ads.eu.criteo.com
2	r3---sn-4g5ednsk.c.2mdn.net	5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com www.bgr.in
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	x.bidswitch.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	prebid.a-mo.net	1 redirects ads.pubmatic.com
2	ap.lijit.com	ads.pubmatic.com www.bgr.in
2	ads.pubmatic.com	www.bgr.in ads.pubmatic.com
2	connect.facebook.net	www.bgr.in connect.facebook.net
2	delivery.adrecover.com	www.bgr.in
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform.twitter.com	www.bgr.in platform.twitter.com
2	www.bgr.in	t.co www.bgr.in
1	t.pubmatic.com	ads.pubmatic.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	t.co
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	odr.mookie1.com	eb2.3lift.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	image6.pubmatic.com	ads.pubmatic.com
1	prebid-match.dotomi.com	www.bgr.in
1	s.ad.smaato.net	www.bgr.in
1	pixel.rubiconproject.com	www.bgr.in
1	biddr.brealtime.com	ads.pubmatic.com
1	u.openx.net	ads.pubmatic.com
1	htlb.casalemedia.com	ads.pubmatic.com
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	hb.emxdgt.com	ads.pubmatic.com
1	zeemedia-d.openx.net	ads.pubmatic.com
1	tlx.3lift.com	ads.pubmatic.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	www.bgr.in
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	graph.facebook.com	st1.bgr.in
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.bgr.in
1	platform.instagram.com	1 redirects
1	tags.crwdcntrl.net	www.bgr.in
1	www.googletagmanager.com	www.bgr.in
1	t.co
0	hbopenbid.pubmatic.com Failed	ads.pubmatic.com
0	cdn.izooto.com Failed	www.bgr.in
227	78

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
m.me
st1.bgr.in
bgr.in

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.zeeentertainment.com DigiCert SHA2 Secure Server CA	`2021-11-09` - `2022-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
english.cdn.zeenews.com DigiCert SHA2 Secure Server CA	`2021-08-10` - `2022-06-15`	10 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
adrecover.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-14` - `2022-04-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.a-mo.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-28` - `2022-09-28`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-29` - `2022-06-07`	2 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Frame ID: D03CBE6B200B0E2D06472692168BBA67
Requests: 109 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.67506ef287a81e691ccccf99870d175e.html?origin=https%3A%2F%2Fwww.bgr.in
Frame ID: 2B0B684A1718E48C3B683E8DE7FE53A6
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 0B0B9A90F0835A63FC870119DDCDE124
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 515929027F9333E170235C6042CB6A3E
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6114D2D6A46A0994BDB453A1868119CC
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 5EF22D26FD1F77EA6E75BD6FA2BA0DD0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: 3615D3D86F09C003FDE7989EA12BBF12
Requests: 2 HTTP requests in this frame

Frame: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 317D88E51B2F83612E87076B17D2381C
Requests: 1 HTTP requests in this frame

Frame: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C34981026D27929D46BBF70C1069930A
Requests: 18 HTTP requests in this frame

Frame: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 49882F584D923A8BAF9F7FFF3D862BAF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjSgv_EATAB&v=APEucNXw5rh_Lzu2g3PzY0zAkcxOw73g_bIKpRWWVQjJPCIX2NgAfif-8Nhu8pnv4cmRpejn84hEJt3ECBbrY3PwxF0a9MUVhA
Frame ID: BA9DCF1D74797330F45041544603C836
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9E679602517A9595741ABDDC60E2B873
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5CFBD916C093B54F3A571139757B2C5D
Requests: 3 HTTP requests in this frame

Frame: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 80AA41C13242C88F27C715831C0790BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjunu3BATAB&v=APEucNUdTIpMMvbeL5nbNqzdODeINxlEZCinFN0zAruVErlGQ0ogYJhCWFKDiT2neLLsNfuTjIsmc9y5MwYjqEPJ0vPT944PPg
Frame ID: 8601D7E53EA543F06624D848E40F7A6B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js
Frame ID: E06EF147C789FBE1CA4322806AD9D2D5
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 12C22A9D68DA5B10DBD9C241FD88BFCC
Requests: 3 HTTP requests in this frame

Frame: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C80697793E3AEF3BBA63571348424CE8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHMbxCLqdvAAhiphL3BATAB&v=APEucNV8QMR0SVEb3VqJO5qgb7Mpcp9z8uSC5jQHsZZ88T4bY8e00YWf1JY12YCXo1lEwSe1ZFhBPfoQXmt1E0HveEskpuGyNA
Frame ID: 7763DB324DBA3479BF6E1A59F0672B29
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 56A94B41B122FF24FF7F7900D944DA15
Requests: 3 HTTP requests in this frame

Frame: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8BC68CD9B373CCE198143AFC78E93A60
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk56IAAK-W8Kd4HBAA4ejeZa8mDnLf6dtN-6oA&u=%7CPn4SoKQLcGUI7X%2BRiHT8XlOz19UcudeUQE6grH1dqoY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF3B43Ok4Go5WSd4zB4qEgIVAnr78iq9MduCCNVK0814t_1wh7LXtBwIh16KrTMA0YwaV4CbL5FKyV0GmyLHQVCNsZtShEdFTWK8ohvfwXnVOwqNMnXRWOiDE8gOeNRVYlioiFAcT3fyImmNFFdhhEqHVfQ45euDyeD8BMuDFaB7wvX6DrbkUfUBrW2RkuGHS3cWHfoevrsz1SqN7ilf80m5fs6dHB_Zm2RpkWhuHMgkEWlQBRUv6cdQnDnek8erkth5uyzNmeNUNtBzemb1n9b3uIMmpg1UYWHkvPXHA5XJCqzXYZM08hRb74KJhJJbJHyHtg1wlX3KZ5mOztZ-Ptk7MuQZOgYu8_VTcrpyv-WvVZH_dl14sf1eU83TgKjeBmP4_ENtHjeI85jq5LhGhH8g6pqFhLIurNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQN-SIHpOYu_yK8GD3gONvbiQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTUzOTY5MTQ5Mjc0MjA3NKAB1bbS6gPIAQmpAp2Ka-hlSLI-4AIAqAMBqgTBAk_QCmGn4VlEFq6h6w_amLLzsG8Nd2aL17VyrqA78XGmZ-XrFBt2laD3BpRIBTKCvpcOHQjwlhgqjmg5h8KiuVsGBXUhZyor73L1B0Qu3pTRIQxLEddZlECvOVUrrJwP46fH-vU1-M8VHsYSRcsbPJxJHcAOhUUz0YWY3i_CKy9B3NutpJFWKgsizSkMvAhs5yHkTaElsV0BZtJ_mCTUIjXQjT4V78FVCRgSS5_kUlY2sOhnh9LLAkU4R274ch6e6vIM60eNiE5_hM6dbbNp462jf0ClBtjpg6ggiwaQ-RSKqmnGhz5GLWAWjj54iWZE9x2xjyQpv_MsjMEnJ2t-V-UZ5QXUPK3_8-nHifj3oQ8BI8MDSHg2-YbymzgHp0_C91fxZcJNHYtZ5NFR59wtdOftUoa7EcgeVlL2C8gjK769JOAEAYAG6o7pkfHckYcaoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T0kqco2e4LEDLrQhNqQy7lJU8kA%26client%3Dca-pub-5539691492742074%26adurl%3D
Frame ID: D18AEE206526CA1CB4F2D9D4B18C4DB2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SBI Yono अकाउंट से PAN लिंक कराने के चक्कर में 'लुट' सकते हैं आप

Page URL History Show full URLs

https://t.co/aAT3l6LOuO Page URL
https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

227
Requests

93 %
HTTPS

48 %
IPv6

45
Domains

78
Subdomains

70
IPs

10
Countries

2210 kB
Transfer

6866 kB
Size

44
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BGRinHindi

Search URL Search Domain Scan URL

URL: https://twitter.com/bgrhindi

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCMjwrFAoSnTjpmsNuOc5uSg

Search URL Search Domain Scan URL

URL: https://twitter.com/HarshitKHarsh/
Title: @HarshitKHarsh

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Title: Facebook share

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/&text=SBI%20%E0%A4%97%E0%A5%8D%E0%A4%B0%E0%A4%BE%E0%A4%B9%E0%A4%95%20%E0%A4%B9%E0%A5%8B%20%E0%A4%9C%E0%A4%BE%E0%A4%8F%E0%A4%82%20%E0%A4%B8%E0%A4%BE%E0%A4%B5%E0%A4%A7%E0%A4%BE%E0%A4%A8!%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%95%20%E0%A4%95%E0%A4%B0%E0%A4%BE%E0%A4%A8%E0%A5%87%20%E0%A4%95%E0%A5%87%20%E0%A4%9A%E0%A4%95%E0%A5%8D%E0%A4%95%E0%A4%B0%20%E0%A4%AE%E0%A5%87%E0%A4%82%20%E2%80%98%E0%A4%B2%E0%A5%81%E0%A4%9F%E2%80%99%20%E0%A4%B8%E0%A4%95%E0%A4%A4%E0%A5%87%20%E0%A4%B9%E0%A5%88%E0%A4%82%20%E0%A4%86%E0%A4%AA%20via%20%40bgrhindi
Title: Twitter share

Search URL Search Domain Scan URL

URL: https://m.me/164165813989930?ref=test

Search URL Search Domain Scan URL

URL: https://st1.bgr.in/wp-content/uploads/2022/04/Yono.jpg
Title: <img class="size-full wp-image-1253795" src="https://st1.bgr.in/wp-content/uploads/2022/04/Yono.jpg" alt="" width="398" height="461" srcset="https://st1.bgr.in/wp-content/uploads/2022/04/Yono.jpg 398w, https://st1.bgr.in/wp-content/uploads/2022/04/Yono-259x300.jpg 259w" sizes="(max-width: 398px) 100vw, 398px" />

Search URL Search Domain Scan URL

URL: https://st1.bgr.in/wp-content/uploads/2022/04/Bank-Guidlines-1.jpg
Title: <img class="alignnone size-full wp-image-1253810" src="https://st1.bgr.in/wp-content/uploads/2022/04/Bank-Guidlines-1.jpg" alt="" width="1200" height="675" srcset="https://st1.bgr.in/wp-content/uploads/2022/04/Bank-Guidlines-1.jpg 1200w, https://st1.bgr.in/wp-content/uploads/2022/04/Bank-Guidlines-1-300x169.jpg 300w, https://st1.bgr.in/wp-content/uploads/2022/04/Bank-Guidlines-1-768x432.jpg 768w, https://st1.bgr.in/wp-content/uploads/2022/04/Bank-Guidlines-1-1024x576.jpg 1024w" sizes="(max-width: 1200px) 100vw, 1200px" />

Search URL Search Domain Scan URL

URL: https://st1.bgr.in/wp-content/uploads/2022/04/SBI-Twee.jpg
Title: <img class="alignnone size-full wp-image-1253794" src="https://st1.bgr.in/wp-content/uploads/2022/04/SBI-Twee.jpg" alt="" width="493" height="530" srcset="https://st1.bgr.in/wp-content/uploads/2022/04/SBI-Twee.jpg 493w, https://st1.bgr.in/wp-content/uploads/2022/04/SBI-Twee-279x300.jpg 279w" sizes="(max-width: 493px) 100vw, 493px" />

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BGRinHindi/
Title: फेसबुक

Search URL Search Domain Scan URL

URL: https://bgr.in/hi/videos/
Title: More Videos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BGRIndia

Search URL Search Domain Scan URL

URL: https://twitter.com/bgrindia

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BGRIndia

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/aAT3l6LOuO Page URL
https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 36

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 56

https://sb.scorecardresearch.com/b?c1=2&c2=9254297&ns__t=1649310237907&ns_c=UTF-8&cv=3.5&c8=SBI%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%95%20%E0%A4%95%E0%A4%B0%E0%A4%BE%E0%A4%A8%E0%A5%87%20%E0%A4%95%E0%A5%87%20%E0%A4%9A%E0%A4%95%E0%A5%8D%E0%A4%95%E0%A4%B0%20%E0%A4%AE%E0%A5%87%E0%A4%82%20%27%E0%A4%B2%E0%A5%81%E0%A4%9F%27%20%E0%A4%B8%E0%A4%95%E0%A4%A4%E0%A5%87%20%E0%A4%B9%E0%A5%88%E0%A4%82%20%E0%A4%86%E0%A4%AA&c7=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&c9=https%3A%2F%2Ft.co%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9254297&ns__t=1649310237907&ns_c=UTF-8&cv=3.5&c8=SBI%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%95%20%E0%A4%95%E0%A4%B0%E0%A4%BE%E0%A4%A8%E0%A5%87%20%E0%A4%95%E0%A5%87%20%E0%A4%9A%E0%A4%95%E0%A5%8D%E0%A4%95%E0%A4%B0%20%E0%A4%AE%E0%A5%87%E0%A4%82%20%27%E0%A4%B2%E0%A5%81%E0%A4%9F%27%20%E0%A4%B8%E0%A4%95%E0%A4%A4%E0%A5%87%20%E0%A4%B9%E0%A5%88%E0%A4%82%20%E0%A4%86%E0%A4%AA&c7=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&c9=https%3A%2F%2Ft.co%2F

Request Chain 89

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1

Request Chain 94

https://ssum.casalemedia.com/usermatchredir?s=186523&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=186523&us_privacy=&C=1 HTTP 302
https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Yk56HnRjFKwL5vi1ULw8NwAA%261170

Request Chain 97

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=f4dd5049-d426-4fd7-9548-fb6fd0df07f9

Request Chain 100

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=d55a8fa9-3705-4ae1-85b2-8cca3c0caf2c&dongle=0cfd

Request Chain 101

https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D&google_tc= HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJD7g19T4qOGNEZXQquwTSk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 103

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D&google_tc=

Request Chain 105

https://pr-bh.ybp.yahoo.com/sync/triplelift/1737915919450604592103?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-t85qpIdE2oR5MakEcoFjjbpfVOvUjLwjU04lKl.6_Q--~A&dongle=0883

Request Chain 106

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1737915919450604592103&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1737915919450604592103&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d857e2de-1e2a-4a60-8a70-6342a0ccb354&ssp=triplelift&gdpr=0&gdpr_consent=

Request Chain 108

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1737915919450604592103 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1737915919450604592103&dcc=t

Request Chain 109

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

Request Chain 147

https://gcdn.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/392638537BC7A1E2D4E356B522BC89FD0032D05E.6FCD9186B7CDED73B4568A3A7840EC2C9D76CADB/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52AB04D8ED475A08F759041D691E6717D81EC495.183E822384A3132E41E57CCDAC99E632F2A98D63/key/cms1/cms_redirect/yes/mh/LX/mip/2001:ac8:20:302::202e/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1649308912/mv/u/mvi/3/pl/54/file/file.mp4

227 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 aAT3l6LOuO
t.co/ 497 B
582 B 144ms
122ms Document
text/html 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/aAT3l6LOuO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 249
content-type: text/html; charset=utf-8
date: Thu, 07 Apr 2022 05:43:56 GMT
expires: Thu, 07 Apr 2022 05:48:56 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 917e336a43c32220b9b58736efddf60545dc0a53857ac5813fddf0c822fa5a14
x-response-time: 115
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/ 150 KB
27 KB 1371ms
1278ms Document
text/html 2a02:26f0:3500:88e::2965
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::2965 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

IndiaWeb/10.1.10 /

Resource Hash

6732d48237002a76ee3691b9c1bec28adc646b13b8024529fd4c1f88ea13351e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
content-length: 27130
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 05:43:57 GMT
geo-info: Akamai set: (EUROP)
link: <https://www.bgr.in/wp-json/>; rel="https://api.w.org/" <https://www.bgr.in/?p=1253770>; rel=shortlink
server: IndiaWeb/10.1.10
strict-transport-security: max-age=31536000; includeSubDomains
varcache: CacheMISS
vary: Accept-Encoding
x-var-ttl: 180.000
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21819872-1

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcd026f70af6975e8d44bc982855b9888531342a89e8710f0f052268acbd3b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38074
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Apr 2022 05:43:57 GMT

GET
H2 200 bgr_desktop.css
st1.bgr.in/wp-content/themes/bgr2017/css/ 282 KB
26 KB 117ms
23ms Stylesheet
text/css 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aa6431d617547e608e04eb6b787af8d57994af60f24dc0f78fe9e6ac30d2d620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: NMSXpEXLabbUctqEpJG0m.XmnixEssX2
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 08:15:15 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1594196110/atime:1594196110/md5:72ba1950c2be300de64efaa9052e6c0b/ctime:1594196110
x-amz-request-id: N2YAG7V3AAK77V4C
etag: "72ba1950c2be300de64efaa9052e6c0b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 25847
x-amz-id-2: 550NiVO8MwYCCaXBqTL0FT0Udpa+0+AWoZ0flP+iTx1EPnRB0oaMEAI3UaKrk5MJNSsyXHMJmpI=

GET
H2 200 jquery-min.1.11.1.js Show response
st1.bgr.in/wp-content/themes/bgr2017/js/ 153 KB
44 KB 120ms
26ms Script
application/javascript 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/js/jquery-min.1.11.1.js?ver=20200708
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6336983ad55a3504aa8a7e63863b9ac34ac5d1b27d7184e87bd0b89ccd3ad423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: VCkDzrwTYoc3sw2pjOiIBl.SgjCRvktR
content-encoding: gzip
last-modified: Mon, 06 Nov 2017 11:56:41 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:48/gname:apache/uname:apache/gid:48/mode:33188/mtime:1509943311/atime:1509943311/md5:19e88ef6c4499bd7a02a98cc0d33b0b4/ctime:1509945112
x-amz-request-id: 4V22KZM0JX2MHRCK
etag: "19e88ef6c4499bd7a02a98cc0d33b0b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
x-amz-id-2: dAaA4VkBuaXnO0Linm/kKbD8DL4aTJZvBxHOt8ICqrcRRIezgU3O0Qck8nqeU8vTlXE+kDKzSIc=

GET 185ab9ebc070b0b242472a9489383866a9255d5f.js
cdn.izooto.com/scripts/ 0
0

GET
H2 200 bgr_common.css
st1.bgr.in/wp-content/themes/bgr2017/css/ 29 KB
5 KB 111ms
17ms Stylesheet
text/css 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_common.css?v=1.7
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f14fd52b6f577b5c2dcf117f409649ec7ba5be59296bf21c8dbee54ad82e6b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: RV_YiF8q.UCcYAYbP38.AIug2XgUFWfJ
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 06:13:07 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1601446382/atime:1601446382/md5:56147dfe29f5fbb89e63e47ad439224f/ctime:1601446382
x-amz-request-id: E2765AD0C0280482
etag: "56147dfe29f5fbb89e63e47ad439224f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 4887
x-amz-id-2: k4i5Y7xdw0d+VO0VaOG3/P1jwJdpdLTPaHpqHDN73dI00ah20CGNrU8ptWjtBHKP/j7eogUliXg=

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/12381/ 44 KB
14 KB 40ms
11ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/12381/lt.min.js
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c30bce8ad967d35070f94600cdb5b4ac4b4bc7dde22f861c95b006cb30a278af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
content-encoding: gzip
etag: W/"8d46b3ff291adc64a22d710aab9bd057"
last-modified: Wed, 23 Feb 2022 23:00:33 GMT
server: AmazonS3
age: 421
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: KzTvS0Zj1dMY3JeCWHXGYRGY6VNla7gi_70XNBI_kFpsS5MTKiQMkQ==

GET
H2 200 / Show response
www.bgr.in/loaddesktopad/ 7 KB
2 KB 542ms
536ms Script
application/javascript 2a02:26f0:3500:88e::2965
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bgr.in/loaddesktopad/?adp=detail&asec=hindi&adsbid=1

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::2965 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

IndiaWeb/10.1.10 /

Resource Hash

1a9532e37f4b352232f754774f4b3ce89af218d401b9138d960b6dc9e0b72733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: IndiaWeb/10.1.10
geo-info: Akamai set: (EUROP)
date: Thu, 07 Apr 2022 05:43:58 GMT
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
varcache: CacheMISS
content-length: 1741
x-var-ttl: 180.000

GET
H2 200 BGR-website-logo.png
st1.bgr.in/wp-content/themes/bgr2017/images/new-logo-3/ 2 KB
2 KB 29ms
23ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/new-logo-3/BGR-website-logo.png
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 446bcf04c8154ec74d342b4438c8e7fb7b25584e8cc07df3f94623d2d9b1f38e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1162
etag: "ac03a9a1ddf6e63d248c3db8ed01f535"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Fri, 23 Apr 2021 04:48:58 GMT
content-length: 1608
server: Akamai Image Manager
expires: Tue, 12 Apr 2022 04:52:34 GMT

GET
H2 200 BGR_368x148.png
st1.bgr.in/wp-content/themes/bgr2017/images/new-logo-3/ 4 KB
4 KB 29ms
23ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/new-logo-3/BGR_368x148.png
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8b1e3db8412768115f7ec4077300f0b5de5d5454b235e7892649b184dc119e1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
last-modified: Tue, 13 Jul 2021 10:13:42 GMT
server: Akamai Image Manager
etag: "df821b4c93a4f6bb6526f32a6a3d4e22"
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 4124
expires: Tue, 12 Apr 2022 10:16:13 GMT

GET
H2 200 fill.png
st1.bgr.in/wp-content/themes/bgr2017/images/ 992 B
1 KB 43ms
38ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/fill.png
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 68e06612ac6397e11b2013f517555846302f35fe55f97fee811ab45bb5c20787

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 541
etag: "a042d8b138e0127db6d0467d514ec97d"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Mon, 24 May 2021 08:22:33 GMT
content-length: 992
server: Akamai Image Manager
expires: Sat, 16 Apr 2022 08:27:08 GMT

GET
H2 200 realme-9-pro-plus-r.jpg
st1.bgr.in/wp-content/uploads/2022/02/ 2 KB
2 KB 44ms
39ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/02/realme-9-pro-plus-r.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 340afe48a032da86c48517edc2d320d1a7c34e2fc31f7b994c300721c8f4ba2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1670
etag: "ceaa80aea94d5e7d8f3be4e8265d8160"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Wed, 23 Mar 2022 10:47:58 GMT
content-length: 2190
server: Akamai Image Manager
expires: Fri, 22 Apr 2022 10:48:05 GMT

GET
H2 200 xiaomi-redmi-note-11-global.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 2 KB
2 KB 45ms
39ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/xiaomi-redmi-note-11-global.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 49f86d1aac32fad296895359646df00dffae88349aa72ca334dcdf06b6364ea1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1670
etag: "af931ba6d9977a708e93786ea53bb089"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Wed, 23 Mar 2022 10:47:57 GMT
content-length: 2000
server: Akamai Image Manager
expires: Fri, 22 Apr 2022 10:47:28 GMT

GET
H2 200 Xiaomi-Mi-11i.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 2 KB
2 KB 45ms
39ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/Xiaomi-Mi-11i.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7e04128d8545ba418e4e9193cc3d0bfbd9451dd32ddfc6982594db3d61430404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
last-modified: Wed, 23 Mar 2022 10:47:59 GMT
server: Akamai Image Manager
etag: "c69bac4c90fb7b65e4031667aa829944"
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 1594
expires: Fri, 22 Apr 2022 10:46:31 GMT

GET
H2 200 samsung-galaxy-s21-fe-5g.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 1 KB
2 KB 56ms
51ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/samsung-galaxy-s21-fe-5g.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5c68a9ddbf0eebd9371009b635825b10fd7cfa9191e8bef1effc9bed4d8cb3e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1936
etag: "7148836979ad834fa82ce56df513fa1f"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Wed, 23 Mar 2022 10:48:00 GMT
content-length: 1480
server: Akamai Image Manager
expires: Fri, 22 Apr 2022 10:46:13 GMT

GET
H2 200 no_image_375X500.jpg
st1.bgr.in/wp-content/themes/bgr2017/images/ 198 B
418 B 56ms
51ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/no_image_375X500.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 2ecc347e5d6941c0214c92c3e36a2f42eefad4ba0210f21c650e8604721c5db1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 278
etag: "a00c209c94fb4f73a7fb9ff198e2d497"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Tue, 08 Mar 2022 01:39:36 GMT
content-length: 198
server: Akamai Image Manager
expires: Wed, 04 May 2022 01:41:04 GMT

GET
H2 200 infinix-note-11s.jpg
st1.bgr.in/wp-content/uploads/2021/12/ 1 KB
1 KB 57ms
52ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2021/12/infinix-note-11s.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 07daacf6f7913999e5b5338fe0fe3ac3df129570e348e7ae1a694c41a8d77884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
last-modified: Wed, 23 Mar 2022 10:47:59 GMT
server: Akamai Image Manager
etag: "dda40e2c5945bd07e011819c74c33927"
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 1302
expires: Fri, 22 Apr 2022 10:48:16 GMT

GET
H2 200 Infinix-Note-11-1.jpg
st1.bgr.in/wp-content/uploads/2021/12/ 2 KB
2 KB 57ms
52ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2021/12/Infinix-Note-11-1.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 49af70759a7ad097090b3bb1b687a9dd11b0c19b92c03bc1e5dfadfdf51f052a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1170
etag: "e7f928008a8eff8009f77a3640e6d7cd"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Wed, 23 Mar 2022 10:47:59 GMT
content-length: 1840
server: Akamai Image Manager
expires: Fri, 22 Apr 2022 10:46:24 GMT

GET
H2 200 Motorola-Edge-20-Pro.jpg
st1.bgr.in/wp-content/uploads/2021/11/ 1 KB
2 KB 57ms
52ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2021/11/Motorola-Edge-20-Pro.jpg?impolicy=Medium_Widthonly&w=95
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 093853225b35a9d3c255c1c366b92a66b511f59cb866d2d11f41cc0c121d70b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 556
etag: "5659582d7af5616a3e33fb6b1b50091c"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Tue, 15 Mar 2022 16:55:58 GMT
content-length: 1390
server: Akamai Image Manager
expires: Thu, 14 Apr 2022 16:54:50 GMT

GET
H2 200 Xiaomi-Hyperphone.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 1 KB
1 KB 57ms
53ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/Xiaomi-Hyperphone.jpg?impolicy=Medium_Widthonly&w=75
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 45554d08f1cdda01bb33c4e2c761dc45c1281ea81d8fede6ac82c3d24712bbe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 469
etag: "b7f947b72a9b31dc7b37e34024876d8d"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Thu, 24 Mar 2022 06:32:12 GMT
content-length: 1302
server: Akamai Image Manager
expires: Sat, 23 Apr 2022 06:32:23 GMT

GET
H2 200 xiaomi-12.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 1 KB
1 KB 57ms
53ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/xiaomi-12.jpg?impolicy=Medium_Widthonly&w=75
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 80b7b6a353f1d834ec893d446aeafa307e93c20e40571e135d66d1abfd865ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1145
etag: "bc7736b99508f7f457b7a6c41d597b27"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Thu, 24 Mar 2022 06:32:14 GMT
content-length: 1150
server: Akamai Image Manager
expires: Sat, 23 Apr 2022 06:32:27 GMT

GET
H2 200 vivo-v23.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 814 B
1 KB 57ms
53ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/vivo-v23.jpg?impolicy=Medium_Widthonly&w=75
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4230a0b94ff4355185e67bd6fd2d72d162a64f218de74475a8c950bb5c5d5a45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 772
etag: "3ca527245611ea9180ef661ab8dc6687"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Thu, 24 Mar 2022 06:32:12 GMT
content-length: 814
server: Akamai Image Manager
expires: Sat, 23 Apr 2022 06:32:34 GMT

GET
H2 200 samsung-galaxy-s21-fe-5g.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 1 KB
1 KB 57ms
53ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/samsung-galaxy-s21-fe-5g.jpg?impolicy=Medium_Widthonly&w=75
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 093453ea86c3f4ba3cf5d52749a3cf94049399f6634ce749d063e6d1f57a674a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1037
etag: "7148836979ad834fa82ce56df513fa1f"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Thu, 24 Mar 2022 06:32:11 GMT
content-length: 1256
server: Akamai Image Manager
expires: Sat, 23 Apr 2022 06:32:22 GMT

GET
H2 200 no_image_375X500.jpg
st1.bgr.in/wp-content/themes/bgr2017/images/ 188 B
378 B 58ms
54ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/no_image_375X500.jpg?impolicy=Medium_Widthonly&w=75
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 2dd27384fd97a4e775845619ed38d4ecafea5d71241a7383c0dd1fabcb94b888

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
last-modified: Thu, 24 Mar 2022 06:32:12 GMT
server: Akamai Image Manager
etag: "a00c209c94fb4f73a7fb9ff198e2d497"
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 188
expires: Sat, 23 Apr 2022 06:32:14 GMT

GET
H2 200 Realme-GT-2-Pro-1.jpg
st1.bgr.in/wp-content/uploads/2022/01/ 558 B
778 B 58ms
54ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2022/01/Realme-GT-2-Pro-1.jpg?impolicy=Medium_Widthonly&w=75
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 21b11c3f29df0169c61cca6feada235707f665fa78fed1d70fa576269fd7dbb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1706
etag: "f79a5571a23903692f7f6108d6514782"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Thu, 24 Mar 2022 06:32:12 GMT
content-length: 558
server: Akamai Image Manager
expires: Sat, 23 Apr 2022 06:31:53 GMT

GET
H2 200 Infinix-Note-11-1.jpg
st1.bgr.in/wp-content/uploads/2021/12/ 1 KB
2 KB 58ms
54ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/uploads/2021/12/Infinix-Note-11-1.jpg?impolicy=Medium_Widthonly&w=75
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: db20621a55990b5cb1c29887e9f82442cca371ba42ec01945d386f952e9adb3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1585
etag: "e7f928008a8eff8009f77a3640e6d7cd"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Thu, 24 Mar 2022 06:32:14 GMT
content-length: 1428
server: Akamai Image Manager
expires: Sat, 23 Apr 2022 06:32:47 GMT

GET
H2 200 signUp_sso.jpg
st1.bgr.in/wp-content/themes/bgr2017/images/ 4 KB
4 KB 58ms
54ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/signUp_sso.jpg
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6c9f661dde13a418df2e29c6a41e5721a8bb7fb3acb1f183996ace6b583753b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1038
etag: "d0a3659d1a046b57141f47eae01a1ecf"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Tue, 28 Jul 2020 12:11:06 GMT
content-length: 4130
server: Akamai Image Manager
expires: Wed, 13 Apr 2022 12:25:17 GMT

GET
H2 200 footer-logo-bgr.png
st1.bgr.in/wp-content/themes/bgr2017/images/new-logo-3/ 1 KB
1 KB 58ms
55ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/new-logo-3/footer-logo-bgr.png
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1569ae6dd5f299113717364244273a164535343b6be13b342da8722da202d4a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
last-modified: Fri, 23 Apr 2021 04:49:32 GMT
server: Akamai Image Manager
etag: "8d785180a17425c8714050e4448e05e1"
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 1294
expires: Tue, 12 Apr 2022 04:55:01 GMT

GET
H2 200 style.css
st1.bgr.in/wp-content/plugins/post-adds-code/css/ 390 B
807 B 14ms
14ms Stylesheet
text/css 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/plugins/post-adds-code/css/style.css?ver=20200708
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ef77bf94d6631e01d1d168ee18c6f8aa388c132ecb12a2873661ccd07939c9ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: lQFVoUmKWpsPQPe5u9DuLUzRUpopj14p
last-modified: Thu, 21 Dec 2017 14:29:48 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1513866580/atime:1513866580/md5:973f9dcfc896c3789bf0733630ce7b57/ctime:1513866580
x-amz-request-id: 5EV0KZKVWDBVMQTV
etag: "973f9dcfc896c3789bf0733630ce7b57"
content-type: text/css
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 390
x-amz-id-2: 1Wtc223WId73kDylkF8tz6hY3BX+M006OqzOSWhwL1FLiTGTRHtKJy1w2kg9B408OT2kR68Doe0=

GET
H2 200 social-share.min.js Show response
st1.bgr.in/wp-content/plugins/iwpl-social-share/v5/js/ 26 KB
8 KB 16ms
16ms Script
application/javascript 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/plugins/iwpl-social-share/v5/js/social-share.min.js?ver=x-12122019
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 193e3b372671f9baadf915483a2849487ec09bf066a95c5c5e85d888f1bb8e78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: vrygaN6lJNfK98Hse6A6BrwmOtbGl.yL
content-encoding: gzip
last-modified: Thu, 09 May 2019 09:35:53 GMT
server: AmazonS3
x-amz-request-id: 0E3AD1468674CC75
etag: "6ab4f835fc16e072968188ed22f93d4c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 7296
x-amz-id-2: 0uY7kuFYFvKbqoyKbojZGkE4g1aj6g2cqg1J/FBDCuOV/EHWw2FqrQ4sYyJEp8Ql88MEO0uSKYA=
x-amz-meta-s3b-last-modified: 20190509T093544Z

GET
H2 200 bgr_custom.js Show response
st1.bgr.in/wp-content/themes/bgr2017/js/ 286 B
716 B 14ms
14ms Script
application/javascript 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/js/bgr_custom.js?ver=20200708
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2e83b5b3713b6f151a6c134b8eef1f74e7a1fec682d44b4dac7d2d388580a4fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: 0WC.yR.OwWdX90yzV_f55wM.v_GWEp7L
last-modified: Mon, 06 Nov 2017 11:56:41 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:48/gname:apache/uname:apache/gid:48/mode:33188/mtime:1509943311/atime:1509943311/md5:f2437ff2e6850c2f7a5c5cc9faaf044b/ctime:1509945112
x-amz-request-id: 0TXH3G92XTMJEFFA
etag: "f2437ff2e6850c2f7a5c5cc9faaf044b"
content-type: application/javascript
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 286
x-amz-id-2: q1qrMga7pS2TQYjuPj43lI+MT2zCPA9g9MBXYBlzsfzL3f0Ayslh/a23f9/fHYct6DVYGmZDtgA=

GET
H2 200 vendor.js Show response
st1.bgr.in/wp-content/themes/bgr2017/js/ 81 KB
24 KB 48ms
40ms Script
application/javascript 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/js/vendor.js?ver=20200708
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6438aae2b5b657ab5c8bc7a169c666b8b3c539ede37b522787ccfc57b62d573

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: JjNMcVqE1B57CgxkRCuST0_tValiYQIA
content-encoding: gzip
last-modified: Mon, 30 Jul 2018 07:02:19 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1532934133/atime:1532934133/md5:82777e9ef235826a7dd1ad8ad32af8b6/ctime:1532934133
x-amz-request-id: BCWYZK6G7HCEN0W8
etag: "82777e9ef235826a7dd1ad8ad32af8b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 23705
x-amz-id-2: XaJd28o69IfAJlnGlaMqF30RiZN+EFE762cs7tRmH+WYL1BWthoozCk/CZ0GS9Dk1JVN2veGfHQ=

GET
H2 200 photogallery-min.js Show response
st1.bgr.in/wp-content/themes/bgr2017/js/ 24 KB
7 KB 22ms
15ms Script
application/javascript 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/js/photogallery-min.js?ver=20200708
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0343d28faa7dc4af541a0e7e3f246298f432315285ff9f7efb7141759b06195c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: jkAaDtUP8UiLHzBPFI36iuraxu.04mCn
content-encoding: gzip
last-modified: Mon, 06 Nov 2017 11:56:41 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:48/gname:apache/uname:apache/gid:48/mode:33188/mtime:1509943311/atime:1509943311/md5:e517778a3b1c3cf751af14b964fc7e97/ctime:1509945112
x-amz-request-id: 154KXX7ZWM8H40HG
etag: "e517778a3b1c3cf751af14b964fc7e97"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 6602
x-amz-id-2: Xj5i0B4cMBLppgfZSdjK5kqNzq/GYIE0/AwWgT4DarRBuNI+BThY/JxITB4m7nzueDzQzzHyjnc=

GET
H2 200 bj-lazy-load.min.js Show response
st1.bgr.in/wp-content/plugins/bj-lazy-load/js/ 2 KB
1 KB 21ms
14ms Script
application/javascript 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/plugins/bj-lazy-load/js/bj-lazy-load.min.js?ver=2
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: _ZP33LfXNZS.5R7ROwjxRhSgMfXbWb5Z
content-encoding: gzip
last-modified: Tue, 19 Feb 2019 09:24:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1550567903/atime:1550567970/md5:4f7d8e4e89b3a30253ab1489c4498423/ctime:1550567970
x-amz-request-id: 036099BB13A1EADB
etag: "4f7d8e4e89b3a30253ab1489c4498423"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 683
x-amz-id-2: YnZxy2z+usB/2gWb2sRy+GfLFLYhTDcve56OB0wqQ5DEc/eLetvxi9LGuDYzzt+BkF4k40sItXc=

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 171ms
43ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF1) /
Resource Hash: 48986cc5335ca287914a56ab292ed9b52dd548922d6f999ad85892cf32dade77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 05:43:57 GMT
Content-Encoding: gzip
Age: 1022
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29458
x-tw-cdn: VZ
Last-Modified: Wed, 06 Apr 2022 16:29:57 GMT
Server: ECS (mil/6CF1)
Etag: "a7edf79cb5a392c29a2ee37ee0aa6527+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

15ms
14ms

Script
text/javascript

2a03:2880:f21c:80e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H3
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 06:44:41 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
priority: u=3,i
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

17ms
9ms

Script
text/javascript

2a03:2880:f21c:80e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H3
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 06:44:41 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 hotjar-1763193.js Show response
static.hotjar.com/c/ 4 KB
2 KB 104ms
58ms Script
application/javascript 108.138.7.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1763193.js?sv=6

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-31.fra56.r.cloudfront.net

Software

Resource Hash

c99828162153672b65618bae57d96b4c4b7ac690433ab26204554b3d378eae86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
etag: W/ebf77f754c0c3928e4440e9801ea5855
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1969
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-amz-cf-id: U3VFcyXVesh1q-4384KxCMYNT_bhDoenmlfynqKEffIlZ_qRGZ-HNg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 39ms
8ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 03:30:00 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 9010
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: C0UdQEOF2WJVdfbLQOw60s_K9UfyYXmtP2kJHgUpU9AzwwJsdz3zDQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21819872-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 547
date: Thu, 07 Apr 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 07 Apr 2022 07:34:50 GMT

GET
H2 200 bootstrap.min.css
st1.bgr.in/wp-content/themes/bgr2017/css/vendors/ 118 KB
20 KB 20ms
19ms Stylesheet
text/css 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/vendors/bootstrap.min.css
Requested by: Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: dL7yipY66XMWvor5nEJIC3Uq1ibCiJGp
content-encoding: gzip
last-modified: Mon, 06 Nov 2017 11:51:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:48/gname:apache/uname:apache/gid:48/mode:33188/mtime:1509943311/atime:1509943311/md5:ec3bb52a00e176a7181d454dffaea219/ctime:1509945112
x-amz-request-id: 299183A9304623CD
etag: "ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 19740
x-amz-id-2: w+2yDCPYWXO7LViBCaokvNdaIjeeX76UzlemPzKcx8bzIGBr5CgizZcqmhI3rfWtJqWFtjEcpAI=

GET
H2 200 font-awesome.min.css
st1.bgr.in/wp-content/themes/bgr2017/css/vendors/ 28 KB
7 KB 16ms
15ms Stylesheet
text/css 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/vendors/font-awesome.min.css
Requested by: Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: O6i2VP75WbJCl.taljcA9bY_1SxLZxfC
content-encoding: gzip
last-modified: Mon, 06 Nov 2017 11:51:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:48/gname:apache/uname:apache/gid:48/mode:33188/mtime:1509943311/atime:1509943311/md5:4083f5d376eb849a458cc790b53ba080/ctime:1509945112
x-amz-request-id: D290643DB3F781A5
etag: "4083f5d376eb849a458cc790b53ba080"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
content-length: 6662
x-amz-id-2: +vUd2CCNgm1qJ9jG2ZakX0imBB3gKEUfuU7MSEtWcsOTPtI8pOFhHZPJHo4d71W++Hcf/BGIkyA=

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,700

Requested by

Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36af7a5dbc2c914527a9f489b04045e6227992b0d026b23c62261b6495f755e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 05:43:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 05:43:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 05:43:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
735 B 44ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Eczar|Roboto

Requested by

Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3988375a012f0ef111dd230bc173956ca57758ea9de38be38a70786cd64ecee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 05:43:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 05:43:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 05:43:57 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/39325/ 35 KB
11 KB 86ms
25ms Script
application/javascript 2606:4700::6812:353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/39325/adRecover.js?ts=1564132282545
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:353 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e32de5ddc1c14b314ed1424f4ce5536158d557353bb2bc17adbdf7b5dcf7eb08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 07:00:23 GMT
server: cloudflare
age: 72654
etag: W/"624d3a87-8de7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6f8072da48050208-ZRH
expires: Tue, 12 Apr 2022 05:43:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bgr.in
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 532656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:46:21 GMT

GET fontawesome-webfont.woff2
st1.bgr.in/wp-content/themes/bgr2017/css/fonts/ 0
0

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v22/ 32 KB
32 KB 17ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v22/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bgr.in
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 06:02:38 GMT
x-content-type-options: nosniff
age: 85279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:13:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 06:02:38 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 white-dot.png
st1.bgr.in/wp-content/themes/bgr2017/images/ 108 B
297 B 21ms
20ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/white-dot.png
Requested by: Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 34782a9b601d1d1dc56601bd418ce8cae9dffa2951bbafeb915dcbfe7521f575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
last-modified: Sun, 13 Sep 2020 03:20:53 GMT
server: Akamai Image Manager
etag: "cc853876d8e5ba31bc62fa66e3789639"
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 108
expires: Tue, 03 May 2022 03:39:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bgr.in
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 42458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:56:19 GMT

GET
H2 200 fontawesome-webfont.woff
st1.bgr.in/wp-content/themes/bgr2017/css/fonts/ 88 KB
89 KB 17ms
17ms Font
text/css 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/fonts/fontawesome-webfont.woff?v=4.6.3
Requested by: Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/vendors/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0b9d18f876062095d801b0bf1d850c4c374a6f0ab0616bbb346ee34b9e35b157

Request headers

Referer: https://st1.bgr.in/wp-content/themes/bgr2017/css/vendors/font-awesome.min.css
Origin: https://www.bgr.in
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: aVcQHDjt.H4sz.AtUI9IG3GjURI7Z_vO
content-encoding: gzip
last-modified: Mon, 06 Nov 2017 11:51:10 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:48/gname:apache/uname:apache/gid:48/mode:33188/mtime:1509943311/atime:1509943311/md5:c8ddf1e5e5bf3682bc7bebf30f394148/ctime:1509945112
x-amz-request-id: F355REHV2TF1N8FC
etag: "c8ddf1e5e5bf3682bc7bebf30f394148"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
date: Thu, 07 Apr 2022 05:43:57 GMT
accept-ranges: bytes
x-amz-id-2: jxqsHkYQe3XZGij5dj9SJ4BNL+PVV9EAPA91wEhpcmh4rNr15mboVN3gpIGY+vlNCKT9GmKsnBs=

GET
H2 200 sprit-icon.png
st1.bgr.in/wp-content/themes/bgr2017/images/ 10 KB
11 KB 31ms
31ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/sprit-icon.png?20180112
Requested by: Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7ade1dda2d4f280b532defd8e9e5198c23f3ee4739c08f18656c2221caf51236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 41
etag: "dc6c8180d2e6a71454203e5970a12a6f"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Tue, 28 Jul 2020 12:11:21 GMT
content-length: 10574
server: Akamai Image Manager
expires: Wed, 13 Apr 2022 12:29:51 GMT

GET
H2 200 sprit-icon.png
st1.bgr.in/img/ 18 KB
19 KB 32ms
31ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/img/sprit-icon.png?v=22042015
Requested by: Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_common.css?v=1.7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3179700f338c6e96613192f2019efacc3ae498b0d183f514c4ac0e47d2488706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_common.css?v=1.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 900
etag: "0f5e75ca2ce60b4a53bd55aeec993da8"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Tue, 28 Jul 2020 12:10:56 GMT
content-length: 18762
server: Akamai Image Manager
expires: Wed, 13 Apr 2022 12:32:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ad2c2b46085802757e1bc66fd3d7ffac86066f9faabbbfbcbb0d95dad556df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: V3UUEbKEkHulGGYrZcpaPw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 07 Apr 2022 05:59:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: b1+Wg5I5LDF50Hfpps7iSAw3/YT1cmAyWL75fkvfd9uVwWhcNYbnm1B2acB3hlLgJ/WBTRr3EBGr4BDGzsv9IA==
x-fb-trip-id: 686109401
x-fb-content-md5: b525b6e8635f6dbab6cfa71cb833b1cc
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 07 Apr 2022 05:43:57 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7bb4e53192865065baefaaaa90c8abee"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9254297&ns__t=1649310237907&ns_c=UTF-8&cv=3.5&c8=SBI%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%B...
https://sb.scorecardresearch.com/b2?c1=2&c2=9254297&ns__t=1649310237907&ns_c=UTF-8&cv=3.5&c8=SBI%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%...

0
190 B

13ms
12ms

Image
text/plain

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9254297&ns__t=1649310237907&ns_c=UTF-8&cv=3.5&c8=SBI%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%95%20%E0%A4%95%E0%A4%B0%E0%A4%BE%E0%A4%A8%E0%A5%87%20%E0%A4%95%E0%A5%87%20%E0%A4%9A%E0%A4%95%E0%A5%8D%E0%A4%95%E0%A4%B0%20%E0%A4%AE%E0%A5%87%E0%A4%82%20%27%E0%A4%B2%E0%A5%81%E0%A4%9F%27%20%E0%A4%B8%E0%A4%95%E0%A4%A4%E0%A5%87%20%E0%A4%B9%E0%A5%88%E0%A4%82%20%E0%A4%86%E0%A4%AA&c7=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&c9=https%3A%2F%2Ft.co%2F
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7uibeHxKYAgMcjwbWXdF7ULKYCV-WajLIPFkBff1pPgFRfydG_RnUQ==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=9254297&ns__t=1649310237907&ns_c=UTF-8&cv=3.5&c8=SBI%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%95%20%E0%A4%95%E0%A4%B0%E0%A4%BE%E0%A4%A8%E0%A5%87%20%E0%A4%95%E0%A5%87%20%E0%A4%9A%E0%A4%95%E0%A5%8D%E0%A4%95%E0%A4%B0%20%E0%A4%AE%E0%A5%87%E0%A4%82%20%27%E0%A4%B2%E0%A5%81%E0%A4%9F%27%20%E0%A4%B8%E0%A4%95%E0%A4%A4%E0%A5%87%20%E0%A4%B9%E0%A5%88%E0%A4%82%20%E0%A4%86%E0%A4%AA&c7=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&c9=https%3A%2F%2Ft.co%2F
date: Thu, 07 Apr 2022 05:43:57 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: v80an_k57D2F3LMw0crL5OHIVOidzSP8qBhyCHHfUYAFxtRDVZ3xXg==
x-cache: Miss from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 34ms
16ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=814036519&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=SBI%20Yono%20%E0%A4%85%E0%A4%95%E0%A4%BE%E0%A4%89%E0%A4%82%E0%A4%9F%20%E0%A4%B8%E0%A5%87%20PAN%20%E0%A4%B2%E0%A4%BF%E0%A4%82%E0%A4%95%20%E0%A4%95%E0%A4%B0%E0%A4%BE%E0%A4%A8%E0%A5%87%20%E0%A4%95%E0%A5%87%20%E0%A4%9A%E0%A4%95%E0%A5%8D%E0%A4%95%E0%A4%B0%20%E0%A4%AE%E0%A5%87%E0%A4%82%20%27%E0%A4%B2%E0%A5%81%E0%A4%9F%27%20%E0%A4%B8%E0%A4%95%E0%A4%A4%E0%A5%87%20%E0%A4%B9%E0%A5%88%E0%A4%82%20%E0%A4%86%E0%A4%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=698662690&gjid=1011665226&cid=793645838.1649310238&tid=UA-21819872-1&_gid=213333206.1649310238&_r=1&gtm=2ou3u0&cd1=Harshit%20Harsh&cd2=%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0&cd3=05-04-2022&cd4=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&cd5=1253770&z=521266694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.9beafb9ca96c2f868fe2.js Show response
script.hotjar.com/ 236 KB
62 KB 47ms
7ms Script
application/javascript 18.66.112.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1763193.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-111.fra56.r.cloudfront.net

Software

Resource Hash

95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134631
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63051
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 16:20:05 GMT
etag: "74214ff5f7e679f43ba048194d7bf23c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Go51YVOxckpwTTfhiqXuaxVJjyBqXK6x1g3aV_9fZEUwYRw-jqgi0w==

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
771 B 18ms
18ms Image
image/jpeg 2606:4700::6812:353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1649310237952
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:353 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
cf-cache-status: HIT
age: 250189
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
content-length: 631
cf-bgj: h2pri
server: cloudflare
etag: "60d2d6c2-277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 6f8072db39810208-ZRH
expires: Tue, 12 Apr 2022 05:43:57 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=65415f73026d0d06309f364cf8f1e1c8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

673f75f854f1b1945eb8de7eba3765f1d4fdf92596f5984af126e89894d7a556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bgr.in/
Origin: https://www.bgr.in
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eRPh/HUnD3KY1IhfQBsBSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 07 Apr 2023 02:49:55 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82771
x-fb-rlafr: 0
x-fb-debug: 1mtfmwm8AbrwgpgityziuAJGkKw967EfVMJ25y3yB0ey0TQmVR5uGdB/lOc/neb1OaXQbTAORSad5Qt4QXdBIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 48c27599cbb8546debddb228784ef920
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 05:43:57 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "aba74b2be702cd57ea696e6ad42516f8"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 share-social-v4.png
st1.bgr.in/wp-content/themes/bgr2017/images/ 9 KB
9 KB 38ms
37ms Image
image/webp 23.216.77.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st1.bgr.in/wp-content/themes/bgr2017/images/share-social-v4.png?20180112
Requested by: Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-31.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a4c5a2e9ac9138060a1f11161f42b0459f05e8c88d2a6b66dfdcebb14924768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st1.bgr.in/wp-content/themes/bgr2017/css/bgr_desktop.css?ver=20200708
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:57 GMT
x-check-cacheable: YES
x-serial: 1268
etag: "d425e58c6996df21ac9548b5d59a2d7d"
content-type: image/webp
cache-control: public, max-age=2592000
last-modified: Mon, 14 Sep 2020 00:05:25 GMT
content-length: 8712
server: Akamai Image Manager
expires: Wed, 04 May 2022 00:41:45 GMT

GET
H2 200 / Show response
graph.facebook.com/ 251 B
657 B 104ms
47ms Script
text/javascript 2a03:2880:f01c:20e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/&callback=jQuery111107238663195252537_1649310237722&_=1649310237723

Requested by

Host: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/js/jquery-min.1.11.1.js?ver=20200708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b3a53393f30bcdecef99316d93b9c9cad1a9dd1c2797d16c365cab3a43774d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1005314417
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: UNxLirR//3VukKBCXfXM9gtbhHdo+up/NbE2hgTOFAl/Df2/ntt91UCTANdX2ij7Jk+leEcXGMxCu1VqradvEQ==
x-fb-trace-id: GpSugdxbIQs
date: Thu, 07 Apr 2022 05:43:58 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A5eHQvewsZhW1u6hwJE_gBG
cache-control: no-store
facebook-api-version: v6.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.67506ef287a81e691ccccf99870d175e.html Show response
platform.twitter.com/widgets/ Frame 2B0B 319 KB
104 KB 43ms
42ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.67506ef287a81e691ccccf99870d175e.html?origin=https%3A%2F%2Fwww.bgr.in
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE8) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 47562
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Apr 2022 05:43:57 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 06 Apr 2022 16:28:34 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE8)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 76ms
25ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-21819872-1&cid=793645838.1649310238&jid=698662690&gjid=1011665226&_gid=213333206.1649310238&_u=YEBAAUAAAAAAAC~&z=236024120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 07 Apr 2022 05:43:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 0B0B 2 KB
1 KB 45ms
12ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1763193.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-40.fra60.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 5345512
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 08:52:06 GMT
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
vary: Accept-Encoding
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-id: atw61kTYLz_euR_16sz-AN4nkw-8UgHmojUnZGqPxHOf11QyEwzUpg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 49ms
18ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21819872-1&cid=793645838.1649310238&jid=698662690&_u=YEBAAUAAAAAAAC~&z=1054095897

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 62ms
32ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21819872-1&cid=793645838.1649310238&jid=698662690&_u=YEBAAUAAAAAAAC~&z=1054095897

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2B0B 230 B
445 B 234ms
125ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ad6aec588d1819761f06921cf71c837b01f16ea9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.67506ef287a81e691ccccf99870d175e.html?origin=https%3A%2F%2Fwww.bgr.in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 117
date: Thu, 07 Apr 2022 05:43:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 05:43:58 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c927e3c9ffaea966aff4aa8f850d187fe8fc9091de064791bc88236c830e39a6
content-length: 164

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1763193/ 147 B
323 B 153ms
86ms XHR
application/json 63.32.16.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1763193/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.16.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-16-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1763193 Show response
vc.hotjar.io/sessions/ 0
259 B 75ms
32ms XHR
text/plain 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1763193?s=0.25&r=0.2339556697291083
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: mmTESZkQiGZ8Z-kKvWCQcxr2RB2VbqUfqdTL6OozGq5YNSErStXPMQ==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158141/1400/ 1 MB
192 KB 62ms
17ms Script
text/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/loaddesktopad/?adp=detail&asec=hindi&adsbid=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0cc9d1d90cba83427435a6f449c4386d617893adcb6d7051020407ed2040beeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 10:56:40 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a0fbf-16b765-5db5948a5595c"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=35973
accept-ranges: bytes
content-type: text/javascript
content-length: 195648
expires: Thu, 07 Apr 2022 15:43:31 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 47ms
13ms Script
application/javascript 108.138.3.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/loaddesktopad/?adp=detail&asec=hindi&adsbid=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-177.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 111
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 13E42NDRR1XMP0WKHASS
date: Thu, 07 Apr 2022 05:43:02 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: D59vSAifxvqXU9e5Hm5uWV21VljfQIEk9UUF8t5hhgV7ia_u1cTl9w==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 7ms
6ms XHR
text/plain 108.138.3.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bgr.in&pubid=a17c03c1-eb0c-4671-8a5d-3cb93c8ca58e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-177.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 00:01:06 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server: Server
age: 20571
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.bgr.in
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: ZgYk3Xw4X2ElUidSmH466zyMdFAOs6dR7d4SWA3LxjSE9NXLxcgXJw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 44ms
43ms XHR
text/javascript 108.138.3.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&pr=https%3A%2F%2Ft.co%2F&pid=5x9JFLhNcKovZ&cb=0&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1525095201272-0%22%2C%22s%22%3A%5B%22970x90%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1525095201272-1%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1525095201272-2%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1525095201272-3%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1525095201272-4%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1525095201272-5%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pubid=a17c03c1-eb0c-4671-8a5d-3cb93c8ca58e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.3.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-3-177.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 6K0RVX94QJTJZN6K3Z73
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bgr.in
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eFMjYvNjV-bCIVMna8jm25WLRV0lWNqAOBkisC_8crx01hUouNpw7g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 20ms
7ms XHR
application/javascript 108.138.3.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-177.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 14177
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Thu, 07 Apr 2022 04:07:15 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: FZwVD4lL-RXBjMYbNWhDPO_O_FURQUwF03Ls88Cj2m6PZjRHuHcudA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/loaddesktopad/?adp=detail&asec=hindi&adsbid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e8522b7c081852ae950f31313a2b8e1db07645098b6d4ec75cea908b5a122b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28255
x-xss-protection: 0
server: sffe
etag: "1180 / 208 of 1000 / last-modified: 1649282879"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Apr 2022 05:43:58 GMT

GET
H2 200 pubads_impl_2022040401.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
126 KB 43ms
6ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

49adad57c43159e3b07daf3f0ae19e1f31d973bc3859ec4dcb647784f0677736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128155
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 08:35:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 06 Apr 2023 20:02:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 402 B
807 B 52ms
16ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bgr.in

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

77c7498d246b539535a8e8a57ade603a1fee1a446446c135208605b250f26602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 05:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 171
x-xss-protection: 0
expires: Thu, 07 Apr 2022 05:43:58 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
2 KB 143ms
118ms XHR
application/json 18.195.158.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.33.0&referrer=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&tmax=1150

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.158.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-158-152.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d25f31f1c765d355065f96be1a68e044ad5a73858390ddeed0bae40b18b5c233

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
content-encoding: gzip
accept-ch: sec-ch-save-data,sec-ch-width,sec-ch-viewport-height,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-arch,sec-ch-rtt,sec-ch-downlink,sec-ch-ect,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-dpr,sec-ch-device-memory
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1426
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 / Show response
ow.pubmatic.com/openrtb/2.5/ 2 KB
547 B 102ms
32ms XHR
application/json 185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/openrtb/2.5/
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 46b8bca9062ebc511737c95e7c99274535ca061b9c94e8297c4c4d32674ca3bf

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bgr.in
date: Thu, 07 Apr 2022 05:43:58 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 430
content-type: application/json

GET
H2 200 arj Show response
zeemedia-d.openx.net/w/1.0/ 73 B
376 B 55ms
25ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://zeemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=037318a8-38ce-4480-8ab2-144eba726a96%2Ca821f13d-ad72-4358-a81d-1073392ca48a%2C20c19eb9-fa71-46a0-9740-ad2ec4e24a99%2C1d99c711-27d8-48af-98c1-ba51c3007e92&nocache=1649310238637&pubcid=9d621e15-4a9e-4378-bf35-1a872d86f12d&aus=970x90%7C300x250%7C300x250%7C300x250&divIds=div-gpt-ad-1525095201272-0%2Cdiv-gpt-ad-1525095201272-1%2Cdiv-gpt-ad-1525095201272-2%2Cdiv-gpt-ad-1525095201272-3&auid=545700649%2C545700647%2C545700652%2C545700655
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 300f275f637b78575fd4fd31243cee28ed2fd3bf34a572b22047a9c24d38ba2a

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bgr.in
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
740 B 141ms
96ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.33.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 4383fe166347d66121fa7bd2d92cdf53f7e3d4164b769a115a804b9896982042

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 07 Apr 2022 05:43:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bgr.in
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 / Show response
hb.emxdgt.com/ 0
156 B 33ms
9ms XHR
text/plain 52.57.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1150&ts=1649310238639&src=pbjs
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.231.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-231-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bgr.in
date: Thu, 07 Apr 2022 05:43:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
289 B 574ms
377ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bgr.in
date: Thu, 07 Apr 2022 05:43:59 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 282
vary: origin, Accept-Encoding

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 941 B
4 KB 207ms
137ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21736&site_id=360144&zone_id=1970006&size_id=55%3B15%3B15%3B15%3B9%3B9&eid_pubcid.org=9d621e15-4a9e-4378-bf35-1a872d86f12d%5E1&rf=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&tg_i.dfp_ad_unit_code=11440465%2FBGR_Web%2FBGR_AS_ATF_970x90%3B11440465%2FBGR_Web%2FBGR_AS_ATF_300x250%3B11440465%2FBGR_Web%2FBGR_AS_BTF_1_300x250%3B11440465%2FBGR_Web%2FBGR_AS_BTF_2_300x250%3B11440465%2FBGR_Web%2FBGR_AS_LHS_160x600%3B11440465%2FBGR_Web%2FBGR_AS_RHS_160x600&tg_i.pbadslot=11440465%2FBGR_Web%2FBGR_AS_ATF_970x90%3B11440465%2FBGR_Web%2FBGR_AS_ATF_300x250%3B11440465%2FBGR_Web%2FBGR_AS_BTF_1_300x250%3B11440465%2FBGR_Web%2FBGR_AS_BTF_2_300x250%3B11440465%2FBGR_Web%2FBGR_AS_LHS_160x600%3B11440465%2FBGR_Web%2FBGR_AS_RHS_160x600&tk_flint=pbjs_lite_v4.33.0&x_source.tid=037318a8-38ce-4480-8ab2-144eba726a96%3Ba821f13d-ad72-4358-a81d-1073392ca48a%3B20c19eb9-fa71-46a0-9740-ad2ec4e24a99%3B1d99c711-27d8-48af-98c1-ba51c3007e92%3B47b1f69f-cb72-4b85-bc13-8fd43877d371%3B3e21f540-0118-4ee8-babd-84700907f73f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=6&rand=0.676435511179817
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9acf19f8d7531b41f93902d58f436fb8d0fbeb1e369854139b8b4aff8f961ce2

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 05:43:58 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bgr.in
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 941
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
327 B 196ms
147ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=618033&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2253e7cc75c227b59%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254b1d1c5a67a85b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22618033%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225578016a5c39e23%22%2C%22ext%22%3A%7B%22siteID%22%3A%22618033%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22568de85688713b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22618033%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2257a1da60a8664d5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22618033%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225897e05377a4e6c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22618033%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2259719fce8f4bccd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22618033%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 50641af05ee57d6da5dc6faa82aad665a877c312911ffa65d5dc543412ce7521

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.20], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.bgr.in
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 07 Apr 2022 05:43:58 GMT

POST
H2 200 / Show response
ow.pubmatic.com/cookie_sync/ 2 KB
3 KB 19ms
19ms XHR
application/json 185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: cf186320d1c0e39b234368d7590494ced1305861fb430119ba808da45e5f4f3f

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bgr.in
date: Thu, 07 Apr 2022 05:43:58 GMT
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 5159
Redirect Chain

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1

1 KB
1 KB

8ms
8ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: c0ba7e733e11d23842a39cc1e1e0c2e1760ec9aac7c41b5e7538b08e23c32adb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 490
content-type: text/html; charset=utf-8
date: Thu, 07 Apr 2022 05:43:58 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 07 Apr 2022 05:43:58 GMT
location: /sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 6114 0
91 B 64ms
58ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 07 Apr 2022 05:43:58 GMT
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 5EF2 926 B
1 KB 68ms
16ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Age: 4521
CF-Cache-Status: HIT
CF-RAY: 6f8072e0a91169a3-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 07 Apr 2022 05:43:58 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Thu, 07 Apr 2022 06:43:58 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3615 15 KB
6 KB 14ms
13ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=85536
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 07 Apr 2022 05:43:58 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 08 Apr 2022 05:29:34 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 60ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pubmatic
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

setuid
ow.pubmatic.com/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=186523&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=186523&us_privacy=&C=1
https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Yk56HnRjFKwL5vi1ULw8NwAA%261170

86 B
477 B

20ms
19ms

Image
image/png

185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Yk56HnRjFKwL5vi1ULw8NwAA%261170
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Server: 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
content-length: 86
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 05:43:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Yk56HnRjFKwL5vi1ULw8NwAA%261170
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 300
Expires: Thu, 07 Apr 2022 05:43:58 GMT

GET
H2 204 /
s.ad.smaato.net/c/ 0
241 B 33ms
8ms Image
text/plain 2600:9000:223f:7e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ThZc-z6ZWFyVBu3PqlzL2Qx6nfvvFybjx30KSd452QbBThlKbk6V8g==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 69ms
24ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

setuid
ow.pubmatic.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=f4dd5049-d426-4fd7-9548-fb6fd0df07f9

86 B
575 B

19ms
19ms

Image
image/png

185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=f4dd5049-d426-4fd7-9548-fb6fd0df07f9
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: H2
Server: 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://ow.pubmatic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=f4dd5049-d426-4fd7-9548-fb6fd0df07f9
date: Thu, 07 Apr 2022 05:43:58 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 22ms
16ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 07 Apr 2022 05:43:58 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3615 0
42 B 71ms
14ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35087860&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 5159
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=d55a8fa9-3705-4ae1-85b2-8cca3c0caf2c&dongle=0cfd

37 B
354 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=d55a8fa9-3705-4ae1-85b2-8cca3c0caf2c&dongle=0cfd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=d55a8fa9-3705-4ae1-85b2-8cca3c0caf2c&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

ebda
eb2.3lift.com/ Frame 5159
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D&google_tc=
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

7ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 5159
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJD7g19T4qOGNEZXQquwTSk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJD7g19T4qOGNEZXQquwTSk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJD7g19T4qOGNEZXQquwTSk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5159
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D&google_tc=

170 B
188 B

33ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTczNzkxNTkxOTQ1MDYwNDU5MjEwMw%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 5159 0
705 B 201ms
182ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1737915919450604592103&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A4F48A29834349DBA0BBD07C008B33AE Ref B: FRAEDGE0918 Ref C: 2022-04-07T05:43:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcCfbqXAu43W/VMeVcvA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 5159
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/1737915919450604592103?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-t85qpIdE2oR5MakEcoFjjbpfVOvUjLwjU04lKl.6_Q--~A&dongle=0883

37 B
354 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-t85qpIdE2oR5MakEcoFjjbpfVOvUjLwjU04lKl.6_Q--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 07 Apr 2022 05:44:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 5
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-t85qpIdE2oR5MakEcoFjjbpfVOvUjLwjU04lKl.6_Q--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 5159
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1737915919450604592103&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1737915919450604592103&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d857e2de-1e2a-4a60-8a70-6342a0ccb354&ssp=triplelift&gdpr=0&gdpr_consent=

43 B
324 B

30ms
16ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d857e2de-1e2a-4a60-8a70-6342a0ccb354&ssp=triplelift&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d857e2de-1e2a-4a60-8a70-6342a0ccb354&ssp=triplelift&gdpr=0&gdpr_consent=
Date: Thu, 07 Apr 2022 05:43:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 5159 42 B
595 B 62ms
30ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=1737915919450604592103&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:58 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC92154439BB4BF4BF4068649F636FDE Ref B: FRAEDGE1209 Ref C: 2022-04-07T05:43:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 5159
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1737915919450604592103
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1737915919450604592103&dcc=t

0
0

116ms
116ms

Image
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1737915919450604592103&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: HTTP/1.1
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 05:43:59 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2P7Z1HPPQZHJYWTBJAB3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1737915919450604592103&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 5159
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

37 B
139 B

8ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma: no-cache
Date: Thu, 07 Apr 2022 05:43:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2 200 setuid
ow.pubmatic.com/ Frame 5159 0
279 B 20ms
19ms Image
text/html 185.64.190.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=b&uid=1737915919450604592103
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:43:58 GMT
content-length: 0
content-type: text/html

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bgr.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 05:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bgr.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 05:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 63ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=4126016176386368&vrg=2022040401&nw_id=11440465&nslots=7&eid=31065846%2C31066342%2C31066961%2C31066991%2C31066000&pub_url=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&sig=3&req=0&req_cnt=1&dm=8

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
31 KB 848ms
833ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4126016176386368&correlator=2526735495398968&eid=31065846%2C31066342%2C31066961%2C31066991%2C31066000&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=11440465%2CBGR_Web%2CBGR_AS_ATF_970x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&ifi=1&adks=271530665&sfv=1-0-38&ecs=20220407&fsapi=false&prev_scp=Section%3Dhindi%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649310239672&lmt=1649310239&dlt=1649310237524&idt=1082&biw=1600&bih=1200&adxs=315&adys=78&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=978x0&msz=970x0&fws=0&ohw=0&ga_vid=793645838.1649310238&ga_sid=1649310240&ga_hid=814036519&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c86dd4166e88e54531c985f378371a61695a7deb8c3d593e897dbf05d180acf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31453
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 317D 6 KB
4 KB 75ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:43:59 GMT
expires: Fri, 07 Apr 2023 05:43:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 58ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 624ms
616ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4126016176386368&correlator=2526735495398968&eid=31065846%2C31066342%2C31066961%2C31066991%2C31066000&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=11440465%2CBGR_Web%2CBGR_AS_RHS_160x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=2&adks=543047723&sfv=1-0-38&ecs=20220407&fsapi=false&prev_scp=Section%3Dhindi%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649310239685&lmt=1649310239&dlt=1649310237524&idt=1082&biw=1600&bih=1200&adxs=1440&adys=91&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=793645838.1649310238&ga_sid=1649310240&ga_hid=814036519&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

76393ec98367a5d630fb6bc1a16818096e5d57e32534c4ef56b63cf43b66e123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8258
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 53ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1038ms
1036ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4126016176386368&correlator=2526735495398968&eid=31065846%2C31066342%2C31066961%2C31066991%2C31066000&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=11440465%2CBGR_Web%2CBGR_AS_LHS_160x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&adks=3517307402&sfv=1-0-38&ecs=20220407&fsapi=false&prev_scp=Section%3Dhindi%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649310239690&lmt=1649310239&dlt=1649310237524&idt=1082&biw=1600&bih=1200&adxs=0&adys=91&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=793645838.1649310238&ga_sid=1649310240&ga_hid=814036519&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3876311806e0ff0cb2b309fad6e8163b431f2507a0642a89e3909e3533de1fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8310
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 49ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
22 KB 415ms
415ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4126016176386368&correlator=2526735495398968&eid=31065846%2C31066342%2C31066961%2C31066991%2C31066000&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=11440465%2CBGR_Web%2CBGR_AS_BTF_1_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=3652255120&sfv=1-0-38&ecs=20220407&fsapi=false&prev_scp=Section%3Dhindi%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649310239693&lmt=1649310239&dlt=1649310237524&idt=1082&biw=1600&bih=1200&adxs=995&adys=1655&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=330x0&msz=300x0&fws=0&ohw=0&ga_vid=793645838.1649310238&ga_sid=1649310240&ga_hid=814036519&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ecf3d1171cbb51a834665d7dbd78d3e8b489b97eb3570b6fd5bced71a09f19f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22342
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 46ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:43:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 1240ms
1239ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4126016176386368&correlator=2526735495398968&eid=31065846%2C31066342%2C31066961%2C31066991%2C31066000&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fif&iu_parts=11440465%2CBGR_Web%2CBGR_AS_ATF_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=5&adks=3848569310&sfv=1-0-38&ecs=20220407&fsapi=false&prev_scp=Section%3Dhindi%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649310239697&lmt=1649310239&dlt=1649310237524&idt=1082&biw=1600&bih=1200&adxs=995&adys=293&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bgr.in%2Fhi%2Fnews%2Fsbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770%2F&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=330x0&msz=300x0&fws=0&ohw=0&ga_vid=793645838.1649310238&ga_sid=1649310240&ga_hid=814036519&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7a6ff6df7311584a7cda0b83b73a36a01461a4a9aef9f4e00942cfcd7d495877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9971
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C349 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:43:59 GMT
expires: Fri, 07 Apr 2023 05:43:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame C349 19 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 04:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 04:55:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C349 8 KB
714 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 05:10:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 05:44:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 05:44:00 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame C349 14 KB
3 KB 36ms
6ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.css

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 12:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 12:45:03 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame C349 347 KB
120 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122269
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2023 11:56:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame C349 15 KB
6 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:30:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C349 0
0 316ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBnHgYrfdkhlyXkookGK3VMTpkYsxnIpqj5ALQ5b-KkUYn6UVhP3TijQw8OiTbvXwSb-UG
Requested by: Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame C349 0
327 B 994ms
254ms Ping
image/gif 2800:3f0:4002:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l1okqe45&c=4394742177739&slotId=2197371088869.5&qqid=CJjw2refgfcCFaSkdwode9EKGw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4002:805::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C349 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 42461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C349 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 532659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:46:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C349 0
20 B 55ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CzAKvH3pOYtjkLKTJ3gP7oqvYAZrpx7tny-GHz5cP19aivcABEAEgufmMKWCVgoCAmAegAe7JlO8CyAEFqQKdimvoZUiyPqgDAcgDmwSqBOYBT9C3QV9DltcMhR-9z3qe11uvhFbDevoiVtH_iDb3lwtbZTHNmyjoKen3-GndxGjwM-i0ev3r0xeAvUWoxaqW43oYM4nItoziHHLcLRefrmMxjkCX-w3nduq1STVlMhBy2S9kUhOOOTg1OPb7OCdgABZym237kffMQrlmMslgPQUUZx_Zh7rAcoXiBgrP6fkDdf1h4i2V5xIQFeb5WJPwiyvhjJHqbPyFgaDkOBXUXX9Lc_ZyoZ5NjoWmRTvXTkwRoA2KuHd4stueOVqCStj59S65iIENY9iBUYbxCl0v_uC3C_rCHkPABNmGgZviA-AEA5AGAaAGToAH-rXrkAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB2ACgOYCwHICwGADAGwE7Xj4w7IE7vg_N4D0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1649310240256&ai=CzAKvH3pOYtjkLKTJ3gP7oqvYAZrpx7tny-GHz5cP19aivcABEAEgufmMKWCVgoCAmAegAe7JlO8CyAEFqQKdimvoZUiyPqgDAcgDmwSqBOYBT9C3QV9DltcMhR-9z3qe11uvhFbDevoiVtH_iDb3lwtbZTHNmyjoKen3-GndxGjwM-i0ev3r0xeAvUWoxaqW43oYM4nItoziHHLcLRefrmMxjkCX-w3nduq1STVlMhBy2S9kUhOOOTg1OPb7OCdgABZym237kffMQrlmMslgPQUUZx_Zh7rAcoXiBgrP6fkDdf1h4i2V5xIQFeb5WJPwiyvhjJHqbPyFgaDkOBXUXX9Lc_ZyoZ5NjoWmRTvXTkwRoA2KuHd4stueOVqCStj59S65iIENY9iBUYbxCl0v_uC3C_rCHkPABNmGgZviA-AEA5AGAaAGToAH-rXrkAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB2ACgOYCwHICwGADAGwE7Xj4w7IE7vg_N4D0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C349 31 KB
16 KB 135ms
52ms XHR
text/xml 142.250.13.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DRHjc1qcoX-N7sQBQjSo3nbaMblLdnQFFr1QX--Ggp1-SyUn4rFUnIt-ECa_1bALGsQ26ngDYmJbhrJtj2K6t5d-KegA&dbm_d=AKAmf-B79uukAeYqEFuTAZBUpEYuMxhZpKpXcSFD0Ls9or4yNthl2o4cwJTDTMoosR2QRwip7A1p9f1ZIrEXUpxNW3IMKAlSv1VRYeKsMLM-kuye8PG83dh0NWcgOeIycaq2f5-Q4BdJmTvxuCuxMYDUcumqIhAGr0b8avNGz3MyW3JTVLG9ynLzPUOj0IqF7TdyF75OuqQ8WNtDfM96_WyuM1N0Ub6BKEb55_El0Q1TeSquwJUrsbVBXOaGGjyn-_NgJavuKiorpRDr9UK58ytyJnxXGRYiM1itn-HiVq3h4ioHfOFWwIE1ZyrmUCiaEiFmWKwU21_f9k0zeDGejctpMgWa47crAuADMDsGZ4JMCV5jSw_UNmyO8CJZ2U5AaU_qvAyIQ1uLP04pccJQjNmQ8Vvbza4MqSeckt-AYCt1afYgendnexKKKLbthdYuWZUiNyZJ9nHDBHleZNK20ZYFWmjZ8CuAbGraGO1cQQjoVQEaAsZkxdjKjxxRjd0xjbDguD2FWQs0DH6RiFlNsZhOIdJd349pfCV94iEgG755PNFNvuXf7f72rYRbNdsYftTWCfle5o8RVoJjW78fLAHG2orZygCzCkrzzN7aMx_syE4xVUpNDY7mdbDmX_nZ3fwXffkbJKVwzGyE4fvtj48qDCe5NNikLai2r7M3p83jR3otBFuhhoBhzXQ6oGeYf2YkRA-fzvQmxE8IdEhYdGtgSbT8LhY-E0yKp7soJuBFxGD5nWN2fXhNwFyEFkQYkELq7oDiPQz7kui1fweVG08IuGyEaiQkW-vHO_zqN2JNIdpUGhanhMco5wcoB0HTvRCuBd3lcFd5y9CnN-O8sZqdrdjElUYJN4FHKNaSvb7QX5Qk63D-jPfyXEQ81klfJUHy5dgIFtRpndPqbClWlhjypvgc_8r8hAFbSajR3DOlorNCE3zBvWfMqcHtdg1a3GZIFjnH7EsTRzg9FrTqPirgT7dIBe8LV_IFy-FiPrg8HcWDGcwWpDmexCGzOgG27xgh6f6YShV8dIr1_0Du-v5fUaKo4srWB9ff4pL0MvYVOV8WbtLhgPY5JTh91cyvdeBtGfuaWnO71eM4resD31oDgFTauxcjzXofqGXioE3h8Yw23fb5jYBBDlJ_SC1t6ot_VUQnfXrGniBTh38XFZoK1YTMDLrQNQRSKWar8NTyTqPdYO5MAkh1D6sts2XfJFO_MWo2NOPuhE6FiCMtE4NhImNSx1ygG5xnOYTxFyGm358h6inTFRFKxLjbPhl2kuWoibFpDnodGJaQAsWaTypBmD3zqchBky4Skl4iB8qmezmh-QIlqIg8XDEylWXM5kVH4CYMqR1imB_GzTdVoFARswDjbz54pKZ4UzbqHUIYZD1b3RF2S6N7aS72diaWj3udV6RFZrNnYS-IGEbt5q5JT6V8zvePvdmnAgdkjOVTxISGvuQSrFt0ituKN9mW6lGe5CXhfcCafh8b8T0e6PJe_foKQ5YidmthsOuyy9v_bzq69cfakkNZpyKwMkm3cvGDqsX3DJBy9FXoxGQGtNUE-FyYjONYE0K0ci9QWxCxc26zBbXMN5LqpU770xlub5Y0jdgtx5K_3CxuMID7Uvw01bfv4ji9q3JjAl--pd47NaiJlRjzj3edfV5g2f3kShpIqo-xXeTvnPsYWhYyb2Vt37nx9U90-KSToxT-UKj2fBPvvHofPCECw02M4hQiZP99kTzGNfKGEwIgiGzpr4gisEE_fPL201gevpVOothxkvUM9OiBBRMi4bfhLW1JgEEHeoETonoy6K486mSO5ETKMahU5kCnya8cSKE1mORInTCagsbrsn8zkC696I12-PcNlIGSsCRHmLRCuet4nQtchDA7AuJtP5orXir2JacatDat4X9hqkrB3-hiTHEJTUhTIUMJLjqLl36C6T41Z5ksHy8rixri0Io8h--RW-XixVbI_L26jvEjcOkFdE8ME7sx4jlnsaVpT1D0jio0youNdJ8NbeAmgGWJiSRvSahYE_CGhW08nFv-YFhDRer9hMrdn0h-BeoNl-XThmyJUDihxe34IPVdVjRtBRBQ42Gs8McQlthk35KKjRF8xkLlSIEEEZjWwS6ZkQmjpgHe0ISox1N8k04VuNX5Bzk_Nq8ogpdDECgncrX1vvUPDXhktBdeQ9zs9DddYNLeiCfNQsxp2ENd4GjSQ22j7m5BKGigIb15p6dRTGbq2zJ7l1MASXsrIF5Q6ghEytFPzNJ0ZaTu5KZ5JmKYO0iIbJ_CszHHOXsQcEbWTULe4cCcLdn8j4G0HE0Hg3qCjOXnY2F3rjjV-yfbISAxk7VtocQbuz1BZBP3B_e2tlRFHM8p1nN0cMF9oP7kfgnoTf_GMcQOy7UZxBH_OGgnKTTxFLUTPQeSCb21cLlmbNbuMmi95DlWC19k6YktM5gvvqHftt-IQ0vEC_xv6u1gO4_O-QxGStrxxCLx75K7G-W4TLXJGfVqDobT6pX3Z7HHjhM9fqYTlEqKhqsB_S6Fwr_yZdW34my7FkUUwZzNVDCHqh6QBI9oT_aCmBR2_aKfX8xIB6eXwoZrXpuqsoroo38ML2Lu7AsBcseVX7If6bZgFqO2LzPVXbSNOwxa7yVMRukyWNhPDPzXNO0fOuvFAAbyf-wVlxZtJ4-25L74StWUXxjneyawjbCMTSqTOhs3ZwRX0kxTCi7kAcpLlc_IJ0TzzggB8Iq_XR4RjSUKJuB7ER_247AULvGDnZylsyZQ80UH3-ILT9Idhxdjft31MxyPp_0Pj0Pil9Z1NO5q_Jd9kFJabSRXZwl2gWwA0cukVPnynYnYMf_v107fK9VZcei3_4VdAPVwxPtuAvcC-73SD-5U57iksX81pNStCgVhEeo76YmTY3eM6n62VvM3kjDMjmVKTPX0sIxwW3C_0hCHqA153dlBeHg8FxSKJRYJ7VgBGk1rOJsv8ieNPOTYAabSes9lcUqqrqDqfQcuhs-2TsyTXpqHk2EixKcAUZP-yyrnkf3WAEna9BP_GRUvm2mmXKajG8byQigJh-ZLDBRmnP7gZ24KJWBTCwlVhWX-9a9vWacSSg3KVnpp1pv2n8AHpeVCc9Mo_KRNir_2SYUwWg1CrX05zyZXHIh4QEVCD7VdNaqfkXImYy8mHTnkzvDmPjYAHGKjE68btdRIOqNDY3WcBkHjvx1pvzQnKP-UqaoWnOnenVSpht5UPMQCxrE96vjm6tCcw4xzN_N59mLkdcNbdzsfbLgNkosJYLJJEa_E9QtjOiYuYZeigQeD6zxg1JgWvoz-K7byMv93TzTt5sEadlCtK6R0vkxyxKaCJAByAM_5P1B6BCr1zTqHepOtkAHaeUgDy2xNRdu6LvDuVEAqkteflcrPE9MyBN6pNujyI7j96EvCIrx39aF3id69KegijWEh30UQi6gXSFljt0NILxtYeR3HGaL5xzGnRotRYmKaEqbEv9wSiptQbPGFtAV9iiyxr54JCsipz8UHOeseqMeLdjKBLrthWwkgCjmZwXmVwg-tNXrd_x7BSfOuze2nos_5mTfScoI8TMh_R_xDLV1u6FPXy7_Dtc9pAspHMmsQoIELXtp3wEf-b3doIW8toXDUONNz8MsyCLBit_mcsPvVrQlPwKhKVGH-UOabklcyjoBzm3QkvK-NwVj7_3Ej8OQlOT9vlflCQA8&cid=CAAST-RovHivgyAJDt9qcau65Xyb_CjLFRPXPZHDmagGQam4-si1eBFRWHGwUl5YxWDbYGUfIC3VP3b8wYfCvDnpuGgfNBbb-6GewelELNz_J1U&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f157.1e100.net

Software

cafe /

Resource Hash

dd9109cc213d00d8acc829c496d088b0c11ed39ea2589ecb400633942d8a4cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15844
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C349 0
0 31ms
31ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQiE0H3pOYtjkLKTJ3gP7oqvYAZrpx7tny-GHz5cP19aivcABEAEgufmMKWCVgoCAmAegAe7JlO8CyAEFqQKdimvoZUiyPqgDAaoE4wFP0LdBX0OW1wyFH73Pep7XW6-EVsN6-iJW0f-INveXC1tlMc2bKOgp6ff4ad3EaPAz6LR6_evTF4C9RajFqpbjehgzici2jOIcctwtF5-uYzGOQJf7Ded26rVJNWUyEHLZL2RSE445ODU49vs4J2AAFnKbbfuR98xCuWYyyWA9BRRnH9mHusByheIGCs_p-QN1_WHiLZXnEhAV5vlYk_CLK-GMkeps_IXZoUYkHe7LTdn2I8TEavvGUnJ24wMan8Hb3XKta3IR0bchl0-CoykHmK-mmaeiFLKJcGgfcTd5ABluDsAE2YaBm-ID4AQDiAWQ0Na-OpIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH-rXrkAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChD64igYx93YvgHSCAkIgOGAcBABGB2ACgPICwGwE7Xj4w7IE7vg_N4D0BMA2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTU1Mzk2OTE0OTI3NDIwNzQYwd8P&sigh=6t79XlLEdxw&uach_m=[UACH]&cid=CAQSOwCNIrLMEG5D0WXqGmei6884Lcr7KDCG-Bqnv318U7OorHHMGSuCjhrNjKsQsgwstDxotfSWpP-y-mDE&vt=10
Requested by: Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C349 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a61208cfeaa963a99aa89a119495d8641b24a534aa8a03933a89c1d08262dc9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4988 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:43:59 GMT
expires: Fri, 07 Apr 2023 05:43:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA9D 0
425 B 42ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjSgv_EATAB&v=APEucNXw5rh_Lzu2g3PzY0zAkcxOw73g_bIKpRWWVQjJPCIX2NgAfif-8Nhu8pnv4cmRpejn84hEJt3ECBbrY3PwxF0a9MUVhA

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4988 61 KB
30 KB 73ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9e_-qJ5QExPIUwAASWfI4HafojHtnq7wKCvzpbT-DeYl8Y3ottzc7jhvCqtHYgVK4WZLjLr2ca9DJou-Kk3LW-l_1h_mhqcA4aRZvXUnYsCTfHHcFfsYz-X0RCVovb-nm0R5SenDfW2h2BbzsCVz4nH7Fiw&dbm_d=AKAmf-DJOhLsMoGgZM96s0inxA-H1nc_UiN3WldPToW6uVWHnH31bdtAd2SzyTH7WmNcnI5qRJdUu9ruG9rMO0I9AbmzFR9fwHJjaV9EBgXz8hsF9G5q_gYVnJFl1kM9zhpkdpwllCIzC2pvyp_-6H6nohJvcTErpbS7pNSpWTcNIfwnVwsMKuJp7nAlidYrk9T0XweI0jc-XCS_iZUtn-8EXqOSMN_FnVELxaaoGFyetXNo9E40hf3vestswl7CnTnmXgLUPhrX8VO3oeSN3tnkk8KqaC3Q1qIfVOIxUcQE2kFbw-2o4q-vKWv6QczKVCbFxUP_mNnNryi632vjZrsYOIcsI2ljiSMWdes2mJ7lhR0sTMz6fpN-myX73IfX8IIzeXD2Ntr_DPHU9afP9O8wVEGUIRCHe55q6qyyua-Jm0a8gsCr6h_Ur_rNlcZM1GQS49I3KUl12mhXo-CipbEZJichaHTOOTv-Sero4RRYdn0_vAZceWN3ydPeBy_CWQhkNJQd7aWY-II3EzlsJAsm1heTRicqaqKLTyftEwq6TDOMvfJ_wlZsgiviYl8hT28bSGCZqBunsFCQp_RSPTvsmFgRKRyykaru-_nc93tmJ4-oIqnnJk0Qi5B6v-LvDr372ysB9NTo-KeoQjNFLRnBh2YOF5EsUce_gk9lo6dzjfp2SOQVdZP1tyXsa9knX0kX9lW5dTKJGXYllUGt1quug5gwwH-VtuqKzTmXk_NgEDMUYgW46g44mgx-4urcKV2Bb1hPzq1_arI-NoyvgRGnpo0smjiu2wCO-Ghm-kx4XtabChHlzyQ5OPg-S1IjvD4HU53-TXA40JfhxOtzEEoMqIglUCoiyniaa6hvmqvLQZoIOG-nc3BZln47uRRZ8gu8JfpSzAUHWPZUdMijYQ7jzh3GNLxkWDO1XfHOLFz0XnofPzkFemhCysqkovF40bWpLWvrIGf4JuHOoAgubuFUTYcM0Qw38WAK4P2rnRQvPbVWtnG5bHFuPJC6EcVJYGymUSYXwaSBUcR2UxxsVG9L2f_evIvjwVN_BpkBPJh52lm5nivRwwVhF1ARP1a3-62ka_CdAqnXvoFdozjcHK5h9EAuBge5a2YEgdJJXxeaK9QFwS-pep-AjMrIBv7Wnm1mLWtXFGYqtiLwFt84QeuL4M1wl2SDTw6vcs7_Li9uHkrzS3QvIZYpbwQhs4X6IrhSx1Mni5TIRB5rdLmuMrFa_VtdtEUYAvrqFm4jPMjjR5qZTU6z6Y7xYj2fBQNea3DeyHv7MgOU0Ymnrf4-pAfZJHxOw7-h1aHudoKTZLfjRee9wPub8VfVJGjDupVZUhiCWc6KgyyGHNqreQ6mpSL3DOZ6tpxmJ0uBzH2JCwF0Oj1Mk1UzLPksxyIU0CS75Rc2mxCNql-kGh4Rlbnh89aV5OYWFu86bg3H921xRixQBZnyiyRGo9yJolFlsXwph_Ft6AwYa_K8qgU4IcOt7eUL-7gDpyFGlLRQsf7M9J-8OuSFTmmYYAwuJ8oRvd2WFanIuJV2oE4WutJpcsJItOdJNMO4yoTcb2kM4S7Uo3pHl4nIOYPlj9QjEPnbgBxXthxPXMpJRQtMC0QJQNzL0lIykn12zYddoHpVta1Fq1DS9HBZLi_nd6pzP3I4aam1ol7NTu0qucaYUGKpTpMK6BG4NQLG5fDIcVnUOwLtcj_KtQIYrHR2P3cX8yDTj839GMl0sD5H-AZuU0GAC3wlFVTBK15O2iJWKTMNSxkCWrGGFV365mDcHxa2f4SWOsZOZycJiqxg3J3rqcwMz3t3AA6lHQn5xkmyfs99PhQEZ8wiHHhErazqJaWyX5BWVEKgYMiqoQDQeQCn-EUfpYOR9L17duYG5eYZXwYaGZt-pot1cnjgxIEpRO_cHpYjd3spDusuJM3Z1K-_CqEBHY9dcYCdzQRH8nnhlmS175h0EKndGxXTtYNxYGtXjDZsuYVmwiHvQqJy5QOS_VOhxrdy7dLMPF2kb74A076LoPSqysXIo7DlD74j2cXaw0m-RtZXMurReuiYvB4WYTkM11-Hl6RHYlgsheV4cmQDNzfLGH8NhO6YYRS6dRhXF7WP_2yas8p_4vawZ3jvxa_gfaMryq8cqBf57J2RFSgBs34N7UJmz_Am6bFT_i6B2F9RQdErGE7S8FV18BCa5dnxHT2Zppup9NKzSIl8vjGj_rZoD4i7azvYnz_lGpiMo0xQpt-3mx53-kDAtvd4IX6hx1SCr0Yv3MrOAUaBRbUR1tzdVfctgnYiYlS3dbxb6S6JV6te55tTn0uccXWc3BsAY9gk0Q02zPn9pIQvcnQYmINl_VYHHj3BYSj8JujhsiCaMtKmU4J2UbeZXf5k4Kyo-JrwL8-rlpKKHf5NHgBxmSpPMvIxjWEnEPhIiUtqmnVumdn_FQu0Z5PygZ9KPgFJgDyHXCAYNMCjYCMZ2ImaOKKlJN-rnA0tG6BhOUK73f2p3f3-5E-9aFzEseU5GmF2geSlHnBbCyefhRbompyzRu153LmDcp8pMOaMV9T1gjaTtAsu8e4NXFcpeC_UIedjga2gTcfcgmxvMgp8fL75WfDFQV2nBcxq4xSXNGLk1_mGEmg96UdpRb822T6-Z4n07d6CPri9FhtvXeHckaTodPOkS95_2AUGsQ12PGPP7AsoNtY-Le2lQRTkl_bgNaBazbxqjUdUmViSJNqiYAZANuXmh0JOtGEuqqjyByikYhCk38bsWueeK-ya_ylfhtV65aF9IIy974LWZGdnCbrv-L_7Ga6_XyBnTiJ5pVLE4UehwwhNa8gwWsQ93gBMdYiuByx1dc3ZpOFHTMjXCJzcg__FZVUMjRtZRrzYN9oSyZv61Vowzpd-18Ap2LXj_YQ6BqKoI_JJ_ckUkrgFS7vfih7wkf_ZRy9usgEnPKLrDAL1p0jUPKiPK-vlBccn5PNaRRQgkwS2O2X4hwjc3BLfWyp6hXfPA0JKA8mk46Ms4iULZj-_TaVBaGhoL4y85R70muCI3lqmHGokTzgGg0ddYYx86S88zJ2nDKQ9_SyYYK0vnCflBZDI_k3xB8ugdkcCcYaYtOmkX123T4YftacGdJAUS0I4_d9XuCSIWYVdvnd7iGAmGplP_lcGeFF8HAAfHnaW1IY08LKC857sPy-yd7ae-2W--YQB6H1C7PlTYSgTJpqbyN4-4XVKupdHQCeZb-lMOua6Z8b0Cvc2jukKR-DvG7E73fkGtEQH0h9jgeBNrqfwZ-AJSmJ8DXHMgTptlsEfCJmcKZ9iqIyCqQX7YmvH1JLvwN2ERh11oZUfKe1Cf5xjwLsDjk0jdvnW6pd-n2skl-nRWMTWywPnqmWlOnNgFoPGD3ghGwb6mUWF6-ixxR_15x2mg39lbCV4YTCu2BHgLKmKArxyUhhfLT18_8F91w_Jb5Vk6wQdd2v-EDSH_xKhoGMUtlzDRiIZLGfAcO4VpLpEothUD0wlbyc7R_NqDflocPlIyX3e6I44wdBPfGMu917I9wY7aHrWFVmclKJtbT2igDlNEyHEi1uJShKI1vGUH3JTkduQKL0VcPLedzv3vWjegsdX5jpws0oPo4ZU0r9tROvjY5Zrz9VgkSpy4UgKqyXklR-Hjy4&cid=CAAST-RoQ4nuPdiTGDTwhLl3kPbpIxQfworl4xQSnNycOR9pLzXckFTVxipPdZ7V_CvWnJCs71fFepI4ZBk4wQHscUpbFHbpb3dlbGlcbGwxhHY&rfl=1%2Chttps%253A%252F%252Fwww.bgr.in%252F%240

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

408e2ae2403bda4588d838d87593b862e01d57b3f07c633c6c1f92e3588681bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4988 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dn4DDWAmlEmbwsySc1c5Alalo6UCjJL_j4-679VO8rmzGeL8gPXuj1SOqLDGNk_5brtuTkh5uhcZa9eH4j7HD0s9SNtoai2fepzfhfsAzMJz7IEBw

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 4988 3 KB
1 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:26:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 4988 15 KB
6 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:27:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4988 0
0 162ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDGgv4cOIEL_O_Vl0H0pjgPy3GMpWdaMXkMxY8UMxrl87WyGRvynUMYu4K4Er-QJUdewja
Requested by: Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4988 119 KB
36 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:44:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C349 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:05:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame C349
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

43ms
7ms

Fetch
video/mp4

2a00:1450:4001:6f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52AB04D8ED475A08F759041D691E6717D81EC495.183E822384A3132E41E57CCDAC99E632F2A98D63/key/cms1/cms_redirect/yes/mh/LX/mip/2001:ac8:20:302::202e/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1649308912/mv/u/mvi/3/pl/54/file/file.mp4

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:6f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 05:44:00 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2722746
Last-Modified: Wed, 29 Dec 2021 00:47:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 07 Apr 2022 05:44:00 GMT

Redirect headers

date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52AB04D8ED475A08F759041D691E6717D81EC495.183E822384A3132E41E57CCDAC99E632F2A98D63/key/cms1/cms_redirect/yes/mh/LX/mip/2001:ac8:20:302::202e/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1649308912/mv/u/mvi/3/pl/54/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame 4988 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9e_-qJ5QExPIUwAASWfI4HafojHtnq7wKCvzpbT-DeYl8Y3ottzc7jhvCqtHYgVK4WZLjLr2ca9DJou-Kk3LW-l_1h_mhqcA4aRZvXUnYsCTfHHcFfsYz-X0RCVovb-nm0R5SenDfW2h2BbzsCVz4nH7Fiw&dbm_d=AKAmf-DJOhLsMoGgZM96s0inxA-H1nc_UiN3WldPToW6uVWHnH31bdtAd2SzyTH7WmNcnI5qRJdUu9ruG9rMO0I9AbmzFR9fwHJjaV9EBgXz8hsF9G5q_gYVnJFl1kM9zhpkdpwllCIzC2pvyp_-6H6nohJvcTErpbS7pNSpWTcNIfwnVwsMKuJp7nAlidYrk9T0XweI0jc-XCS_iZUtn-8EXqOSMN_FnVELxaaoGFyetXNo9E40hf3vestswl7CnTnmXgLUPhrX8VO3oeSN3tnkk8KqaC3Q1qIfVOIxUcQE2kFbw-2o4q-vKWv6QczKVCbFxUP_mNnNryi632vjZrsYOIcsI2ljiSMWdes2mJ7lhR0sTMz6fpN-myX73IfX8IIzeXD2Ntr_DPHU9afP9O8wVEGUIRCHe55q6qyyua-Jm0a8gsCr6h_Ur_rNlcZM1GQS49I3KUl12mhXo-CipbEZJichaHTOOTv-Sero4RRYdn0_vAZceWN3ydPeBy_CWQhkNJQd7aWY-II3EzlsJAsm1heTRicqaqKLTyftEwq6TDOMvfJ_wlZsgiviYl8hT28bSGCZqBunsFCQp_RSPTvsmFgRKRyykaru-_nc93tmJ4-oIqnnJk0Qi5B6v-LvDr372ysB9NTo-KeoQjNFLRnBh2YOF5EsUce_gk9lo6dzjfp2SOQVdZP1tyXsa9knX0kX9lW5dTKJGXYllUGt1quug5gwwH-VtuqKzTmXk_NgEDMUYgW46g44mgx-4urcKV2Bb1hPzq1_arI-NoyvgRGnpo0smjiu2wCO-Ghm-kx4XtabChHlzyQ5OPg-S1IjvD4HU53-TXA40JfhxOtzEEoMqIglUCoiyniaa6hvmqvLQZoIOG-nc3BZln47uRRZ8gu8JfpSzAUHWPZUdMijYQ7jzh3GNLxkWDO1XfHOLFz0XnofPzkFemhCysqkovF40bWpLWvrIGf4JuHOoAgubuFUTYcM0Qw38WAK4P2rnRQvPbVWtnG5bHFuPJC6EcVJYGymUSYXwaSBUcR2UxxsVG9L2f_evIvjwVN_BpkBPJh52lm5nivRwwVhF1ARP1a3-62ka_CdAqnXvoFdozjcHK5h9EAuBge5a2YEgdJJXxeaK9QFwS-pep-AjMrIBv7Wnm1mLWtXFGYqtiLwFt84QeuL4M1wl2SDTw6vcs7_Li9uHkrzS3QvIZYpbwQhs4X6IrhSx1Mni5TIRB5rdLmuMrFa_VtdtEUYAvrqFm4jPMjjR5qZTU6z6Y7xYj2fBQNea3DeyHv7MgOU0Ymnrf4-pAfZJHxOw7-h1aHudoKTZLfjRee9wPub8VfVJGjDupVZUhiCWc6KgyyGHNqreQ6mpSL3DOZ6tpxmJ0uBzH2JCwF0Oj1Mk1UzLPksxyIU0CS75Rc2mxCNql-kGh4Rlbnh89aV5OYWFu86bg3H921xRixQBZnyiyRGo9yJolFlsXwph_Ft6AwYa_K8qgU4IcOt7eUL-7gDpyFGlLRQsf7M9J-8OuSFTmmYYAwuJ8oRvd2WFanIuJV2oE4WutJpcsJItOdJNMO4yoTcb2kM4S7Uo3pHl4nIOYPlj9QjEPnbgBxXthxPXMpJRQtMC0QJQNzL0lIykn12zYddoHpVta1Fq1DS9HBZLi_nd6pzP3I4aam1ol7NTu0qucaYUGKpTpMK6BG4NQLG5fDIcVnUOwLtcj_KtQIYrHR2P3cX8yDTj839GMl0sD5H-AZuU0GAC3wlFVTBK15O2iJWKTMNSxkCWrGGFV365mDcHxa2f4SWOsZOZycJiqxg3J3rqcwMz3t3AA6lHQn5xkmyfs99PhQEZ8wiHHhErazqJaWyX5BWVEKgYMiqoQDQeQCn-EUfpYOR9L17duYG5eYZXwYaGZt-pot1cnjgxIEpRO_cHpYjd3spDusuJM3Z1K-_CqEBHY9dcYCdzQRH8nnhlmS175h0EKndGxXTtYNxYGtXjDZsuYVmwiHvQqJy5QOS_VOhxrdy7dLMPF2kb74A076LoPSqysXIo7DlD74j2cXaw0m-RtZXMurReuiYvB4WYTkM11-Hl6RHYlgsheV4cmQDNzfLGH8NhO6YYRS6dRhXF7WP_2yas8p_4vawZ3jvxa_gfaMryq8cqBf57J2RFSgBs34N7UJmz_Am6bFT_i6B2F9RQdErGE7S8FV18BCa5dnxHT2Zppup9NKzSIl8vjGj_rZoD4i7azvYnz_lGpiMo0xQpt-3mx53-kDAtvd4IX6hx1SCr0Yv3MrOAUaBRbUR1tzdVfctgnYiYlS3dbxb6S6JV6te55tTn0uccXWc3BsAY9gk0Q02zPn9pIQvcnQYmINl_VYHHj3BYSj8JujhsiCaMtKmU4J2UbeZXf5k4Kyo-JrwL8-rlpKKHf5NHgBxmSpPMvIxjWEnEPhIiUtqmnVumdn_FQu0Z5PygZ9KPgFJgDyHXCAYNMCjYCMZ2ImaOKKlJN-rnA0tG6BhOUK73f2p3f3-5E-9aFzEseU5GmF2geSlHnBbCyefhRbompyzRu153LmDcp8pMOaMV9T1gjaTtAsu8e4NXFcpeC_UIedjga2gTcfcgmxvMgp8fL75WfDFQV2nBcxq4xSXNGLk1_mGEmg96UdpRb822T6-Z4n07d6CPri9FhtvXeHckaTodPOkS95_2AUGsQ12PGPP7AsoNtY-Le2lQRTkl_bgNaBazbxqjUdUmViSJNqiYAZANuXmh0JOtGEuqqjyByikYhCk38bsWueeK-ya_ylfhtV65aF9IIy974LWZGdnCbrv-L_7Ga6_XyBnTiJ5pVLE4UehwwhNa8gwWsQ93gBMdYiuByx1dc3ZpOFHTMjXCJzcg__FZVUMjRtZRrzYN9oSyZv61Vowzpd-18Ap2LXj_YQ6BqKoI_JJ_ckUkrgFS7vfih7wkf_ZRy9usgEnPKLrDAL1p0jUPKiPK-vlBccn5PNaRRQgkwS2O2X4hwjc3BLfWyp6hXfPA0JKA8mk46Ms4iULZj-_TaVBaGhoL4y85R70muCI3lqmHGokTzgGg0ddYYx86S88zJ2nDKQ9_SyYYK0vnCflBZDI_k3xB8ugdkcCcYaYtOmkX123T4YftacGdJAUS0I4_d9XuCSIWYVdvnd7iGAmGplP_lcGeFF8HAAfHnaW1IY08LKC857sPy-yd7ae-2W--YQB6H1C7PlTYSgTJpqbyN4-4XVKupdHQCeZb-lMOua6Z8b0Cvc2jukKR-DvG7E73fkGtEQH0h9jgeBNrqfwZ-AJSmJ8DXHMgTptlsEfCJmcKZ9iqIyCqQX7YmvH1JLvwN2ERh11oZUfKe1Cf5xjwLsDjk0jdvnW6pd-n2skl-nRWMTWywPnqmWlOnNgFoPGD3ghGwb6mUWF6-ixxR_15x2mg39lbCV4YTCu2BHgLKmKArxyUhhfLT18_8F91w_Jb5Vk6wQdd2v-EDSH_xKhoGMUtlzDRiIZLGfAcO4VpLpEothUD0wlbyc7R_NqDflocPlIyX3e6I44wdBPfGMu917I9wY7aHrWFVmclKJtbT2igDlNEyHEi1uJShKI1vGUH3JTkduQKL0VcPLedzv3vWjegsdX5jpws0oPo4ZU0r9tROvjY5Zrz9VgkSpy4UgKqyXklR-Hjy4&cid=CAAST-RoQ4nuPdiTGDTwhLl3kPbpIxQfworl4xQSnNycOR9pLzXckFTVxipPdZ7V_CvWnJCs71fFepI4ZBk4wQHscUpbFHbpb3dlbGlcbGwxhHY&rfl=1%2Chttps%253A%252F%252Fwww.bgr.in%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:39:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/ Frame 4988 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:40:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4988 0
622 B 79ms
50ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2LES3hkKqND-y89YNC6ilrlDMv9FpnF2pNLxVNiZ3_hHE3gp6Yf_kXwbNQw7URVfkaF7ThvmY6u-mpOArQJBfRXmNvIhDcYXx1eFJiyqAvgnKrt_EMrVUN_S2dNCnrfn9dcjuTSH2qhx7dNbZuldrEQAtgccrILD_nN1AM4UdRiheglnLAVk3xzu8mTbSjBgQvKrcdOirmqaYifmErjEIWiO7un7F9YWKEHWNHn8o-Sbjq9bY-9YCJGbk3IkwzJuSN1ONSN7TwNLlAKFaUkcAAElLpkIa2YsiN87078ItWsIwV3Pw2T-5W689vo5R_gzOEZqx9W-vppGLUqdJlwVxSCUihjgjGGEP-PWNr3sxuXgM2ZSC7ocHeuk0fWN8dh8wLMFlypUP9kmWXga3tEadKT5r2X42onY9P-RyIIq8nThi-fpDwTqI7raSpuQuuOhqCtf27RESFcDtXnUgCCNoJjg3cDHIgzn-iR-RsZnpYql7xLQi8UV6Bxpuq6bn-T0NYDh_gkJa5_jlHPcjw-JzKB-CRMLvSSC3o4JMBTXtSCzKDKWv8Ye2Bn6dxzqEiZz5q4dTRyiOaaE1rz9mcEplEX4RHvP27Bqc_SDXVzjTuhzM8p-SoHeKp00pIdgUs4o1o9EhgeZsvmIeebs2LNuC_0E1Up8uTSxacQt4J4W25Xbe0iQTnEJH1llDf84gVGSfOW-K_H2SZf2LQqWUc4PQ3I0PHmgzaOhUpz9I3LBgLQ0A6PCJ4t-BRs-F6ySEohevaHCcWr4oJRFeYB7eMh63avVIX85GnSDpwjX1sIGRkL2jLeD3ZtEPjYUC4p_37M9VI0EmhGj_IX7FZf0YCYfldib1m1kLN7JM1CG9M_dRI--xJanXmzgj_LjbSAScz_6-RCT46QKQUm9-9Y9r70XVszy7d95o3gO7UpebBppJo7uJvBBV3qUY2j4SSoTRkcgAOO9htGokSOuSu_XsJUzn3I72bwsdOm1O6THssltlVjfVaL2OisUJxALuUMycxftbFZFLm26iqfd1N1UQ5WEuPMmQNVKc7EUFRQbzfYvlVq1E9PwMQ1Yw6nLDc78v7dmKoOGA0quA5CJ4Rfnic6OSyfXb8BOdZ9FGxW1b9KjD8hyJ_nbT9OuQi0YjbkIQKbEcG_gQjjdH2k2cZypgp30&sai=AMfl-YSCsPM4HqCzY4dfLds5i0A-kmq-s5UsC8j7GOrmt6WqEcyc0ohjBxEmv8Fi_xZHpPrgYFjsUkuDii_ysM1j2rUT2hpN29CdpWgqsOu8mpLdlJRc7ydkrFmROuAFaiQF6b4W6BTWeqmlORddZoVHOhlD1DTD80MfuV9btbYUawEYNzaPjAG-5HjL5AkfJh897AALSbBxeW-imaGwxTlnh7XirJnQSZ9sV4920IEKjrbwgyL3O4JNMnfDFGFjn9A9eovX8NdeFU6EQqvy526JVPWCiXid4ba9qA&sig=Cg0ArKJSzDRDuZOluOg8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20220405.96257&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 07 Apr 2022 05:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4988 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 06:34:48 GMT

GET
H2 200 5405262816652727
s0.2mdn.net/simgad/ Frame 4988 27 KB
28 KB 36ms
7ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5405262816652727

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91a508e70b4e2fc7bf99410e52cdabbe5ff675c62ecd3a80acfc6ea940325b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 04:00:25 GMT
x-content-type-options: nosniff
age: 179015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28002
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 22:49:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 04:00:25 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E67 23 KB
9 KB 8ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 283405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 23:00:35 GMT
expires: Mon, 03 Apr 2023 23:00:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4988 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1540d7baa60f9f873f8ba8d2018f4de1221a246ef6d010a8b3e0b59dae00b81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5CFB 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 257372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 06:14:28 GMT
expires: Tue, 04 Apr 2023 06:14:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4988 0
63 B 44ms
43ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E67 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 04:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 04:38:41 GMT

GET
H3 200 VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CFB 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13564
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 16:24:49 GMT

GET
H3 206 file.mp4
r3---sn-4g5ednsk.c.2mdn.net/videoplayback/id/e6f1538521bb0188/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3785186846/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame C349 164 KB
0 15ms
7ms Media
video/mp4 2a00:1450:4001:6f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2722745/2722746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2722746
expires: Thu, 07 Apr 2022 05:44:00 GMT
last-modified: Wed, 29 Dec 2021 00:47:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 container.html Show response
5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 80AA 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:43:59 GMT
expires: Fri, 07 Apr 2023 05:43:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8601 0
16 B 35ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCp37T3ARjunu3BATAB&v=APEucNUdTIpMMvbeL5nbNqzdODeINxlEZCinFN0zAruVErlGQ0ogYJhCWFKDiT2neLLsNfuTjIsmc9y5MwYjqEPJ0vPT944PPg

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame E06E 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite_fy2019.js

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 04:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 04:59:50 GMT

GET
H3 200 4246319668733505871
s0.2mdn.net/simgad/ Frame E06E 32 KB
33 KB 26ms
9ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4246319668733505871

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44a6a315ed1bbdcc19939f3183fb7a2f7f83c16cefcc903185284d849f7ffcfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 08:18:34 GMT
x-content-type-options: nosniff
age: 163526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33255
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 15:04:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 08:18:34 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/ Frame E06E 6 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:17:02 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E06E 0
27 B 65ms
49ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvOHEysaLe00dJyugWBQmudHl0hJraIpnwacHzNJdOtRZpOGJPe47NWd8Y-u0vwVDWQ-bZeoQlZotSNg7GBoJbv46snYIipsDIUZyW_Q04f__htQvagO0cROnZC1KAgS7y8NSUBCxk8WjizprTU_i0Nf4CEHv5qQYjDLm5HxGln2LRunnH-Nh-K5vxm6pCCs2RdwY_Ql5eYwc8qlXBvsdw4Qhvaaw_Th7gVc7-gRAWQVZASwo0H5eSgs8cTq_OKh_JrT3uXFV7gejjAY0tnIFP7WmswT0kyCxiyrsZR_LTPZS-kfRPJxXrCnNrdtK__C0HjwaLwzdnyGrE_R_JvpaGHk9TFJfzn_ZHvBAxlVROK0SmiAuYzoCYCriCTqs0scWYgRrdDgLNr3RcX4N3iTD6ZeWsdnFYD1x8AtAVeUuSXmNVFGR9CVLqVEYcFKOmJBnUVHVcosAW1CsE6CWYdoWIMOx8SRfz1UdVOX0hxMcag4o5I_S5MS2pEfsgBb3Gg7JygMcU9XPnUvGBdekFppaIx-4K6tcO8xs4rQq3gPmDUTM0xqTfEY72lAmpg2l-ukE-JUbgYYGttH-M2e58VowfN6r3DVTO3mxX6uYP3mbAePPNza09-LLEs6AzPEDzs2Czr6ckxLxxhwZpBryLxaQGpBofA9VUmR9HfknEfQNzf38KwKfIt58NSRysf5FUjaEjWRigwd7bXsiKUUlAIw5Eyb5pfhOFKgcbP15rMiZP2GAFcyNScZ1ZrkPbgoGMCajSlSLzdQfvyof62R2GhRNGOTBNHaQHHDXSVY-oXblRCaWTExiFeX8bYdTV-Yko0yePStsbDkI0vxYq0SUgzf5YsSyd7UnAjJFAnwKFI0ybQenbvMsgGHYodaqKtnVoi4GqOr1_ulQb5cn_ZbvH7MrgeLP5Ccyo-FSL6T_6MVgxhNly5PGYtlKZ0cBoE84M9xYLSpASmhRxVzYq2bClyn4rWykvtZIUjgZUfLawfT9qGw0g-JpwTTaVctS70oUdPjcYN4hHKCRZ_Df4J71zv0WZNpqMHMFjIbyIakP-M-JYYjt-qMvykiI4NW9ummRJEL5IWB8Ols2Kkh4d-cjje1Dtfq3_avFn4lvUQi0w-NGXm5t0a6MM-9OePNWagjjt8MFgIxoyjzPZYIRsEVuI&sai=AMfl-YQ_jH3WrMVwk86K1Ge8DfT-GtWCGiuq03bQiHZRhuEieiluGsvzyQgg6oTJrRmlKNVgDhRZkbKxa4OW2Pxw7NFCGNORz8v9HQ4WKamE3xP5WdbYdEe_TZgEf_iP8_YFRw6WOQe8VOIRnsIpkAzKg_-Lg2bjWwSd6BwMxTitQhWL3m4VumM51M_yG1IBQF0rampncfhwxqTzlqHDnvKYcCDyK-tWv0qooo7LwEsEx2TKpVA8fIY2kAVPOmpqri4Ubf8DqoJROOYP-uYyDIWnVOrt7In-fBThsRSyKhpb7_G2&sig=Cg0ArKJSzLafckTXWBSDEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220405.58153&adurl=

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 07 Apr 2022 05:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E06E 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 06:34:48 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame E06E 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:26:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame E06E 15 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:27:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E06E 119 KB
36 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:44:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E06E 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkZ9IkpHt8SAqNfpYBB4nzQKusOOQp5WgzkjfSoWZbO6TuIL1uS8hCV_95KrfCnMf5rE5fAPFjYFDh8QY4wl90gVHhmh-nJ_sqGpBTju0t45IUZiY

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 808.json Show response
id5-sync.com/g/v2/ 213 B
528 B 43ms
10ms XHR
application/json 141.95.3.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/808.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.10 , France, ASN16276 (OVH, FR),

Reverse DNS

p31.id5-sync.com

Software

Resource Hash

ab6c20e6a5e674135ff531991c116f23b30b0a4f717f59f7739ec6dfdbd54829

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bgr.in
Date: Thu, 07 Apr 2022 05:44:00 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
334 B 118ms
47ms XHR
application/json 52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b4598589ca64f35de407d7e2247919202a51ea5068c4011cf4c7616fa9d3c8e8

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache
x-server: 10.45.6.184
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
672 B 31ms
30ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 067e88820a2ad9be974c8f7638984f54c2e2978b6e689ef3237107f885777de5

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bgr.in
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Sat, 07 May 2022 05:44:00 GMT

GET
DATA 200
OK truncated
/ Frame E06E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c66422ef7d2282c2831abb79d5b36ef7bb339c0950222675864d1919bc203e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 12C2 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 257372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 06:14:28 GMT
expires: Tue, 04 Apr 2023 06:14:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E06E 0
26 B 49ms
48ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E67 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BC2BrIHpOYoziFuSizAaejIyIDwAAAAA4AeAEAg&bg=!R0SlRADNAAZAkm7qYJI7ACkAdvg8WjcGiaEVaHxug3D2PypflJJWSAPLKcgkzM2R7r38LoqdqAMxSAIAAADUUgAAAANoAQeZAus7ol56eIYEnaQ1_IJr83zuoiU9S0EkKUA9V82WQLQ2rutoJfimNHe5fey1GgYliTnfK6jtjc7zViNFv0WUBVX1quZZQB0Fy89MDMlawbvsnS_EqMjti5jRxNs7T7k7m4Q5QWtzrMqo7ObnPgq8GNd24yPKVi-QKcozb1yZRcRUtuRn3dUICUugpaLQUkCCr5YxbB4qOMEbxN7Jv4biLbBjjtFzZ9em_8ceCdiyHAfMUp6aFPgft_K2DORB311mae8XV8qmAflHuYft5OONCTA46ToTXE7J7QoEE03N6qw5M0LcoMUUwgxpAv9QLCCRSSlHBB2cuZ5cQ-gQnCmca17SZcEBtyb7u3cTL7HBJf2Eyg3E7wFl3pT7JoBANUnQvo2qExJTc4pEz8GeK7rnwpxkXUi9un0kgJZqsatdsa8TLYRBdgS2ykLkTo58CtkeObk7mjjzoumBKu9iNHzcvPUDc5tc9dISnlpHIgCBYYAj1Ar49brhC6xdBr8GG5LiRzGPczJRCqMVxlAFO44XSODnFQs7IQZNJZ6Pm2Ou2oOfraWitUKSLmrUiinMzf-08F7jH3sKcT41vdjMj7n6oZDIKVFgzySwh9uytTQb4TxnoeFdgu3Qb8aisd5VcmX1YRSVE6pbvqM9oL3mJ_lVifYhQRXeEzs34FC5rIWMoqPZON58DQrurthXN2lJ-PKVbHcDIQ01QJ1GTPy6B-n6LXcFsL10ytSV_D-mw1PnMkFo5NctIYkdwWoYek8rNTWk_ckmcOSKQjnGro5IwJ_GT2JI1lANVDo01pbpg77y2UHL2FtIk_lJeL5KvgWeXTjIL2ee9Vfcchcn9Heg8IE7vjhMH4ZUdkkn-aLawzyXNE3Z6zkFKmbD4ExuByLf1mxdmPaMIu9AnAd_tVGZLav7VHrDE-cSPGsTagQtZ4ccSsqaFCdbekS3u8mHCInhmD0ip0oUoG_XZUBWwxiwgXx-HJ2f_FsoFgTc8N92MjE

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C806 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:43:59 GMT
expires: Fri, 07 Apr 2023 05:43:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 12C2 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 04:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 04:38:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CFB 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BI_I2IHpOYvaRF4Sl3wOogbrACQAAAAA4AeAEAg&bg=!PT6lPnrNAAZAkm7qYJI7ACkAdvg8WrbBsp-k90VLWnq5mfn3KYeJ7V45NyMtyEkM6d2aygP6zUNVdgIAAADJUgAAAAJoAQeZAtuoPMH6y0fmi_H9vAGMDaPcK1jcgNZ3tOFVCPka3CumPibFAKtWTszQzsnGLAPvikdSnjJmWYku5EM8KgawPL88LFRSK1zLkJPVylC2Fix6SdNtYcr9UZZPJxiWbGNeOoJe89TMACmi3G02nzBjp8ik5AgsdwAl8rjHv2uMwPq2OkjXI8aB9IK4GLfbkj7jhHM3we1dI8tUl7BZqVDkKgG92E_XRpUa3hTaUQ1Fs3Id7xdb3iZEM7fG3g1geo-gm2OkGugwwVfW2pH0YPoyxAZ0mDNxPHfW-WfV5X8HjH6gnDkgNAiBr35ueDMvB7cSTlRFSqMFuzRHKSG7TrHRQY1PsR5LTEdVplr4zU1i0vrGNkPH0nqsipGUyOkg5_zYx0TfBaUAIwslaf-GPWJN4e6ixeYPBerSbhc_dDe18Pd2H_ABRYVJOgg1Gy1PkRpierZSpHzp8Wa6lCXfNU-fAzpwa08Z-mD6GQW5NPUQjQBptDOD0ON3iVcFjbvzkJLJyG9j-r_mrIYyHcx6pMScPBceUkIN0NtJ5xxOg-XAXBKEU167OXLRiDKTHF1pxsg9hxxLA0K_zpeNmAh99VfxpJniB6pspuMMvmu2lXypO5ngg4YjnhSAGusycfPiEr8_hn0oC9pfvm_iSP7MM2ZDTrc5uvXCZmTLbDEjhmhdokgHLnfL4LPJqhWOWTGlcP_RYBn4F95BwtesJhcyZWhKk6bQr1DauLWgZB3prKXacFRDQie4DVQTa-YX-pZrLX9R_XyPiwpao9xaGv9v8FvD32Cvt6-rbvOmjmyW9ypChtkP8trdkhBWcN3V-DpMFSdGV9D0qGsopJDCv7E-FtFq77cGIOW1JWmAevDuP_unEFS8eENQOIR4BC8RMehxka9BZ1Tk4gEy8pGNuXltWXD1nkibh7c2WzuRIbFiwl3PKvRsJG7DKWurTv4gfdLIyG0cDMPH7ERvOTZVhITZZQ

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7763 0
16 B 18ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHMbxCLqdvAAhiphL3BATAB&v=APEucNV8QMR0SVEb3VqJO5qgb7Mpcp9z8uSC5jQHsZZ88T4bY8e00YWf1JY12YCXo1lEwSe1ZFhBPfoQXmt1E0HveEskpuGyNA

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C806 61 KB
30 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKqtiGg6S7G9ymNWxDR8ow1L9DyOC6Y0m0uzd_DiAxJzJa-E8RXjWZ46L3c6SpYXnavnAc7beU6ZmdsacZ_jdGodtLHPkBtvpwJrKYG-k4zFqooY4tMNHflRzymMrZzbwlwvcs5IqeKWLhq073WVRYBzaz3w&dbm_d=AKAmf-DPpLL1S0OqKq4q2fqLXbY5cH0vgEO50_txbhgD3TwY-giC2qywSRwJgp5oVU6gGW2Evwq_Vb4wdeXlqRECSIvjZSzMiZbBpoMcWWzqGxrguNPJefxEoFoxtqaKY0AWfRmh9Arqq64V0DGyJr2tNeW7Kz_JymuaTsIsIkZXt-L_xIlmVnLoZWSwfw4QIFngHjjw5JKkRYIKU_yNWBAJSbXnR6n7zSrnRHhaGd0i4gPwBmcm_Wmsh3Q4D3HhBUaclrJ97jQgxg5zHpM7cWy4f00pB7wsCu0k0ssLDSdOHYpzl2zgUzPv074MTIPkI1m7p5LBBMjAySLuKMrAWr_h-003HN-_Ny00RQhK-0QIZbQJS3S4vx6I4htMcLc44zg4jkPwr5ys8RWoXhFJRdxNF0iDHWJlHoWWZoLp-r3W6Oa_a-1mNWuJViTN6lKuO5O2Tq5XRdTnMPQjRIDdf-6gkjauBUYCdExVLRjfqzwnIliwt4Z1xqlpep4Zp0ECRypySyq3QaIISgEFdRz52lDnkyEGCGvhpjJlNDm39Zk5J86pIcrN7Pec7hgzGWfGDl8pZBKHH2PZQu0dzCSlrde-H-iZIoeZuxjW8PGAN7RhIcjcC8La7yHQbW1CIlgxFwaTg7LfYgbfFnJsS_waosP_kY_qvCNk3sDaoTvM4uOWZXaz1MYT88pH1_VJW5PShYXwGuxNRudBgtl6H-vD0VVyqsCvMOQFuFPY-JZS6fEYScdSscUGOvNFhlKgHD6-pEPUfIb6lY9xGkq25by208cz1oZff1b2CgzLfZNtDlB2z2KoLXxwi1VtOfzqLYo_4mt-_Y9MohkgCNHaY_x6EXIJPaBFhWy5ctlb1fKtHg9f2Snn3W8phsKnCXekpQclJGEVMX5xN1byK3QjB4OHyIicwvcSNDuTslh0tMKDbR3x4cFxJAO9fTmfFZ7bjW15YYJxRCr5g2to2h_0fZ95DQu2uPKraF1zR_L7TtpK54Axu5gp4r9_-UXQFA53LcEmvhq2RGe5Jmhx_k-QegZTqKq4mOozqGTWtij09zuh74bnILpkKdYXmUypMzGPKHan-p4wHiVeWU6f6HJz3j3BC-V7QRTwvVeLvtJG-sse7_E95f0PBP5KleNeN7NnAVg1-F_8kialrHQnBKFM-uDtMJ85uddlqtM-xJsXN3fBu1y8nfVcUGqM5gvGzEzPI-gK0iHzK1r4FhP1RUWUlAob3JgkGllMy0fXwm88HTh2BAMW7HZogTw4CpCz7j0xJh7qBf5u2iP9gOvxdzZHMCmTOekctJMS6uGx4h4_XgQTu6i1tow2fKhwH_UHVZT0cTPOmmzbvT0k3alJV6BK2GKy6HgYvT_1gDyZrOL5tEhak1Zx2_Bar8YOjt0AVLsYM14GySxWCJQz1Vq5NulD4p9Sp7n4c2ipj5dEqSYW2AZCjdD4pvWaWf9y0xWstmEjivdpC6F8n78NmbjGgXIqTr2fd-2PFBHH9Q5a_KYFplIDoaxJUGUbbJ65fetP0N1_7Ve3Y31jHdSuV4I2I90xGXja-qVKuMOUKO3KkzQCeKFJMl6qrhNPZTfz1HGa48vLFS2CLW2rZadoQtya0mWY1jweXZAINGaJmdG0ZdvRH7aht64H1CgnHCaRzG9m5s-ttj4Yk3bwpniygqAXooeoACpGxwm7LzRZR4fqX1jXeSwp6-3NoEBdcZ0elfC3LFCWg253isIF76gL-YMMtm117mlG8F9MTYOwEKJlO2yw3iheWcTKKrnR2QKUfoXDLkLYucG65WNaicCTCKLweXvrhgT8YasI0C2js_l10aRYFM7MpI45_dPL4faUCwfmYJu4GhMT_Y-pwJBLbVxq9YSCNCr9GBtAop_zr0jr-iSby6tKpc8mr6usPwFBZZPu6rs78atHYmm84y2ObYONBTrsgjpWXiflqxlud_y-VjF6y0CgHeUFgcLQqg5bSusCD_h3PjThRfdizqLmA80_Lfr_NgaJIWhM7_HbwzgiRhG-NWeTqjCDIup_qblWoOJC-G4ZLZlm16B8RQykJppGzbEj0WJ9lsDMfNXJ_uRk83y6Tbvp6tEiAvgV9C3PgGfJzWnnwaSZM_aiZzKVzfHRHHBGfZADLU3uqw2vYY_EhNg73OMAbvTGe9nqmzRszt82z7E-tsChhQF347jT6hzcgNZNkKf48mVO4S1rL5yxWqzQSNoTi7zj8Vl09uxtBElJgXB_wv2lE5V1Q2SzubzvHfozbVurPdo9Z3ZFf-7ve2wjl_1NrKAU45MU3CpcInVND21xgboJUhijWWZO4fXVh4_D-ws5tEGkGb1VmA783LvPr4e9UnxgzNLR_HF7c6pQYZRpTPkwP0xaYf9HyfBL_llMRRwUqjgRW8B-U59_mKjP0a3YUwYZDt-hdgfrE42x15JdgYt0WXWCEoEQCdZT3QpjBRILdnGgrGVUdeAFk-38-h1NhiZ6Y75epSY4YOj-PLHohhh6xNqb9tc4pQ-G_Gk5CvU8PAIqa4Rn8ScNwiXbj1uMOJz5_UqZswK6SMJgEbeNE-ER_lpFoLaFcvqRor2pOLOoDP91LW3l5waiJsmq95XSAm9Tfo38_5X2kubfl-idgfkynXD4TnpR9hjCODpw-abW28r0APHxPD2L-IGg4ADVy4VXKMsSoK3vls1-HvslL-TGMPIU5UndPLuPBTfNgRdUkru9kbgwgt7ll1vYMkrA6l7KMLExqzd5DbFpjDLsHYQPn9jg2XNaFus4fyTmbIeeWJT_yX8qLSxUijwJ-IhKnxaoCRKoDa-JQ70tNvOm0o5q24ZoDcme9l-KLcaNPlIOx6Z8fO_c-c5ApCFQ3s_grG_H3Lmi3llBpOwuNtgDhleFiW_H2ioVeOaJS742AlKJilTTZWBjBL4nSQo10OxA4bm86pVcN_F_tkZvGvutfvu3wfSfOOtsM7HgPniXWaAfB2DNimKsEs1pM1_vFVUXROV_WaBbppH4_08-BfO7OvybRX5koJIOJghSCB_dLb480tHPRAzfhllVXAR-JyM7UOZWIdPq96PIFZQ7ETbbJjEImOQyzt5mk3kULerpV7U8Gokt5vfxsLz8CE3OxXxLIk5k9_Yb7MomndqCEn0roMS83ON6qMlXxWwEU_nD6RWZU3c9X90dM67dd8hfwlPJ0uBJ0muLNkfDsNBUet5QCmzyFIrQZxVoFsyZhTU2pffj2ryI7FMHNrVkRMngaug3-6Atbo0QhNUx-j8tvo3sgCwjxfTwuDQylYJQ55xwwyUKmmhmlfekVi6mG3R1c6nZCdZ9zOBldq1CxqA7qjp_HncV-B9rAoULB_BdMuYIp2htXjE1m4Fj-ftqCE4siAaVD0LMvXQij-VYDXscDE6aIAACOhFM9SBzb0dcnwq22ScxmCKZe4AK3wtWZCrHKXTQ05w9v_O65qNOttT6rHwGvYG4jvrXnEZ2BqO90gKsWNBN1wnmYSdz_Fps43e2aIFiM5A_II93foZU98z4XzNtgI1LQrMe8FO9zZg7y6FeTJ54JmzXO63YNQ_UowLEm-tPAFhihD41kFII9VA2h2ZuheucD6peWgqANDUaoIIiyzmCs0789Rnas3zgEBAK0EFL21GS4j4YCaBDrhHNHQAzxr8EyUNBQcgDcBfcge7H8Xt2gsxPRSW0JYyXtMQVtRg16pygCBAROL8P0lk&cid=CAASUORoY5L0Mpi3WoTgC7LaS1mHlhelHYI9HZZsM8MwdmU0-2pdBZ3Rq4Mvxvd3D6ULq3Dhv1tdlVUpdmjbvxR3zJdO-DJhwgFCfiCafqGUGlj5&rfl=1%2Chttps%253A%252F%252Fwww.bgr.in%252F%240

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92fbe55fbfe8146fc511ec499ecbf51efbc7717b479d50cc01b0874743bde5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30527
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C806 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpymdBel-eZbW-_n7xG0Tjhty29r-sq2iRtMOlMXefqyldbSiIBLrwRHToiThTn-PtLfuW1R-41RM_PPZie5CajnL4Fa-L21Ghf1PnPVnhrzgWM_o

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame C806 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:26:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame C806 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:27:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C806 0
0 15ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTh0iWn017UCqjBO9hlPS2f2Izv48rlEZ8B_FBdJdZNx8Xo72VeJT50RbVHY1qcR7wbXyRv
Requested by: Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C806 119 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:44:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/ Frame C806 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKqtiGg6S7G9ymNWxDR8ow1L9DyOC6Y0m0uzd_DiAxJzJa-E8RXjWZ46L3c6SpYXnavnAc7beU6ZmdsacZ_jdGodtLHPkBtvpwJrKYG-k4zFqooY4tMNHflRzymMrZzbwlwvcs5IqeKWLhq073WVRYBzaz3w&dbm_d=AKAmf-DPpLL1S0OqKq4q2fqLXbY5cH0vgEO50_txbhgD3TwY-giC2qywSRwJgp5oVU6gGW2Evwq_Vb4wdeXlqRECSIvjZSzMiZbBpoMcWWzqGxrguNPJefxEoFoxtqaKY0AWfRmh9Arqq64V0DGyJr2tNeW7Kz_JymuaTsIsIkZXt-L_xIlmVnLoZWSwfw4QIFngHjjw5JKkRYIKU_yNWBAJSbXnR6n7zSrnRHhaGd0i4gPwBmcm_Wmsh3Q4D3HhBUaclrJ97jQgxg5zHpM7cWy4f00pB7wsCu0k0ssLDSdOHYpzl2zgUzPv074MTIPkI1m7p5LBBMjAySLuKMrAWr_h-003HN-_Ny00RQhK-0QIZbQJS3S4vx6I4htMcLc44zg4jkPwr5ys8RWoXhFJRdxNF0iDHWJlHoWWZoLp-r3W6Oa_a-1mNWuJViTN6lKuO5O2Tq5XRdTnMPQjRIDdf-6gkjauBUYCdExVLRjfqzwnIliwt4Z1xqlpep4Zp0ECRypySyq3QaIISgEFdRz52lDnkyEGCGvhpjJlNDm39Zk5J86pIcrN7Pec7hgzGWfGDl8pZBKHH2PZQu0dzCSlrde-H-iZIoeZuxjW8PGAN7RhIcjcC8La7yHQbW1CIlgxFwaTg7LfYgbfFnJsS_waosP_kY_qvCNk3sDaoTvM4uOWZXaz1MYT88pH1_VJW5PShYXwGuxNRudBgtl6H-vD0VVyqsCvMOQFuFPY-JZS6fEYScdSscUGOvNFhlKgHD6-pEPUfIb6lY9xGkq25by208cz1oZff1b2CgzLfZNtDlB2z2KoLXxwi1VtOfzqLYo_4mt-_Y9MohkgCNHaY_x6EXIJPaBFhWy5ctlb1fKtHg9f2Snn3W8phsKnCXekpQclJGEVMX5xN1byK3QjB4OHyIicwvcSNDuTslh0tMKDbR3x4cFxJAO9fTmfFZ7bjW15YYJxRCr5g2to2h_0fZ95DQu2uPKraF1zR_L7TtpK54Axu5gp4r9_-UXQFA53LcEmvhq2RGe5Jmhx_k-QegZTqKq4mOozqGTWtij09zuh74bnILpkKdYXmUypMzGPKHan-p4wHiVeWU6f6HJz3j3BC-V7QRTwvVeLvtJG-sse7_E95f0PBP5KleNeN7NnAVg1-F_8kialrHQnBKFM-uDtMJ85uddlqtM-xJsXN3fBu1y8nfVcUGqM5gvGzEzPI-gK0iHzK1r4FhP1RUWUlAob3JgkGllMy0fXwm88HTh2BAMW7HZogTw4CpCz7j0xJh7qBf5u2iP9gOvxdzZHMCmTOekctJMS6uGx4h4_XgQTu6i1tow2fKhwH_UHVZT0cTPOmmzbvT0k3alJV6BK2GKy6HgYvT_1gDyZrOL5tEhak1Zx2_Bar8YOjt0AVLsYM14GySxWCJQz1Vq5NulD4p9Sp7n4c2ipj5dEqSYW2AZCjdD4pvWaWf9y0xWstmEjivdpC6F8n78NmbjGgXIqTr2fd-2PFBHH9Q5a_KYFplIDoaxJUGUbbJ65fetP0N1_7Ve3Y31jHdSuV4I2I90xGXja-qVKuMOUKO3KkzQCeKFJMl6qrhNPZTfz1HGa48vLFS2CLW2rZadoQtya0mWY1jweXZAINGaJmdG0ZdvRH7aht64H1CgnHCaRzG9m5s-ttj4Yk3bwpniygqAXooeoACpGxwm7LzRZR4fqX1jXeSwp6-3NoEBdcZ0elfC3LFCWg253isIF76gL-YMMtm117mlG8F9MTYOwEKJlO2yw3iheWcTKKrnR2QKUfoXDLkLYucG65WNaicCTCKLweXvrhgT8YasI0C2js_l10aRYFM7MpI45_dPL4faUCwfmYJu4GhMT_Y-pwJBLbVxq9YSCNCr9GBtAop_zr0jr-iSby6tKpc8mr6usPwFBZZPu6rs78atHYmm84y2ObYONBTrsgjpWXiflqxlud_y-VjF6y0CgHeUFgcLQqg5bSusCD_h3PjThRfdizqLmA80_Lfr_NgaJIWhM7_HbwzgiRhG-NWeTqjCDIup_qblWoOJC-G4ZLZlm16B8RQykJppGzbEj0WJ9lsDMfNXJ_uRk83y6Tbvp6tEiAvgV9C3PgGfJzWnnwaSZM_aiZzKVzfHRHHBGfZADLU3uqw2vYY_EhNg73OMAbvTGe9nqmzRszt82z7E-tsChhQF347jT6hzcgNZNkKf48mVO4S1rL5yxWqzQSNoTi7zj8Vl09uxtBElJgXB_wv2lE5V1Q2SzubzvHfozbVurPdo9Z3ZFf-7ve2wjl_1NrKAU45MU3CpcInVND21xgboJUhijWWZO4fXVh4_D-ws5tEGkGb1VmA783LvPr4e9UnxgzNLR_HF7c6pQYZRpTPkwP0xaYf9HyfBL_llMRRwUqjgRW8B-U59_mKjP0a3YUwYZDt-hdgfrE42x15JdgYt0WXWCEoEQCdZT3QpjBRILdnGgrGVUdeAFk-38-h1NhiZ6Y75epSY4YOj-PLHohhh6xNqb9tc4pQ-G_Gk5CvU8PAIqa4Rn8ScNwiXbj1uMOJz5_UqZswK6SMJgEbeNE-ER_lpFoLaFcvqRor2pOLOoDP91LW3l5waiJsmq95XSAm9Tfo38_5X2kubfl-idgfkynXD4TnpR9hjCODpw-abW28r0APHxPD2L-IGg4ADVy4VXKMsSoK3vls1-HvslL-TGMPIU5UndPLuPBTfNgRdUkru9kbgwgt7ll1vYMkrA6l7KMLExqzd5DbFpjDLsHYQPn9jg2XNaFus4fyTmbIeeWJT_yX8qLSxUijwJ-IhKnxaoCRKoDa-JQ70tNvOm0o5q24ZoDcme9l-KLcaNPlIOx6Z8fO_c-c5ApCFQ3s_grG_H3Lmi3llBpOwuNtgDhleFiW_H2ioVeOaJS742AlKJilTTZWBjBL4nSQo10OxA4bm86pVcN_F_tkZvGvutfvu3wfSfOOtsM7HgPniXWaAfB2DNimKsEs1pM1_vFVUXROV_WaBbppH4_08-BfO7OvybRX5koJIOJghSCB_dLb480tHPRAzfhllVXAR-JyM7UOZWIdPq96PIFZQ7ETbbJjEImOQyzt5mk3kULerpV7U8Gokt5vfxsLz8CE3OxXxLIk5k9_Yb7MomndqCEn0roMS83ON6qMlXxWwEU_nD6RWZU3c9X90dM67dd8hfwlPJ0uBJ0muLNkfDsNBUet5QCmzyFIrQZxVoFsyZhTU2pffj2ryI7FMHNrVkRMngaug3-6Atbo0QhNUx-j8tvo3sgCwjxfTwuDQylYJQ55xwwyUKmmhmlfekVi6mG3R1c6nZCdZ9zOBldq1CxqA7qjp_HncV-B9rAoULB_BdMuYIp2htXjE1m4Fj-ftqCE4siAaVD0LMvXQij-VYDXscDE6aIAACOhFM9SBzb0dcnwq22ScxmCKZe4AK3wtWZCrHKXTQ05w9v_O65qNOttT6rHwGvYG4jvrXnEZ2BqO90gKsWNBN1wnmYSdz_Fps43e2aIFiM5A_II93foZU98z4XzNtgI1LQrMe8FO9zZg7y6FeTJ54JmzXO63YNQ_UowLEm-tPAFhihD41kFII9VA2h2ZuheucD6peWgqANDUaoIIiyzmCs0789Rnas3zgEBAK0EFL21GS4j4YCaBDrhHNHQAzxr8EyUNBQcgDcBfcge7H8Xt2gsxPRSW0JYyXtMQVtRg16pygCBAROL8P0lk&cid=CAASUORoY5L0Mpi3WoTgC7LaS1mHlhelHYI9HZZsM8MwdmU0-2pdBZ3Rq4Mvxvd3D6ULq3Dhv1tdlVUpdmjbvxR3zJdO-DJhwgFCfiCafqGUGlj5&rfl=1%2Chttps%253A%252F%252Fwww.bgr.in%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:39:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/ Frame C806 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220405/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:40:17 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C806 0
27 B 49ms
49ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8zW5C-Qxhukb_iue7LcfWeKkH3Nlfu005GDG44ghSJNM0rEBxm835Z8F8t1tNV5AEUlt1KwukiTyoHGMrCs2BzRR1Mi3BlBXh6lQNAADZQPM7lOyoEtubjePTlYVqa4JmpOBt3vm-yjEbI3iWl3SVRTy5gSFwyvFDYoZ10KXD667YBzkbCpnWsTu8rX0eGAtjfpg7FHJZHpqDDTCZMmQmQMH4ILa7PEZOl-6r5TJvB7EihefCwsgRqh0uzuCiZ0TaKVCapUD4a8r8bBG7UsWtigCFSxQmqt6OtSRUkTy_N4jK-4zgosiGwiTyPFV27W8AhjpU6LrUhCl3RtN9xZXgJhBww7DKU4aMqmrOcORC1mJLmSkG-0zyw1KyFWv-2qr1FDyUrBADYCSosz9axZbmcqMu04KctygGm3iYvJa9GA_Rw64TFDKSuOTpI7edf_eg-XCBbKoDDmJI4KteY-NLuKAsso9OzLD85kIJL8kR_ZYSfYsyJTE3q9pJujYIxeLl31toFaQc4xXTH0sdPOEkDIWmqDOeud9jcySWP3ulHmc6Xjxj0d75XUqSpF1jJfXBlGWVx2zH0q6igHQx4KY9sLwKjOZiXQ68z4bWsxT51VRtpK3UTiHUOAZ12iPN57qwBjrWXtAPD_rOutEmHQY0rN5ALjZlBHgl_GtEnzwYDxh2JRA0-6VsBGlEWPJBmqqdxIS1U4SkyOGhrMaK4dHWma3M1n_Qm3GXWqJnQCwie05_GtvQa_FkPRumEZWE_A89sWDs3BTz08qfT_GRbsyL2K4JLjLrLB5l73kJc365FSdSzqbAdNwmi0K93mXS1MXdVeRiCGyH0FyLHsIDY8BYGgniW_Hqd8aVr0hL7fHdyjTgecl9RT_Feak6mVC2dV-C9X77XjzdtjLvfJcmXbw_HIQepye4I-Zu1K7vxA0IwdCFcXu1UAWQ_3leipklAEXOSeazBERAgnjNyqv2EHnFJkOiVxKHO5_Jtsomn4DAMEufxUMpWnp3P0uL-9ssCk5v32egC4IsC7bRyx5Ci2Emqqrp6pYUFjMedrnldhYsFN59znWotu7X9zTDd90TwbJ-XDhh71ru--hEEZpvmO8nv9g5-qBDe1Y7s43PFfPBerG4B1-IGxJZGENK_wgSXBIoz3zVjv3yAdwF5ve8ky4FLs6cu1MSkq17Jf1ERw4CtUoJ9X-KsQOPaij7pdqPMDe_BFEjJQ&sai=AMfl-YS5n20kCTuDNj2JduY3IvKff7FQnrBmHluUsi5ISV8preV_5MkFNomWbuGnCbYW_aj4DSCR5L2554qwNIVTxi__Wa_bdYNCORKHNxDMKtiaUIhXrWGqvbCbci32hl5G2T24PKjV0P-PkvexdrxlBslWO0ZJLb2v2TyX7UqxFYDkQIATACRN7NBnapso7Y1scIE25MUriZawO_513nG5k89pcGPIYivrJfxKPyRmg5Ug9zHF3-f0X-Kh7oMPkvoRpCyl4u8sr7lj6MZAtl9ezjutWTw7KW5Psw10hXf3wMMHxVZdUov-gDRNB-lLlQ&sig=Cg0ArKJSzA4qepHd2qMhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220405.78904&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 07 Apr 2022 05:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C806 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 06:34:48 GMT

GET
H3 200 8649191822320666944
s0.2mdn.net/simgad/ Frame C806 42 KB
42 KB 8ms
7ms Image
image/gif 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8649191822320666944

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66977af6c17a074fdf5a9d4c2c95dd0e14fa573419c9060b11102a47be6088da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:03:46 GMT
x-content-type-options: nosniff
age: 135614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42762
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 14:11:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 16:03:46 GMT

GET
DATA 200
OK truncated
/ Frame C806 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbc93718e7538973e4765c6d21a3aff266a5bd1ec1bc94113a3646fa10bca9d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 56A9 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 257372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 06:14:28 GMT
expires: Tue, 04 Apr 2023 06:14:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C806 0
26 B 44ms
43ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js Show response
pagead2.googlesyndication.com/bg/ Frame 56A9 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 16:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13564
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 16:24:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12C2 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2VQNIHpOYribEpPP3gPfzpbIBgAAAAA4AeAEAg&bg=!CQqlCk7NAAZAkm7qYJI7ACkAdvg8WoxTGGNXEe7jEmCxO7Hp5EEApPQM0KQT9To3bsJv3A4eEOjc7QIAAABwUgAAAAJoAQeZAyi6Orc4ZjTClXOFBQDFBC97PJEyW185ZhvP1v6mluj9SHUHF9gBioJlAn38HMQz5fN3EhEfQA5dBfJbw8_0y9jxFUcPPNiDMLWoU4WMI3NA1PYPHyqHL12CYLkx3sGsQtvXhgzQUUYpxRdRsI8IFAytNcqorY7ern2BUYcEKQmQ1J6EO2xniwEaPqTMQiJNzzFSLmjADN-KYjN7k79cJZdSUTq_DkLDcyXYALhn2uT5eshAOqnbVr2mdug24U8akUV_dZhKNyFG4VlrNuleKC3worC8GleK5bXTyP2nwIn2-6eUFTMvqUmbv6QQ_jeKjI1cxaQ-alhfgAuqXjsrjETN3WBPxFzeRpD_m8Gsv5tN4_NunqEWtJnpXUuJyiiLzfhcwpPU7uDFmBnKQ2EqHUiSGY8j8k0QrF-5jZvNy2kqWiIp0D4RZB-buOXZDmjuECaZmnBQSbViRBcmUggumGnBqvEqAOSM1FWjeTGjT2fMtEwUSQs1rzNz0HueA8Z7XuMoc7xmygxx-MocoqRjhmbLcLSc94jOCvw-eFTWZAUTk2tNBeGcfFrGYJBlxapEdOa6Y8qLYoTBopL12krH3vM1-NxDlSygDEZU1YaY2EGnITiFx4g7B1yhYb_v9uC8_MavpXmILTIIHpRmPl2rO_IW3y455k1iEm-9FCDhG71lZar6ZQWhKV2BNqNencEjkgiFUG7SvhvfeXBJysxHPQ-Igkssc-Shx2Fm4WDx5B9EgkfYL5yL7ORbpJvp7J00pDkgoWmZXn4Sg63CJMUl-WTXnw8MMG9qOZCNQ5iY5a5e5NBXfxt3tcXIyO6k9xpiPatsJfdizETKrcks2TkJnYmKXC3dz-EDzg9VRqH80mA4SCnAmAErYB80-_OvLDZyHLVxzGXZulXQD2E3bvy4B41wgCEJDQlK6bBXimucm58pk2q_SDpMvnP4YCxFFtNpBXfOj0cKxck3D57RZIkA7H7M51515PPul4WZEn8jjXzUB-Js0PYfxdUL2oC_p7-uCOPaUuxpMTVl2L0QTbMdP8ceMQS46Q3msZX9pIW2dvPQnNxjaf9BkYP2

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8BC6 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js?cb=31066991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bgr.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:43:59 GMT
expires: Fri, 07 Apr 2023 05:43:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8BC6 0
0 35ms
34ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COwGhIHpOYu_yK8GD3gONvbiQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTUzOTY5MTQ5Mjc0MjA3NKAB1bbS6gPIAQmpAp2Ka-hlSLI-4AIAqAMBqgS-Ak_QCmGn4VlEFq6h6w_amLLzsG8Nd2aL17VyrqA78XGmZ-XrFBt2laD3BpRIBTKCvpcOHQjwlhgqjmg5h8KiuVsGBXUhZyor73L1B0Qu3pTRIQxLEddZlECvOVUrrJwP46fH-vU1-M8VHsYSRcsbPJxJHcAOhUUz0YWY3i_CKy9B3NutpJFWKgsizSkMvAhs5yHkTaElsV0BZtJ_mCTUIjXQjT4V78FVCRgSS5_kUlY2sOhnh9LLAkU4R274ch6e6vIM60eNiE5_hM6dbbNp462jf0ClBtjpg6ggiwaQ-RSKqmnGhz5GLWAWjj54iWZE9x2xjyQpv_MsjMEnJ2t-V-UZ5QXUPK3_8-nHifj3oQ8BI8MDSHg2-YawmRmVIMBe5OhtcWGdIC2h7cVbUdYDbGVZmrsd43cAekpzoUwwlOAEAYAG6o7pkfHckYcaoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTUzOTY5MTQ5Mjc0MjA3NBjB3w8&sigh=-MrGEFr8_E0&uach_m=[UACH]&cid=CAQSPACNIrLM_nvSDC05XIdy2wc6zbXKIz_8lfnibDXRPX6oiwo_LAM2VnFjqt4HkAVGypbDc1qBABgtXoq6fxgB
Requested by: Host: t.co
URL: https://t.co/aAT3l6LOuO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 8BC6 0
0 69ms
18ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UqW_EMc1rAL6AZ2DYgICAAAAF_ml4mzbl1dcTbh1ECB6TmJb8agwZsUsvdpM9QAS&wp=Yk56IAAK-W8Kd4HBAA4ejeZa8mDnLf6dtN-6oA

Requested by

Host: t.co
URL: https://t.co/aAT3l6LOuO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 178595
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D18A 149 KB
49 KB 143ms
104ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk56IAAK-W8Kd4HBAA4ejeZa8mDnLf6dtN-6oA&u=%7CPn4SoKQLcGUI7X%2BRiHT8XlOz19UcudeUQE6grH1dqoY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF3B43Ok4Go5WSd4zB4qEgIVAnr78iq9MduCCNVK0814t_1wh7LXtBwIh16KrTMA0YwaV4CbL5FKyV0GmyLHQVCNsZtShEdFTWK8ohvfwXnVOwqNMnXRWOiDE8gOeNRVYlioiFAcT3fyImmNFFdhhEqHVfQ45euDyeD8BMuDFaB7wvX6DrbkUfUBrW2RkuGHS3cWHfoevrsz1SqN7ilf80m5fs6dHB_Zm2RpkWhuHMgkEWlQBRUv6cdQnDnek8erkth5uyzNmeNUNtBzemb1n9b3uIMmpg1UYWHkvPXHA5XJCqzXYZM08hRb74KJhJJbJHyHtg1wlX3KZ5mOztZ-Ptk7MuQZOgYu8_VTcrpyv-WvVZH_dl14sf1eU83TgKjeBmP4_ENtHjeI85jq5LhGhH8g6pqFhLIurNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQN-SIHpOYu_yK8GD3gONvbiQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTUzOTY5MTQ5Mjc0MjA3NKAB1bbS6gPIAQmpAp2Ka-hlSLI-4AIAqAMBqgTBAk_QCmGn4VlEFq6h6w_amLLzsG8Nd2aL17VyrqA78XGmZ-XrFBt2laD3BpRIBTKCvpcOHQjwlhgqjmg5h8KiuVsGBXUhZyor73L1B0Qu3pTRIQxLEddZlECvOVUrrJwP46fH-vU1-M8VHsYSRcsbPJxJHcAOhUUz0YWY3i_CKy9B3NutpJFWKgsizSkMvAhs5yHkTaElsV0BZtJ_mCTUIjXQjT4V78FVCRgSS5_kUlY2sOhnh9LLAkU4R274ch6e6vIM60eNiE5_hM6dbbNp462jf0ClBtjpg6ggiwaQ-RSKqmnGhz5GLWAWjj54iWZE9x2xjyQpv_MsjMEnJ2t-V-UZ5QXUPK3_8-nHifj3oQ8BI8MDSHg2-YbymzgHp0_C91fxZcJNHYtZ5NFR59wtdOftUoa7EcgeVlL2C8gjK769JOAEAYAG6o7pkfHckYcaoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T0kqco2e4LEDLrQhNqQy7lJU8kA%26client%3Dca-pub-5539691492742074%26adurl%3D

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9edf10ce0dba0521b3e04f6973361a53ada43aed84e7210e145e039dd979d040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 05:44:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=69DlQsN474OH2sX4idchos8xhEOuXsUTFDUidINAEKTEeTbbVxA8JQM_cFwyY960s7vHyq3MEk5zUPg4_XBqk4WmPuUz-brnwZeuAX8pgst7YU0ew9I9R-C773y_Lppa3zNhvggEJHrnOu1NgL6S6t0np_jdoA9-Da2-VH4nPNus0cdP6m8T_XC7hUTI2gSJLJHyeseFqSkoLQuyRyR6tVz5RM-d-PtGu6-C0Cn4hQBlf1bq9Kln9JNfo2kIRzg1yKV8Dg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 85650147
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 8BC6 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:26:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/ Frame 8BC6 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220405/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 05:27:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8BC6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGySUwuSFWq7p83JM9UU0N5OajMHPpkxopFbjx5vtEWM67drO3KKJcaGF8HjkvVvOr5XEZ
Requested by: Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8BC6 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 06:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Apr 2023 06:34:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BC6 119 KB
36 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
URL: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 05:44:00 GMT

GET
DATA 200
OK truncated
/ Frame 8BC6 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04481330b98d122a64a7a9072e6a987ed08e9b6e11ec4fabe84526896065c51b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 56A9 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbBPmIHpOYtz0MMSPjuwPsKaX6AEAAAAAOAHgBAI&bg=!GxilGFzNAAZAkm7qYJI7ACkAdvg8WoKlAy6JM3h-tzsvv1ZW7bAmD77HvQi24gyRG5TUlGx8Gj2z0AIAAABgUgAAAAFoAQeZAug2xbTdDjMDPxz-HAzxpsdYm3k6WRrdyAEHKbPZTYllZbr_XPY-s2QggJiDQY7XC3EClK0YI3Z7u_bMKc_m2LQwZJEsyf0LDvMrofUaom3OQZVxPOl1IFvdIUEMym0qyRA9Y1_F4NowzsL1audcImuqxib0AfSdCdPnm3HIj2Eh-D6qgbsUnMP0XaRhMcipR74tWyKA2xAPXNLGbJo_49iMPQkkJfjQNGmBunin7wNNO_WMv9vJ8DnHfX3KQkgsvEZ0n6HrB5nrZp4NcK6pfzfopIOy8iQ_dpl3phK2PPHzU1Wlzj6H3jGllzeVGR-MSg8IJ_bSUNO_xBeKRqoRq3hsZ-gwXcDHEwUoZszrajRB7epXfr66z3zpXTdbcXZ-KDHBdDxd0Hr3uCNV4SPOh24rlTphTo_eSXEFx2ZBoZ8rNLFelFgVSgCYrpli-BcMLLJEH1rK90VCwfqW-AYryrkP3MZnksANXF14gJyuZX0nHWrw02KJwevxzWIv-5EEKR60CcGgqgBGhhwskAaz81zwqPfrjKz71AB8ugQk0TIU0_L6Gn4L6r4M2kg8vg2j2nUtyDyLMHOed4E35iaXaVWawRtjVRyqHj48t_Man-uvNP5fHOruiIchGcRMJzYvjKiEKKulIB-cw5gbnBYF-GXgT_L86p5GL98S3xwc4aoxQDNKKlcu4l947RaP3EoOYv2fgiH4gYTbHmZWErXPlMRrvKIMh0lq42i-hpK2e-Bcw9bVKJ5l-4CehWU4MXPTf5LzFr_2WWn467KeN445nem2gbYv2a7r7HymFh4HjjUjRTW3o4hMu_z0TJYpNnLekGctMXtOUSVkUTLpqKVkG4G_RxzUrcUYsyXr15qzWOz7PBStZKy1TK_3jQygN2Ni_ZST-zD_U4El7sOkD5rP7oo_MixUH1nv3AhFBDwaknQqlwqY0jDtdwOUG4c9kscaA2-dTkPTpXr3LM_MNtBpvbTgSfGoquZSF3c

Requested by

Host: www.bgr.in
URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D18A 2 KB
1 KB 59ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk56IAAK-W8Kd4HBAA4ejeZa8mDnLf6dtN-6oA&u=%7CPn4SoKQLcGUI7X%2BRiHT8XlOz19UcudeUQE6grH1dqoY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF3B43Ok4Go5WSd4zB4qEgIVAnr78iq9MduCCNVK0814t_1wh7LXtBwIh16KrTMA0YwaV4CbL5FKyV0GmyLHQVCNsZtShEdFTWK8ohvfwXnVOwqNMnXRWOiDE8gOeNRVYlioiFAcT3fyImmNFFdhhEqHVfQ45euDyeD8BMuDFaB7wvX6DrbkUfUBrW2RkuGHS3cWHfoevrsz1SqN7ilf80m5fs6dHB_Zm2RpkWhuHMgkEWlQBRUv6cdQnDnek8erkth5uyzNmeNUNtBzemb1n9b3uIMmpg1UYWHkvPXHA5XJCqzXYZM08hRb74KJhJJbJHyHtg1wlX3KZ5mOztZ-Ptk7MuQZOgYu8_VTcrpyv-WvVZH_dl14sf1eU83TgKjeBmP4_ENtHjeI85jq5LhGhH8g6pqFhLIurNw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQN-SIHpOYu_yK8GD3gONvbiQDcme0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTUzOTY5MTQ5Mjc0MjA3NKAB1bbS6gPIAQmpAp2Ka-hlSLI-4AIAqAMBqgTBAk_QCmGn4VlEFq6h6w_amLLzsG8Nd2aL17VyrqA78XGmZ-XrFBt2laD3BpRIBTKCvpcOHQjwlhgqjmg5h8KiuVsGBXUhZyor73L1B0Qu3pTRIQxLEddZlECvOVUrrJwP46fH-vU1-M8VHsYSRcsbPJxJHcAOhUUz0YWY3i_CKy9B3NutpJFWKgsizSkMvAhs5yHkTaElsV0BZtJ_mCTUIjXQjT4V78FVCRgSS5_kUlY2sOhnh9LLAkU4R274ch6e6vIM60eNiE5_hM6dbbNp462jf0ClBtjpg6ggiwaQ-RSKqmnGhz5GLWAWjj54iWZE9x2xjyQpv_MsjMEnJ2t-V-UZ5QXUPK3_8-nHifj3oQ8BI8MDSHg2-YbymzgHp0_C91fxZcJNHYtZ5NFR59wtdOftUoa7EcgeVlL2C8gjK769JOAEAYAG6o7pkfHckYcaoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T0kqco2e4LEDLrQhNqQy7lJU8kA%26client%3Dca-pub-5539691492742074%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D18A 2 KB
1 KB 59ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D18A 308 B
636 B 61ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D18A 507 B
835 B 59ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame D18A 43 B
348 B 123ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=yiNXHX8WJ7ScdiDVDfcN1PeaoUCTHj68z-mltFNuELgSe3XQQOZSwElnGup1v0Vr7W5sohsBpLJPqH5Z9zN3nFuOWf2OOZNJmmsNiyIeNxzxwbc1H5L1583EZku89q6OZEIIalEpdVnQJMpzUxap6Kz5T3i_h8OGJ2eS7D3g33b2iBG9Sbbs78n88DBbDGiYRdTy3rIHkhVOmtdzHl_lRHEj37QQE3Ea09PCTNHIcR4lsrruv7KgVyzDCI_JIcRXsUem2A9ZNq3h3Z5rB7NWt2fuVUEuRtIjRs3vVDYJBVTGHEIgjEl8OPq7zm-l69OUmYnaS2EBiPsMkKFayrLwH4hVqrSGkVUiT7s8XKf0NiG44BnaNhn2B5u7zlRAhkGbq4RpTYrL8MJSErL9YwW1HKqr_9homasTiSXAUl2R8WaZ8ai2H-6uVBR1sF3YP2nLj4ymbQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:00 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2791795
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 481598564da646f69bf741ec80763656_museocyrl-500.woff
static.criteo.net/design/dt/ Frame D18A 45 KB
46 KB 58ms
19ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/481598564da646f69bf741ec80763656_museocyrl-500.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
static.criteo.net/design/dt/ Frame D18A 45 KB
45 KB 66ms
27ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b498"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D18A 12 KB
5 KB 101ms
49ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NS43nh05LY9EI5kbK9kE%2BrkYCjzJW2q81a0QmiHYQyK%2ByCM0LD43cS089szBms8Arwn7g318h6oX%2FV1LTogwMTaH4pny4wF%2B9276qA8drpPE%2B8P3Cx1zQeOnyz2pUWtk2Evzqhrw%2Bix5s41q3iLdxYYV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f8072efad4b0225-ZRH
expires: Tue, 28 Mar 2023 05:44:01 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D18A 12 KB
6 KB 19ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18A 10 KB
10 KB 164ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=132&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F3ce55be1f6cf4bc2a7341619c2d02a92_stardardsin.png&v=3&w=596&s=CyPdRx06uAlYAiO3bD-fyyap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d45097277e5fe304c8a44d8ac42434b4adcd201287ae9f42e63dbedda9f41876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29811323
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9930
expires: Sat, 18 Mar 2023 06:39:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18A 6 KB
7 KB 161ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20005942-LSPcjJYs.jpg&v=3&w=400&s=8ckrHYLjPR3Nf0PyOTdUzZUy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3d7dca558bf41e5c5a301eae937eb63b57decd9eae2c8ed438166dec60fcdae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=18971
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6626
expires: Thu, 07 Apr 2022 11:00:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18A 16 KB
16 KB 186ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1583395179%2F20074371-rynBL4pa.jpg&v=3&w=400&s=L2Il9pxZ4UnqKVADpFI_mxVL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f8ca3cbf48f0e30bcce76def55f52efc75d2c2fc6dff70c2c9d268c2d7ad9ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=528052
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16372
expires: Wed, 13 Apr 2022 08:24:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18A 354 B
618 B 185ms
39ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=udlF2dvpi5ijHI7Drv9lLjiT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28361437
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 354
expires: Wed, 01 Mar 2023 11:54:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D18A 15 KB
15 KB 185ms
38ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22027676-gpvFKqRA.jpg&v=3&w=400&s=qxX9lRT3A-78tPjJuHeocvPO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5f95e62ad1d3abc1f644851393645926826419bf82bf20329ced24dde9bcc0b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=13017
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 15006
expires: Thu, 07 Apr 2022 09:20:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D18A 0
128 B 64ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=69DlQsN474OH2sX4idchos8xhEOuXsUTFDUidINAEKTEeTbbVxA8JQM_cFwyY960s7vHyq3MEk5zUPg4_XBqk4WmPuUz-brnwZeuAX8pgst7YU0ew9I9R-C773y_Lppa3zNhvggEJHrnOu1NgL6S6t0np_jdoA9-Da2-VH4nPNus0cdP6m8T_XC7hUTI2gSJLJHyeseFqSkoLQuyRyR6tVz5RM-d-PtGu6-C0Cn4hQBlf1bq9Kln9JNfo2kIRzg1yKV8Dg&sds=2&rev=81065&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Apr 2022 05:44:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D18A 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D18A 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 05:44:01 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:44:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4988 42 B
64 B 69ms
43ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqEbAweJ07zonxftTcrHtnBq7Ehn7i0YrY3l3CgSUIKkpYalikmKEzDctlTWVY5KkHvu3SFafr3nVCKmYvTVKFeLw1zVPSNR9DulOKrynJozXUvIn1RQ&sai=AMfl-YRedrLqBpI0Pk-KxZ1XR-xk9RBhaHHLOPkBP5_HTk21agzC-_qaHthGlW1AkhUXl2BN1vf3GS5iZzLjOQ495eCABpY06kY_cKwUEuPFDnerf46t2x34ZoiZkhI&sig=Cg0ArKJSzFiy2nBXV7c_EAE&cid=CAAST-RoQ4nuPdiTGDTwhLl3kPbpIxQfworl4xQSnNycOR9pLzXckFTVxipPdZ7V_CvWnJCs71fFepI4ZBk4wQHscUpbFHbpb3dlbGlcbGwxhHY&id=lidar2&mcvt=1000&p=91,1440,691,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=543047723&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649310240319&rpt=171&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame C349 0
17 B 517ms
258ms Ping
image/gif 2800:3f0:4002:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l1okqe4i&c=4394742177739&slotId=2197371088869.5&qqid=CJjw2refgfcCFaSkdwode9EKGw&fb=outstream-lima&gpm_i=10&gpm_c=10&gpm_a=10&smb=1000&br=892&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=14&vhc=0&msm=1&aits=17%2C36%2C18%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C0&webm=2&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2800:3f0:4002:805::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E06E 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi4WOVova16dP_zIG7gZyrcAlRauS1CqnqM05uK2JS1pobKhSQws5NAUyGYVl-F5mfBG8eZI4NBlINnScOh8bOuzZaEopsc2eHdFBUsSoqkB7qOX8d_A&sai=AMfl-YSBcCAxgTXxzQ4BKlShPp7PQNyGtmuX2dUP6k4ezm-3qJNnpDIJecs2qKY6KhDUqEiYJuuF5ETIE-LZ0MLSaC-flu9lslwKOJlJpA-JOE3wuE5wUNEVUW0tPuyK&sig=Cg0ArKJSzE164p8dQLtsEAE&cid=CAASUORojAhNTMEJOJTbNyXYvgobnSH1MtNvM_I5lvnlV9eC6fNooIt1TyvwSrJdbAiKude69Fm2BXuk3Bzewa_-SechUJF94FMDBZS2RClzeXDG&id=lidar2&mcvt=1001&p=78,315,168,1043&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=271530665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649310240609&rpt=73&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
179 B 833ms
38ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=158141
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158141/1400/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.bgr.in/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:02 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bgr.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C806 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyr4a87IdZe_3xCsieWLOyvIgMGCFlww6JbYUVLi_Vxye9uft3x4mUiWRE45ZHM7UpqKVzMwsxx_TRoETaGv699SWmU0JB1_oPQVPbcuhHPWe3yKQDDg&sai=AMfl-YTMR7WbGvD5jgKRjYnBe1mZ-DD5NKDJKilJyMk3d73bXuYwXCgw4k-xR_mMIXMmkLGHRGKKB2szqT-k7LSIVTTavORKESsKyEGeL_saeULVGmSOkXF81cYEWiq3&sig=Cg0ArKJSzDjq_8v5BMflEAE&cid=CAASUORoY5L0Mpi3WoTgC7LaS1mHlhelHYI9HZZsM8MwdmU0-2pdBZ3Rq4Mvxvd3D6ULq3Dhv1tdlVUpdmjbvxR3zJdO-DJhwgFCfiCafqGUGlj5&id=lidar2&mcvt=1000&p=91,0,691,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3517307402&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649310240766&rpt=104&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8BC6 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv3-Z270kuaJ5UvidBo47g6y4F143zgdqEF5Z1rI26bjD2gZhGJW3pYJIcq7tqU_3gSyPbx90S8nT4LHdEVhmV&sig=Cg0ArKJSzHpWX1D-Uzm8EAE&cid=CAASF-RowilUIQgB2CJYCsJqDOKRpHYDCBcJ&id=lidar2&mcvt=1000&p=383,995,633,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3848569310&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649310240954&rpt=101&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 05:44:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D18A 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Apr 2022 05:44:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/185ab9ebc070b0b242472a9489383866a9255d5f.js

Domain: st1.bgr.in
URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/fonts/fontawesome-webfont.woff2?v=4.6.3

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=ow-client

Verdicts & Comments Add Verdict or Comment

267 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 04:18:06	Name: sync Value: CgoIoQEQ15C0lIAwCgoIgQIQ15C0lIAwCgoI4gEQ15C0lIAwCgoI5gEQ15C0lIAwCgoIhwIQ15C0lIAwCgkICRDXkLSUgDAKCQg6ENeQtJSAMAoJCAsQ15C0lIAwCgoIjAIQ15C0lIAwCgkIXxDXkLSUgDA=
.t.co/	1970-01-20 11:38:44	Name: muc Value: a903fe21-83dc-4a85-99a8-fbda7428b014
www.bgr.in/	1969-12-31 23:59:59	Name: traffic_source Value: https://t.co/
www.bgr.in/	1969-12-31 23:59:59	Name: traffic_medium Value: Social
.bgr.in/	1970-01-20 02:08:30	Name: lotame_domain_check Value: bgr.in
.scorecardresearch.com/	1970-01-20 19:25:18	Name: UID Value: 17C380ab9857d2f35640cf51649310237
.bgr.in/	1970-01-20 19:39:42	Name: _ga Value: GA1.2.793645838.1649310238
.bgr.in/	1970-01-20 02:09:56	Name: _gid Value: GA1.2.213333206.1649310238
.bgr.in/	1970-01-20 02:08:30	Name: _gat_gtag_UA_21819872_1 Value: 1
.bgr.in/	1970-01-20 10:54:06	Name: _hjSessionUser_1763193 Value: eyJpZCI6IjVlN2UwYmI2LTVkZGMtNTU1YS1hZGI3LTMxMGIxYTY4YmU0MiIsImNyZWF0ZWQiOjE2NDkzMTAyMzgyNTgsImV4aXN0aW5nIjpmYWxzZX0=
.bgr.in/	1970-01-20 02:08:32	Name: _hjFirstSeen Value: 1
www.bgr.in/	1970-01-20 02:08:30	Name: _hjIncludedInSessionSample Value: 1
.bgr.in/	1970-01-20 02:08:32	Name: _hjSession_1763193 Value: eyJpZCI6IjBkOWRiMTYyLTJhZmMtNDhlZi05MGJjLTM2N2ZjZTI0Y2RjZSIsImNyZWF0ZWQiOjE2NDkzMTAyMzgyNjQsImluU2FtcGxlIjp0cnVlfQ==
www.bgr.in/	1970-01-20 02:08:30	Name: _hjIncludedInPageviewSample Value: 1
.bgr.in/	1970-01-20 02:08:32	Name: _hjAbsoluteSessionInProgress Value: 1
www.bgr.in/	1970-01-20 02:51:42	Name: _pbjs_userid_consent_data Value: 3524755945110770
.bgr.in/	1970-01-20 06:27:42	Name: _pubcid Value: 9d621e15-4a9e-4378-bf35-1a872d86f12d
.3lift.com/	1970-01-20 04:18:06	Name: tluid Value: 1737915919450604592103
.casalemedia.com/	1970-01-20 10:54:06	Name: CMID Value: Yk56HnRjFKwL5vi1ULw8NwAA
.casalemedia.com/	1970-01-20 04:18:06	Name: CMPS Value: 3224
.rubiconproject.com/	1970-01-20 10:54:06	Name: khaos Value: L1OKQCXW-1Y-FZIH
.rubiconproject.com/	1970-01-20 10:54:06	Name: audit Value: 1\|naVuGyos1qrGWxHY5IIaL3NEnEPvxbSem0AuhTX0VRwcPxm3GZEWzDua+8TvlaWH9Aq5QPAhpThNuW2ByBFqDfObzHipBXQW0A+VO7RH1E0=
.casalemedia.com/	1970-01-20 04:18:06	Name: CMPRO Value: 1170
.casalemedia.com/	1970-01-20 02:09:56	Name: CMST Value: Yk56HmJOeh4A
.bing.com/	1970-01-20 11:30:06	Name: MUID Value: 1B9B59276B746B31057648586AA66A11
.bidswitch.net/	1970-01-20 10:54:06	Name: tuuid Value: d857e2de-1e2a-4a60-8a70-6342a0ccb354
.bidswitch.net/	1970-01-20 10:54:06	Name: c Value: 1649310238
.bidswitch.net/	1970-01-20 10:54:06	Name: tuuid_lu Value: 1649310238
.doubleclick.net/	1970-01-20 11:30:06	Name: IDE Value: AHWqTUnX71mxHF1Z70-EecEKljePmxB84-hsJLKOEhAljqvpHSiiqqbWQ8fEiwOV9m8
.adsrvr.org/	1970-01-20 10:54:06	Name: TDID Value: d55a8fa9-3705-4ae1-85b2-8cca3c0caf2c
.adsrvr.org/	1970-01-20 10:54:06	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCLjeh9L0mMw6EAUYBSABKAIyCwjawPD-ipnMOhAFOAE.
.ow.pubmatic.com/	1970-01-20 04:18:06	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZjRkZDUwNDktZDQyNi00ZmQ3LTk1NDgtZmI2ZmQwZGYwN2Y5IiwiZXhwaXJlcyI6IjIwMjItMDQtMjFUMDU6NDM6NTguOTQ1ODMyNDgyWiJ9LCJpeCI6eyJ1aWQiOiJZazU2SG5SakZLd0w1dmkxVUx3OE53QUFcdTAwMjYxMTcwIiwiZXhwaXJlcyI6IjIwMjItMDQtMjFUMDU6NDM6NTguODg4NjMzMzA1WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjE3Mzc5MTU5MTk0NTA2MDQ1OTIxMDMiLCJleHBpcmVzIjoiMjAyMi0wNC0yMVQwNTo0Mzo1OC44NDIwOTE4MjdaIn19LCJiZGF5IjoiMjAyMi0wNC0wN1QwNTo0Mzo1OC44NDIwNTU3NDJaIn0=
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:40:24	Name: bcookie Value: "v=2&3b36036b-2dcb-4623-8e6e-61e672e4b07f"
.linkedin.com/	1970-01-20 19:37:53	Name: li_gc Value: MTswOzE2NDkzMTAyMzg7MjswMjHBnDw9kiShd79ZddE5BOHDMGR2VCBhSgp5YsSph0yxDA==
.linkedin.com/	1970-01-20 02:09:56	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2596:u=1:x=1:i=1649310238:t=1649396638:v=2:sig=AQEifFQ62A18UrCofe_8Ss_R9AtkeHRs"
prebid.a-mo.net/	1970-01-20 10:54:06	Name: __amc Value: 1_1649310238_1649310238
.amazon-adsystem.com/	1970-01-20 08:35:51	Name: ad-id Value: A1WAc9q_9URnmVLzekxunjw
.amazon-adsystem.com/	1970-01-22 00:00:20	Name: ad-privacy Value: 0
www.bgr.in/	1970-01-20 03:34:54	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22d55a8fa9-3705-4ae1-85b2-8cca3c0caf2c%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-07T05%3A44%3A00%22%7D
www.bgr.in/	1970-01-20 02:51:42	Name: id5id Value: %7B%22created_at%22%3A%222022-04-07T05%3A44%3A00.687713Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.bgr.in/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1649396640776
.bgr.in/	1970-01-20 11:30:06	Name: __gads Value: ID=c77242cf331a624c:T=1649310239:S=ALNI_MZPh2Tc8HvQD7CS7GqAJqkxZBlRAA
.yahoo.com/	1970-01-20 10:54:27	Name: A3 Value: d=AQABBB56TmICEKvR9T7bu7GjwNF1vHvK2fEFEgEBAQHLT2JYYgAAAAAA_eMAAA&S=AQAAAqMBn8C5tLKT6GG3TflJlnI

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.bgr.in/hi/news/sbi-yono-pan-linking-phishing-sms-can-scam-your-account-bank-warned-customers-1253770/(Line 1641) Message: Access to font at 'https://st1.bgr.in/wp-content/themes/bgr2017/css/fonts/fontawesome-webfont.woff2?v=4.6.3' from origin 'https://www.bgr.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://st1.bgr.in/wp-content/themes/bgr2017/css/fonts/fontawesome-webfont.woff2?v=4.6.3 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b7129ce095f87fe440123bb6569429a.safeframe.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bid.g.doubleclick.net
biddr.brealtime.com
c.amazon-adsystem.com
c.bing.com
cat.nl.eu.criteo.com
cdn.izooto.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
csm.eu.criteo.net
delivery.adrecover.com
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
in.hotjar.com
match.adsrvr.org
odr.mookie1.com
ow.pubmatic.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
px.ads.linkedin.com
r3---sn-4g5ednsk.c.2mdn.net
rtb.nl.eu.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
st1.bgr.in
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
t.pubmatic.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
vars.hotjar.com
vc.hotjar.io
www.bgr.in
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
x.bidswitch.net
zeemedia-d.openx.net
cdn.izooto.com
hbopenbid.pubmatic.com
st1.bgr.in
104.17.120.107
104.244.42.5
104.244.42.8
108.138.3.177
108.138.7.31
13.32.121.37
141.95.3.10
142.250.13.157
142.250.184.194
142.250.186.66
147.75.38.124
178.250.0.162
178.250.2.135
178.250.2.148
18.195.158.152
18.66.112.111
18.66.112.79
18.66.139.40
18.66.97.9
185.64.190.82
185.64.190.84
198.47.127.19
216.52.2.30
216.58.212.162
23.216.77.31
23.32.59.34
23.35.236.201
23.35.236.247
2600:9000:223f:7e00:1b:5138:8a40:93a1
2602:803:c003:200::41
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:190e
2606:4700::6812:353
2620:1ec:21::14
2620:1ec:c11::200
2800:3f0:4002:805::2003
2a00:1450:4001:6f::8
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:809::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::3
2a02:26f0:3500:88e::2965
2a02:fa8:8806:12::1370
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f21c:80e5:face:b00c:0:4420
2a05:d018:d29:3602:e962:9753:e8e7:32b5
3.120.1.163
3.33.220.150
34.98.64.218
34.98.67.61
50.31.142.223
52.30.14.23
52.46.154.242
52.57.231.46
63.32.16.90
69.173.144.165
76.223.111.18
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0343d28faa7dc4af541a0e7e3f246298f432315285ff9f7efb7141759b06195c
04481330b98d122a64a7a9072e6a987ed08e9b6e11ec4fabe84526896065c51b
067e88820a2ad9be974c8f7638984f54c2e2978b6e689ef3237107f885777de5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07daacf6f7913999e5b5338fe0fe3ac3df129570e348e7ae1a694c41a8d77884
093453ea86c3f4ba3cf5d52749a3cf94049399f6634ce749d063e6d1f57a674a
093853225b35a9d3c255c1c366b92a66b511f59cb866d2d11f41cc0c121d70b6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9d18f876062095d801b0bf1d850c4c374a6f0ab0616bbb346ee34b9e35b157
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c66422ef7d2282c2831abb79d5b36ef7bb339c0950222675864d1919bc203e5
0cc9d1d90cba83427435a6f449c4386d617893adcb6d7051020407ed2040beeb
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1569ae6dd5f299113717364244273a164535343b6be13b342da8722da202d4a0
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
193e3b372671f9baadf915483a2849487ec09bf066a95c5c5e85d888f1bb8e78
1a9532e37f4b352232f754774f4b3ce89af218d401b9138d960b6dc9e0b72733
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
21b11c3f29df0169c61cca6feada235707f665fa78fed1d70fa576269fd7dbb9
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dd27384fd97a4e775845619ed38d4ecafea5d71241a7383c0dd1fabcb94b888
2e83b5b3713b6f151a6c134b8eef1f74e7a1fec682d44b4dac7d2d388580a4fb
2ecc347e5d6941c0214c92c3e36a2f42eefad4ba0210f21c650e8604721c5db1
2f14fd52b6f577b5c2dcf117f409649ec7ba5be59296bf21c8dbee54ad82e6b5
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
300f275f637b78575fd4fd31243cee28ed2fd3bf34a572b22047a9c24d38ba2a
3179700f338c6e96613192f2019efacc3ae498b0d183f514c4ac0e47d2488706
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
340afe48a032da86c48517edc2d320d1a7c34e2fc31f7b994c300721c8f4ba2a
34782a9b601d1d1dc56601bd418ce8cae9dffa2951bbafeb915dcbfe7521f575
36af7a5dbc2c914527a9f489b04045e6227992b0d026b23c62261b6495f755e8
3876311806e0ff0cb2b309fad6e8163b431f2507a0642a89e3909e3533de1fb3
3988375a012f0ef111dd230bc173956ca57758ea9de38be38a70786cd64ecee5
3ad2c2b46085802757e1bc66fd3d7ffac86066f9faabbbfbcbb0d95dad556df1
3d7dca558bf41e5c5a301eae937eb63b57decd9eae2c8ed438166dec60fcdae4
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
408e2ae2403bda4588d838d87593b862e01d57b3f07c633c6c1f92e3588681bc
4230a0b94ff4355185e67bd6fd2d72d162a64f218de74475a8c950bb5c5d5a45
4383fe166347d66121fa7bd2d92cdf53f7e3d4164b769a115a804b9896982042
446bcf04c8154ec74d342b4438c8e7fb7b25584e8cc07df3f94623d2d9b1f38e
44a6a315ed1bbdcc19939f3183fb7a2f7f83c16cefcc903185284d849f7ffcfb
45554d08f1cdda01bb33c4e2c761dc45c1281ea81d8fede6ac82c3d24712bbe6
46b8bca9062ebc511737c95e7c99274535ca061b9c94e8297c4c4d32674ca3bf
48986cc5335ca287914a56ab292ed9b52dd548922d6f999ad85892cf32dade77
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49adad57c43159e3b07daf3f0ae19e1f31d973bc3859ec4dcb647784f0677736
49af70759a7ad097090b3bb1b687a9dd11b0c19b92c03bc1e5dfadfdf51f052a
49f86d1aac32fad296895359646df00dffae88349aa72ca334dcdf06b6364ea1
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50641af05ee57d6da5dc6faa82aad665a877c312911ffa65d5dc543412ce7521
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1
5b3a53393f30bcdecef99316d93b9c9cad1a9dd1c2797d16c365cab3a43774d9
5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265
5c68a9ddbf0eebd9371009b635825b10fd7cfa9191e8bef1effc9bed4d8cb3e8
5f95e62ad1d3abc1f644851393645926826419bf82bf20329ced24dde9bcc0b2
6336983ad55a3504aa8a7e63863b9ac34ac5d1b27d7184e87bd0b89ccd3ad423
66977af6c17a074fdf5a9d4c2c95dd0e14fa573419c9060b11102a47be6088da
6732d48237002a76ee3691b9c1bec28adc646b13b8024529fd4c1f88ea13351e
673f75f854f1b1945eb8de7eba3765f1d4fdf92596f5984af126e89894d7a556
68e06612ac6397e11b2013f517555846302f35fe55f97fee811ab45bb5c20787
6c9f661dde13a418df2e29c6a41e5721a8bb7fb3acb1f183996ace6b583753b4
6e8522b7c081852ae950f31313a2b8e1db07645098b6d4ec75cea908b5a122b4
738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76393ec98367a5d630fb6bc1a16818096e5d57e32534c4ef56b63cf43b66e123
77c7498d246b539535a8e8a57ade603a1fee1a446446c135208605b250f26602
7a6ff6df7311584a7cda0b83b73a36a01461a4a9aef9f4e00942cfcd7d495877
7ade1dda2d4f280b532defd8e9e5198c23f3ee4739c08f18656c2221caf51236
7e04128d8545ba418e4e9193cc3d0bfbd9451dd32ddfc6982594db3d61430404
80b7b6a353f1d834ec893d446aeafa307e93c20e40571e135d66d1abfd865ed6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1e3db8412768115f7ec4077300f0b5de5d5454b235e7892649b184dc119e1f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
91a508e70b4e2fc7bf99410e52cdabbe5ff675c62ecd3a80acfc6ea940325b60
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92fbe55fbfe8146fc511ec499ecbf51efbc7717b479d50cc01b0874743bde5c8
95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9acf19f8d7531b41f93902d58f436fb8d0fbeb1e369854139b8b4aff8f961ce2
9edf10ce0dba0521b3e04f6973361a53ada43aed84e7210e145e039dd979d040
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c5a2e9ac9138060a1f11161f42b0459f05e8c88d2a6b66dfdcebb14924768d
a61208cfeaa963a99aa89a119495d8641b24a534aa8a03933a89c1d08262dc9e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa6431d617547e608e04eb6b787af8d57994af60f24dc0f78fe9e6ac30d2d620
ab6c20e6a5e674135ff531991c116f23b30b0a4f717f59f7739ec6dfdbd54829
b4598589ca64f35de407d7e2247919202a51ea5068c4011cf4c7616fa9d3c8e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd026f70af6975e8d44bc982855b9888531342a89e8710f0f052268acbd3b07
c0ba7e733e11d23842a39cc1e1e0c2e1760ec9aac7c41b5e7538b08e23c32adb
c1540d7baa60f9f873f8ba8d2018f4de1221a246ef6d010a8b3e0b59dae00b81
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c30bce8ad967d35070f94600cdb5b4ac4b4bc7dde22f861c95b006cb30a278af
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c86dd4166e88e54531c985f378371a61695a7deb8c3d593e897dbf05d180acf3
c99828162153672b65618bae57d96b4c4b7ac690433ab26204554b3d378eae86
cbc93718e7538973e4765c6d21a3aff266a5bd1ec1bc94113a3646fa10bca9d1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf186320d1c0e39b234368d7590494ced1305861fb430119ba808da45e5f4f3f
d25f31f1c765d355065f96be1a68e044ad5a73858390ddeed0bae40b18b5c233
d45097277e5fe304c8a44d8ac42434b4adcd201287ae9f42e63dbedda9f41876
d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f
db20621a55990b5cb1c29887e9f82442cca371ba42ec01945d386f952e9adb3f
dd9109cc213d00d8acc829c496d088b0c11ed39ea2589ecb400633942d8a4cd0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e32de5ddc1c14b314ed1424f4ce5536158d557353bb2bc17adbdf7b5dcf7eb08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6438aae2b5b657ab5c8bc7a169c666b8b3c539ede37b522787ccfc57b62d573
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecf3d1171cbb51a834665d7dbd78d3e8b489b97eb3570b6fd5bced71a09f19f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef77bf94d6631e01d1d168ee18c6f8aa388c132ecb12a2873661ccd07939c9ce
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8ca3cbf48f0e30bcce76def55f52efc75d2c2fc6dff70c2c9d268c2d7ad9ae0
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec

www.bgr.in Open in urlscan Pro 2a02:26f0:3500:88e::2965 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

93 %HTTPS

48 %IPv6

45 Domains

78 Subdomains

70 IPs

10 Countries

2210 kBTransfer

6866 kBSize

44 Cookies

15 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bgr.in Open in urlscan Pro
2a02:26f0:3500:88e::2965 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

93 %
HTTPS

48 %
IPv6

45
Domains

78
Subdomains

70
IPs

10
Countries

2210 kB
Transfer

6866 kB
Size

44
Cookies

227 HTTP transactions
7 data transactions