www.irctc.co.in Open in urlscan Pro
103.252.142.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://irctc.co.in/
Effective URL:
https://www.irctc.co.in/nget/
Submission: On February 09 via manual (February 9th 2023, 11:09:10 am UTC) from AU — Scanned from AU

Summary HTTP 178 Redirects Links 85 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 30 domains to perform 178 HTTP transactions. The main IP is 103.252.142.21, located in India and belongs to CRIS-ND-21-IN Centre For Railway Information Systems, IN. The main domain is www.irctc.co.in. The Cisco Umbrella rank of the primary domain is 94118.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on May 13th 2022. Valid for: a year.

This is the only time www.irctc.co.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.252.142.27 103.252.142.27	45596 (CRIS-ND-2...) (CRIS-ND-21-IN Centre For Railway Information Systems)
24	103.252.142.21 103.252.142.21	45596 (CRIS-ND-2...) (CRIS-ND-21-IN Centre For Railway Information Systems)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
5	172.253.118.157 172.253.118.157	15169 (GOOGLE) (GOOGLE)
1	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1	104.18.18.117 104.18.18.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.194.102 172.217.194.102	15169 (GOOGLE) (GOOGLE)
2	104.18.217.65 104.18.217.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	74.125.68.157 74.125.68.157	15169 (GOOGLE) (GOOGLE)
13	142.250.4.102 142.250.4.102	15169 (GOOGLE) (GOOGLE)
11	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
2	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
3	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
4	142.250.4.132 142.250.4.132	15169 (GOOGLE) (GOOGLE)
3	169.150.207.217 169.150.207.217	60068 (CDN77 ^_^) (CDN77 ^_^)
2	3.111.180.10 3.111.180.10	16509 (AMAZON-02) (AMAZON-02)
1	103.252.142.22 103.252.142.22	45596 (CRIS-ND-2...) (CRIS-ND-21-IN Centre For Railway Information Systems)
1	142.251.10.97 142.251.10.97	15169 (GOOGLE) (GOOGLE)
5	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
1	139.162.42.49 139.162.42.49	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	54.192.150.98 54.192.150.98	16509 (AMAZON-02) (AMAZON-02)
5	156.146.56.170 156.146.56.170	60068 (CDN77 ^_^) (CDN77 ^_^)
8	172.104.56.205 172.104.56.205	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	20.150.114.33 20.150.114.33	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	142.251.12.103 142.251.12.103	15169 (GOOGLE) (GOOGLE)
1	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
15	74.125.130.132 74.125.130.132	15169 (GOOGLE) (GOOGLE)
1	182.161.74.19 182.161.74.19	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.148 182.161.73.148	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	18.139.238.23 18.139.238.23	16509 (AMAZON-02) (AMAZON-02)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 1	52.193.47.13 52.193.47.13	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
1	182.22.24.124 182.22.24.124	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1 2	23.40.33.62 23.40.33.62	16625 (AKAMAI-AS) (AKAMAI-AS)
11	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
5	182.161.73.135 182.161.73.135	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	182.161.73.142 182.161.73.142	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	142.251.12.148 142.251.12.148	15169 (GOOGLE) (GOOGLE)
1	45.79.126.27 45.79.126.27	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	95.217.169.79 95.217.169.79	() ()
2	138.199.46.66 138.199.46.66	() ()
178	43

1 103.252.142.27 (India) 1 redirects

ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN)

irctc.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 103.252.142.21 (India)

ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN)
PTR: nget.irctc.co.in

www.irctc.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.117 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.truenotify.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.102 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.217.65 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.4.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f102.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net

94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.150.207.217 (Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-207-217.bunnyinfra.net

cdn.nlpcaptcha.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.111.180.10 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-111-180-10.ap-south-1.compute.amazonaws.com

sdk.irctc.corover.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.252.142.22 (India)

ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN)

contents.irctc.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.42.49 (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: osproxy2-sin1.linode.com

uiresource.ap-south-1.linodeobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-98.sin2.r.cloudfront.net

assistant.corover.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 156.146.56.170 (Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: 156-146-56-170.bunnyinfra.net

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.104.56.205 (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: osproxy6-sin1.linode.com

eticket.ap-south-1.linodeobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dishav3.ap-south-1.linodeobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.114.33 (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

uiresource.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.12.103 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 74.125.130.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.139.238.23 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-238-23.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.47.13 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-47-13.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.24.124 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.33.62 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-33-62.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

pix.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.126.27 (Mumbai, India)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 45-79-126-27.ip.linodeusercontent.com

api.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.169.79 (None, )

ASN- ()

cube.nlpcaptcha.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.46.66 (None, )

ASN- ()

cubecdn.nlpcaptcha.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com	268 KB
26	irctc.co.in 1 redirects irctc.co.in — Cisco Umbrella Rank: 85219 www.irctc.co.in — Cisco Umbrella Rank: 94118 contents.irctc.co.in — Cisco Umbrella Rank: 233854	1 MB
22	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1925 adservice.google.com — Cisco Umbrella Rank: 67 www.google.com — Cisco Umbrella Rank: 2	55 KB
21	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 207	346 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 633 pix.as.criteo.net — Cisco Umbrella Rank: 15410 csm.as.criteo.net — Cisco Umbrella Rank: 14065	107 KB
9	linodeobjects.com uiresource.ap-south-1.linodeobjects.com — Cisco Umbrella Rank: 266266 eticket.ap-south-1.linodeobjects.com — Cisco Umbrella Rank: 288006 dishav3.ap-south-1.linodeobjects.com — Cisco Umbrella Rank: 289017	2 MB
6	nlpcaptcha.in cdn.nlpcaptcha.in — Cisco Umbrella Rank: 288647 cube.nlpcaptcha.in cubecdn.nlpcaptcha.in	16 KB
5	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 45039	64 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	219 KB
4	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 77007 www.google.com.au — Cisco Umbrella Rank: 25408	1 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	107 KB
3	criteo.com rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17659 ads.as.criteo.com — Cisco Umbrella Rank: 13858 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14188	50 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 23	40 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1225	614 B
2	corover.ai sdk.irctc.corover.ai — Cisco Umbrella Rank: 193047	73 KB
2	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16900	63 KB
1	unibots.in api.unibots.in — Cisco Umbrella Rank: 33319	288 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	38 KB
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3017	622 B
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 5593	417 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 4588	641 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 421	714 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5030	610 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 551	538 B
1	windows.net uiresource.blob.core.windows.net — Cisco Umbrella Rank: 249799	48 KB
1	corover.mobi assistant.corover.mobi — Cisco Umbrella Rank: 215141 Failed	802 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	43 KB
1	truenotify.co.in cdn.truenotify.co.in — Cisco Umbrella Rank: 235461	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 746	20 KB
178	30

	Domain	Requested by
24	www.irctc.co.in	www.irctc.co.in
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com tpc.googlesyndication.com www.irctc.co.in
14	securepubads.g.doubleclick.net	www.googletagservices.com www.irctc.co.in sdk.irctc.corover.ai assistant.corover.mobi securepubads.g.doubleclick.net 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.irctc.co.in
11	static.criteo.net	ads.as.criteo.com static.criteo.net
11	pagead2.googlesyndication.com	94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com www.irctc.co.in tpc.googlesyndication.com
6	cm.g.doubleclick.net	1 redirects 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
6	www.google.com	www.irctc.co.in securepubads.g.doubleclick.net 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com tpc.googlesyndication.com
5	pix.as.criteo.net	ads.as.criteo.com
5	eticket.ap-south-1.linodeobjects.com	www.irctc.co.in
5	cdn.unibotscdn.com	sdk.irctc.corover.ai www.irctc.co.in cdn.unibotscdn.com
5	www.googletagservices.com	www.irctc.co.in securepubads.g.doubleclick.net 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
4	cdn.jsdelivr.net	www.irctc.co.in cdn.jsdelivr.net
3	dishav3.ap-south-1.linodeobjects.com	www.irctc.co.in
3	cdn.nlpcaptcha.in	www.irctc.co.in
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.com.au	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.irctc.co.in www.googletagmanager.com
2	cubecdn.nlpcaptcha.in	www.irctc.co.in cubecdn.nlpcaptcha.in
2	csm.as.criteo.net	ads.as.criteo.com
2	176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.teads.tv	1 redirects 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
2	sdk.irctc.corover.ai	www.irctc.co.in sdk.irctc.corover.ai
2	94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.izooto.com	cdn.truenotify.co.in cdn.izooto.com
1	cube.nlpcaptcha.in	www.irctc.co.in
1	api.unibots.in	www.irctc.co.in
1	s0.2mdn.net	176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com s0.2mdn.net
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	cksync.yahoo.co.jp	94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
1	cc.adingo.jp	1 redirects
1	aid.send.microad.jp	94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	ads.as.criteo.com	94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
1	rtb.jp2.as.criteo.com	www.irctc.co.in
1	www.google.com.au	www.irctc.co.in
1	uiresource.blob.core.windows.net	www.irctc.co.in
1	uiresource.ap-south-1.linodeobjects.com	www.irctc.co.in
1	assistant.corover.mobi	sdk.irctc.corover.ai
1	stats.g.doubleclick.net	www.irctc.co.in
1	www.googletagmanager.com	sdk.irctc.corover.ai
1	contents.irctc.co.in	www.irctc.co.in
1	cdn.truenotify.co.in	www.irctc.co.in
1	fonts.gstatic.com	www.irctc.co.in
1	maxcdn.bootstrapcdn.com	www.irctc.co.in
1	irctc.co.in	1 redirects
178	48

This site contains links to these domains. Also see Links.

Domain
contents.irctc.co.in
www.gyftr.com
www.irctctourism.com
www.operations.irctc.co.in
enquiry.indianrail.gov.in
www.ftr.irctc.co.in
www.bus.irctc.co.in
www.air.irctc.co.in
www.hotel.irctctourism.com
www.the-maharajas.com
www.goldenchariot.org
www.rr.irctctourism.com
www.sbicard.com
www.ecatering.irctc.co.in
menurates.irctc.co.in
play.google.com
apps.apple.com
www.nvsp.in
mahilaehaat-rmk.gov.in
raildrishti.indianrailways.gov.in
www.fois.indianrail.gov.in
corover.ai
www.irctcimudra.com
www.railwire.co.in
agent.irctc.co.in
www.indianrail.gov.in
hotel.irctctourism.com
www.facebook.com
youtube.com
instagram.com
www.linkedin.com
t.me
in.pinterest.com
irctcofficial.tumblr.com
www.kooapp.com
twitter.com
cris.org.in
irctc.corover.ai
amzn.to
youtu.be

Subject Issuer	Validity	Valid
www.irctc.co.in GeoTrust EV RSA CA 2018	`2022-05-13` - `2023-05-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.nlpcaptcha.in Sectigo RSA Domain Validation Secure Server CA	`2022-09-21` - `2023-09-21`	a year	crt.sh
sdk.irctc.corover.ai R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
www.contents.irctc.co.in GeoTrust EV RSA CA 2018	`2022-05-20` - `2023-06-08`	a year	crt.sh
ap-south-1.linodeobjects.com R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
assistant.corover.mobi R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh
cdn.unibotscdn.com R3	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 02	`2023-01-24` - `2024-01-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-24` - `2023-03-26`	3 months	crt.sh
*.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-20` - `2023-03-18`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-12-23` - `2024-01-22`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-21`	3 months	crt.sh
*.as.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-19` - `2023-04-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
api.unibots.in R3	`2023-01-02` - `2023-04-02`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.irctc.co.in/nget/
Frame ID: EE3257B1FD7B3F861038B123CBDC016A
Requests: 92 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 016FB61F31CBD70A71C40D96007A5E94
Requests: 1 HTTP requests in this frame

Frame: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E35DF3081CA856EADCE9DD53313A4287
Requests: 1 HTTP requests in this frame

Frame: https://assistant.corover.mobi/320x50_placeholder.html
Frame ID: 65E82BB60963AF318F5FB4268752D457
Requests: 1 HTTP requests in this frame

Frame: https://assistant.corover.mobi/320x50_placeholder.html
Frame ID: 8DCD0B5DD811E91FF72940B2EDD08FD0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskNukRknkzJPej55XWyEWL2W0lFVxEza5OzVuN7UubY1uobCG5HrmW8K4MwyWPGSi6dD7Bz6UVGjJ8sPS_Bn6-cNsMnFIhAQs7uN6pR_-czQb39DhFvD1FljZ4oWmwNrdv23Nl9GdCDDpp8R0A8agnDpkOC2iD7KUZgNtYKUZ4AMNcOdMwPZIxCT-MDJFEMjkW3UWLUobupcZhyijetirUIbYXvbB4xet3XZikxd4lcCGMglE3_JhQY3c2jAbVhPk5o5M4QxsRwmIcyhgrXcyCNwQFvQu75WcAp4V8oOai9GqGZMThEsBCVy4PM-W90NWD&sai=AMfl-YTPb7cYTEFHH4Nb_SQykI4RvaKnwsK35wXP1eeqwlkejczmcooBovCWVwRb8xFTPoQgvJDQVRF90IcfNt1L6zzzzSRYswqTjWUHSq-HZ2wDZLK4S_GrctgRYlwVjos&sig=Cg0ArKJSzGVUu7bRLnBKEAE&uach_m=[UACH]&adurl=
Frame ID: 12C932C97B2082DB6FF8742DC42A1DD5
Requests: 8 HTTP requests in this frame

Frame: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A0A759CFB8DD6F1BA6C34B9F010BDECD
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4qf7Yb7bgQxizDJsTpwVIm3H3vcrMj8Ii-XCGD5SJcqO7J_THKIC9qo06jaYE53F57SgFA_tDoT2FAseQlNeN4jyesKx_7m2VqO3BLBriCYqYz_eumT0yriCxjp4QvU0ilThexkVMJjgA4cqlyLJVfIRu3UuEE0XaiAnmbRlpZ2yCWdr6i2tIcjuZc1S2V-HZLu6w1igEcmC3UV_Ju_1H3DE4xG5M76N2jdxwiSbyT54w8s9sqbrFmruxSkZd4QcQMV6WMbGGp9HnuHLMgVzxUtDml3dv7nGgiehg3ueGiNxH-O_1k-erhxUxw7iv8IiQjdmnfqWfffuf&sai=AMfl-YS3EnWcoQh8ViZ-3L-GBSJo1-CydSxvSXIrriqpUBfMlxD_aJZlPCLWwsjEu5fQoOjeH6QUSsLS9fS49XwiS-iC3Hc_awDPUZnk6dTMCY3ixVH_q9MgNj_1krWu1Zg&sig=Cg0ArKJSzOBmAwJO0KbsEAE&uach_m=[UACH]&adurl=
Frame ID: 085CC65E0D13F9A3596387A317F44FC6
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y-TUTwAB3MsCrIo5AASzGO7xJZsIuZQPE-zSmA&u=%7CcY8BcfvWESuMLjxUpwMGakDdQ8FUlBIUJJM4E%2BdM5fo%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op95y2Yu2xOk3YIAr2PWN1BECKdg9VDOUoS-taJNOE5ehPlmTW5BnyYGjkv88MWE_k9znBBFMWkTMaRj91ElYObNca9HPyHXSLtNM2XG57JJxW9CKgVDwAen4bbeaN8Dadt1C5PB0RW2s1b_x8D0IXtweNHVMxVbcRvZ-8d6xcaehmiD29zzZu33vYCJ4RDW2pVd3vc7fRLVfHJwpFx1Djmtw0cgTJBs7urVyYVtlFvl4qI70dScUNaFTjuwEltmi4KTPOzASSSujqjVdzSwhPVOO5qGo1_9owTS2F0Sszr_ng14dPMEQtw2JuQNr8HyW0SmfR9h4xhSbYq4lkJa320mK-5r0gS_ZdaM7Xk5vgV5zcf4bniBbMpPYla99w7bCBJkD-hcZ6pEdF1FKVrMjXaJ4sbnzVoVJTL2kn9RCQ-j6eMnj2Vsh84NZA0bWWttJtkN8dSSF7hRy0QyT0ivU2f2i1dTxHeEeeTsu-BDU2WjYO-bg--MbkVP1fNsfJjSMDU7KOHsfWx77pQht8n7BilsCTHBmqfy8mFi4tWuZ2KlB-Ue2IVcRr1K1J6SYAH0r27ABJJn2LoCzSxRE6v5siPsos&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfNusT9TkY8u5B7mUssUPmOaSwA-Y_NGxXLKLtOWFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi02Njg1NzExMDI2NjU3Mjc3yAEJqQKLFQUZRVmnPuACAKgDAaoEgwJP0GBEw7dBQcB-8CWjmKJD_YTGp3O8-gJwhXBfje86PsIwq0Ii3nhMDPVzk5Kg6-cv4GXU46LAjYKTpAVbIEpor9RfALxKZlOl9fGKNeYf9TqqeIa6QF_QiuRTltIp0mmPVze_8s1b83QMEEiQJau12gnYdIWVcREZTwuvdFnrkW4qgEqb8L9oIe98edpxgnYbZLIgU9YkJYnpYSsidyne7-EM2_wwrNmXZqS-aXQ4H0izHcEb_R1Scvkjp9x7WrhULk7mM53cQm7HIfJzNbyqOrPA43tgNogzfdIH2H-EGjyFakluFWoQUANss34rtsFc6z4slUwKrX8r3j_r6Be2enfd4AQBgAbOi5apkq_vqewBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3KXhwztC0Tw1DR_IlU4EmdjLRFng%26client%3Dca-pub-6685711026657277%26adurl%3D
Frame ID: 24E9ED48CDF7BC29170C45048920BA8F
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25A4980BBEB53B56057E0BE0D759096F
Requests: 9 HTTP requests in this frame

Frame: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 698CE5E316432AA9D9B745D93556CA30
Requests: 1 HTTP requests in this frame

Frame: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BCD7B1C748F1ED9D552E0339021A4155
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AA3E4730AFB0C0A495328A58AF35F1C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D851C05A780A4A76AFEBA9103461F54
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1802824/4638801769/1654523382194/index.html
Frame ID: 67E9D45FF50E208B6FFE220CB472E14A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09B52D465791A381DE8C402F4165C0A9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ECBB6151002682697B3A9D276DD9E0EC
Requests: 2 HTTP requests in this frame

Frame: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Frame ID: 100D30B05AD897155DB001BE14468C0F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IRCTC Next Generation eTicketing System

Page URL History Show full URLs

http://irctc.co.in/ HTTP 302
https://www.irctc.co.in/nget/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

178
Requests

92 %
HTTPS

0 %
IPv6

30
Domains

48
Subdomains

43
IPs

5
Countries

4390 kB
Transfer

8213 kB
Size

20
Cookies

85 Outgoing links

These are links going to different origins than the main page.

URL: http://contents.irctc.co.in/en/AboutEwallet.pdf
Title: About IRCTC eWallet

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/EwalletUserGuide.pdf
Title: IRCTC eWallet User Guide

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/irctc_ipay_english.pdf
Title: IRCTC-iPAY

Search URL Search Domain Scan URL

URL: https://www.gyftr.com/irctc?utm_source=WEB_APP
Title: e-Gift Vouchers

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/gallery/tajas.html
Title: Group Booking

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Travel_Insurance_Claim_Process_for_IRCTC_TejasExp.pdf
Title: Travel Insurance Claim Process

Search URL Search Domain Scan URL

URL: https://www.operations.irctc.co.in/ctcan/SystemTktCanLogin.jsf
Title: Counter Ticket

Search URL Search Domain Scan URL

URL: https://enquiry.indianrail.gov.in/
Title: Track Your Train

Search URL Search Domain Scan URL

URL: https://www.ftr.irctc.co.in/ftr/
Title: FTR Coach/Train Booking

Search URL Search Domain Scan URL

URL: https://www.bus.irctc.co.in/
Title: BUSES

Search URL Search Domain Scan URL

URL: https://www.air.irctc.co.in/
Title: FLIGHTS

Search URL Search Domain Scan URL

URL: https://www.hotel.irctctourism.com/
Title: HOTELS

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=Domestic&sector=All&bdar=3
Title: Bharat Gaurav

Search URL Search Domain Scan URL

URL: https://www.the-maharajas.com/
Title: Maharaja's Express

Search URL Search Domain Scan URL

URL: https://www.goldenchariot.org/
Title: Golden Chariot

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=Domestic&sector=All
Title: Domestic Packages

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=International&sector=All
Title: International Packages

Search URL Search Domain Scan URL

URL: https://www.rr.irctctourism.com/#/accommodation/in/ACBooklogin
Title: Retiring Room

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/accommodation
Title: Lounge

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/AboutSBICobrandCard.pdf
Title: About IRCTC SBI Credit Card

Search URL Search Domain Scan URL

URL: https://www.sbicard.com/sprint/c/irctcRuPay?GEMID1=dis_2022_Jun_IRCTC_website&GEMID2=IRCTC&CS=affiliate
Title: IRCTC SBI Platinum Card RUPAY e-apply

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/AboutBOBCobrandCard.pdf
Title: About IRCTC BOB Credit Card

Search URL Search Domain Scan URL

URL: http://www.ecatering.irctc.co.in/eCatering/
Title: Order Food - E-Catering

Search URL Search Domain Scan URL

URL: http://menurates.irctc.co.in/
Title: Cooked Food Menu

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Banner_Advertisment.pdf
Title: Banner-Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Push_Notification.pdf
Title: Push Notification

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Chat_Bot_Advertisment.pdf
Title: Chat Bot Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Cuboid_Advertisements.pdf
Title: Cuboid Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/ERS_Advertisement.pdf
Title: e-Ticket Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Logout_Advertisement.pdf
Title: Logout Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Promotional_SMS.pdf
Title: SMS(Promotional)

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Booking_Mail_Advertisement.pdf
Title: Booking Mail Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Cancellation_Mailer.pdf
Title: Cancellation Mail Advertisement

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Promotional_Mailer.pdf
Title: Mailer(Promotional)

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/Captcha_Advertisement.pdf
Title: Captcha Advertisement

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=cris.org.in.prs.ima&hl=en
Title: Android Mobile App

Search URL Search Domain Scan URL

URL: https://apps.apple.com/in/app/irctc-rail-connect/id1386197253
Title: iOS Mobile App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.irctc.tourism_new
Title: IRCTC Tourism App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.irctc.air&hl=en
Title: IRCTC Air App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.cris.utsmobile&hl=en
Title: UTS TICKET APP

Search URL Search Domain Scan URL

URL: https://www.sbicard.com/eapply/eapply-form.page/apply?path=personal/credit-cards/travel/irctc-rupay-sbi-card.dcr&GEMID1=Home_Promo_Tab_E-apply&GEMID2=IRCTC_Web&CHN=451
Title: IRCTC SBI Platinum Card RUPAY e-apply

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/gallery/tag.html
Title: Trains At A Glance

Search URL Search Domain Scan URL

URL: http://www.nvsp.in/
Title: National Voter"s Service Portal

Search URL Search Domain Scan URL

URL: http://mahilaehaat-rmk.gov.in/
Title: Mahila E-Haat

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/MedicalTourism
Title: Medical Tourism

Search URL Search Domain Scan URL

URL: https://raildrishti.indianrailways.gov.in/
Title: Rail Drishti

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/IRBRmag/
Title: Indian Railways Magazines

Search URL Search Domain Scan URL

URL: https://www.fois.indianrail.gov.in/RailSAHAY/index.jsp
Title: Railways Freight Business Portal

Search URL Search Domain Scan URL

URL: https://corover.ai/irctc/
Title: ChatBot as a Service (CaaS)

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/AadhaarLinking.pdf
Title: Link Your Aadhaar

Search URL Search Domain Scan URL

URL: https://www.irctcimudra.com/
Title: IRCTC iMudra

Search URL Search Domain Scan URL

URL: https://www.railwire.co.in/station-wi-fi-project.php
Title: WI-Fi Railway Stations

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/BOC.pdf
Title: Battery Operated Cars

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/wheelchair
Title: E-wheelchair

Search URL Search Domain Scan URL

URL: https://www.rr.irctctourism.com/
Title: Retiring Room

Search URL Search Domain Scan URL

URL: https://contents.irctc.co.in/en/PetBookingInTrains.pdf
Title: Dogs/Cats Booking

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/HandicraftsCommitteeReport.pdf
Title: Support SHG/Handicraft

Search URL Search Domain Scan URL

URL: https://agent.irctc.co.in/nget/train-search
Title: Agent DC Login

Search URL Search Domain Scan URL

URL: http://www.indianrail.gov.in/enquiry/PNR/PnrEnquiry.html?locale=en
Title: PNR STATUS

Search URL Search Domain Scan URL

URL: https://hotel.irctctourism.com/hotels
Title: HOTELS

Search URL Search Domain Scan URL

URL: https://www.ecatering.irctc.co.in/
Title: E-CATERING

Search URL Search Domain Scan URL

URL: https://www.bus.irctc.co.in/home
Title: BUS

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/tourpacakage_search?searchKey=&tagType=&travelType=&category=
Title: HOLIDAY PACKAGES

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/gallery/
Title: HILL RAILWAYS

Search URL Search Domain Scan URL

URL: http://www.the-maharajas.com/
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/#/tourpacakage_search?searchKey=&tagType=&travelType=International&sector=All
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/#/tourpacakage_search?searchKey=&tagType=&travelType=Domestic&sector=All
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.irctctourism.com/#/tourpkgs
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.facebook.com/IRCTCofficial/

Search URL Search Domain Scan URL

URL: https://youtube.com/c/IRCTCOFFICIAL

Search URL Search Domain Scan URL

URL: https://instagram.com/irctc.official?igshid=yyg5byow704l

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/irctcofficial

Search URL Search Domain Scan URL

URL: https://t.me/IRCTC_Official

Search URL Search Domain Scan URL

URL: https://in.pinterest.com/irctcofficial/

Search URL Search Domain Scan URL

URL: https://irctcofficial.tumblr.com/

Search URL Search Domain Scan URL

URL: https://www.kooapp.com/profile/irctcofficial

Search URL Search Domain Scan URL

URL: https://twitter.com/IRCTCofficial

Search URL Search Domain Scan URL

URL: http://cris.org.in/
Title: CRIS

Search URL Search Domain Scan URL

URL: http://contents.irctc.co.in/en/BetaSiteCompatibleBrowser.html
Title: Compatible Browsers

Search URL Search Domain Scan URL

URL: https://irctc.corover.ai/

Search URL Search Domain Scan URL

URL: https://amzn.to/3UAWETQ

Search URL Search Domain Scan URL

URL: https://youtu.be/gQcqoZvIieg
Title: Watch a Demo

Search URL Search Domain Scan URL

URL: https://corover.ai/advertise/
Title: Advertise with us!

Search URL Search Domain Scan URL

URL: https://amzn.to/3i4lgCr
Title: SALE

Search URL Search Domain Scan URL

URL: https://amzn.to/34WK1uY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://irctc.co.in/ HTTP 302
https://www.irctc.co.in/nget/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECiBDHHRLoMO70KfeklUiVY&google_cver=1&google_push=Aa02lx-0N4tifI96Xwng-QAGhrr6VBCRzY3jm4JcPNJhzO1CdKgexuDu5Q-DnPRawBBRa2AqeQ7QIl4cU6SI7CgkfaaZM4mCr7kYjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECiBDHHRLoMO70KfeklUiVY&google_push=Aa02lx-0N4tifI96Xwng-QAGhrr6VBCRzY3jm4JcPNJhzO1CdKgexuDu5Q-DnPRawBBRa2AqeQ7QIl4cU6SI7CgkfaaZM4mCr7kYjw

Request Chain 108

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGvN-5YZBDp4FkoEIfjVJe4&google_cver=1&google_push=Aa02lx_abtGrxG18mI-js8o0gxfpz1eBuV0nuz-xl2tUYbFK0cusI23zrw_S8OiG_PLN_j8pYAs_v2GZMZeeWdx3Elr3jCrtg-SBFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx_abtGrxG18mI-js8o0gxfpz1eBuV0nuz-xl2tUYbFK0cusI23zrw_S8OiG_PLN_j8pYAs_v2GZMZeeWdx3Elr3jCrtg-SBFw&google_hm=bwuAwOZIT5GiZ_OsAmGBqRw

Request Chain 109

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGIAWFYC3dK8rnhCd5jwyvA&google_cver=1&google_push=Aa02lx9BXxw-5__stIMhvx6V79BErPo8U2x_fWUKAFcTcLrbul2Nem5ZSItDfcOHCJEqVW3zrgVyEEMQSD5ij3AXSDIBFUZMTvKc9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9BXxw-5__stIMhvx6V79BErPo8U2x_fWUKAFcTcLrbul2Nem5ZSItDfcOHCJEqVW3zrgVyEEMQSD5ij3AXSDIBFUZMTvKc9w&google_hm=eS1rVk5aOU1GRTJwRmNYVUxvc1IzTkVrWHdlb2dhSU9Zcn5B

Request Chain 111

https://cc.adingo.jp/adx/push/?google_gid=CAESEGK5rRY5U8N4kCZ9BIYqGMw&google_cver=1&google_push=Aa02lx8Z_2TgSHjGivttRJLtvKhWIVPc8huijj3nLYklFE5lksqP6wtr1VSSy2mu9paFF1ZZYh21b-bVOX2Ft0TYwHc2uCxj6ScKiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8Z_2TgSHjGivttRJLtvKhWIVPc8huijj3nLYklFE5lksqP6wtr1VSSy2mu9paFF1ZZYh21b-bVOX2Ft0TYwHc2uCxj6ScKiQ&google_hm=f5653e511f60306cfc9c11a81d7c7156

Request Chain 113

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENRmR9hUpBenTo6oYW2Iu54&google_cver=1&google_push=Aa02lx_B1uOKRO266sB2kY9cEtNjLGYsepmHIMeTpEq71RGiUKDFK9Vl8z2rodKkZqlSzU1VqsQNxqAXWnJ0sewuTg8CSjyGPhdv_So HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=N2Y5YjUzMGMtZDIyMy00MzRhLWE1ZGItZjg1YTg4NDRmMDJk&google_push=Aa02lx_B1uOKRO266sB2kY9cEtNjLGYsepmHIMeTpEq71RGiUKDFK9Vl8z2rodKkZqlSzU1VqsQNxqAXWnJ0sewuTg8CSjyGPhdv_So HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

178 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.irctc.co.in/nget/
Redirect Chain

http://irctc.co.in/
https://www.irctc.co.in/nget/

8 KB
4 KB

1131ms
281ms

Document
text/html

103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

38a9402c194c04c8938d549d6f8c2bec5f4b67a105d9443bb0a928795898b937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3392
Content-Type: text/html
Date: Thu, 09 Feb 2023 11:08:54 GMT
ETag: "63dbaf6a-20df"
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://www.irctc.co.in/nget/

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 314ms
107ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 603
age: 466689
cdn-cachedat: 02/22/2022 19:16:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5684c8d7a45afc96490ca4a9993c03ea
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 796c26581d5f554b-SYD
cdn-requestpullsuccess: True

GET
H2 200 primeng.min.css
cdn.jsdelivr.net/npm/primeng@9.0.5/resources/ 82 KB
13 KB 323ms
117ms Stylesheet
text/css 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/primeng@9.0.5/resources/primeng.min.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4dc56c750713f32eca2279a7c5f231687bad8a0e061163190467c8b233f48075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:08:54 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 2608798
x-jsd-version: 9.0.5
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13600
x-served-by: cache-fra-eddf8230127-FRA, cache-syd10138-SYD
x-jsd-version-type: version
etag: W/"148d2-QCOPsMfgB3Gv5lC5cCFW7GJ/W5A"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 theme.css
cdn.jsdelivr.net/npm/primeng@9.0.5/resources/themes/nova-light/ 122 KB
11 KB 303ms
97ms Stylesheet
text/css 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/primeng@9.0.5/resources/themes/nova-light/theme.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cff247c4d6c20697eb3565e8cdce376842e41201d0e7a571e3649d1e92f7ed39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:08:54 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1935117
x-jsd-version: 9.0.5
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10972
x-served-by: cache-fra-eddf8230026-FRA, cache-syd10138-SYD
x-jsd-version-type: version
etag: W/"1e656-GK4wGRb8W39oFMuC7UrLwsPQWdk"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/ 30 KB
7 KB 303ms
98ms Stylesheet
text/css 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:08:54 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 12749252
x-jsd-version: 4.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7055
x-served-by: cache-fra19147-FRA, cache-syd10138-SYD
x-jsd-version-type: version
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 576ms
192ms Script
text/javascript 172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f157.1e100.net

Software

sffe /

Resource Hash

fef4a081b1ec23e8d4dd655e6d292d1ca7cbffe39775977461c8b08490784466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27214
x-xss-protection: 0
server: sffe
etag: "1477 / 571 of 1000 / last-modified: 1675935793"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 11:08:54 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
fonts.gstatic.com/s/quicksand/v7/ 18 KB
19 KB 575ms
190ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v7/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5ed8e43c88fcddea19fc1ca953fa736916195f311463ed76b23bcf0a6254f1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 11:48:23 GMT
x-content-type-options: nosniff
age: 170431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18704
x-xss-protection: 0
last-modified: Tue, 10 Oct 2017 23:17:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 11:48:23 GMT

GET
H2 200 da004191678d8e062dab7ecdea625a5251b9dfde.js Show response
cdn.truenotify.co.in/scripts/ 6 KB
2 KB 311ms
105ms Script
application/javascript 104.18.18.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.truenotify.co.in/scripts/da004191678d8e062dab7ecdea625a5251b9dfde.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.117 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2ab55f0c3f815827b29222e282e6d787daa928e68505f03f891d2ab5718d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:54 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 26 May 2021 06:03:50 GMT
server: cloudflare
age: 1669618
etag: W/"60ade4c6-1981"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 796c265a38d7a977-SYD
x-xss-protection: 1; mode=block
expires: Sun, 12 Mar 2023 11:08:54 GMT

GET
H/1.1 200
OK styles.2c093eed1ff9b4d2c007.css
www.irctc.co.in/nget/ 95 KB
30 KB 283ms
281ms Stylesheet
text/css 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

33637f6b6a3662f9c036a67e1d0fd93836de662694bfe8b32d60acb164a752ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:08:54 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-17d29"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK runtime-es2015.74d6d70d3e240a0c777f.js Show response
www.irctc.co.in/nget/ 2 KB
2 KB 285ms
284ms Script
application/javascript 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/runtime-es2015.74d6d70d3e240a0c777f.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

798ddfc68ce50b0c89a0d358621cd3b3f419ccb147535c3058af8c3e206390f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:08:54 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:27 GMT
Server: nginx
ETag: "63dbaf3b-97f"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1568

GET
H/1.1 200
OK polyfills-es2015.92db6019d455ba03538e.js Show response
www.irctc.co.in/nget/ 51 KB
23 KB 571ms
285ms Script
application/javascript 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

c62958fc98ac3452f7687435a0e5f11a44812aae297ed4849a5dbe02770b7c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:08:54 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:27 GMT
Server: nginx
ETag: "63dbaf3b-ccdf"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22796

GET
H/1.1 200
OK main-es2015.52a5ae59daebac56b2c7.js Show response
www.irctc.co.in/nget/ 1 MB
494 KB 1122ms
561ms Script
application/javascript 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/main-es2015.52a5ae59daebac56b2c7.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

2d8a9d9440779033ef22fda8f3e83636de66dae6fb36720c3c9a077bc4e19a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:08:54 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:41:11 GMT
Server: nginx
ETag: "63dbaf67-16bfe4"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 574ms
190ms Script
text/javascript 172.217.194.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 10:15:36 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Feb 2023 12:15:36 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 256 KB
62 KB 324ms
119ms Script
application/javascript 104.18.217.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.truenotify.co.in
URL: https://cdn.truenotify.co.in/scripts/da004191678d8e062dab7ecdea625a5251b9dfde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.217.65 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b50292bec0dc0b99eb18f83f4aa1fad567178263bf164f42d04dedcea75e82

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:55 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Feb 2023 11:39:37 GMT
server: cloudflare
age: 84507
etag: W/"63e389f9-3fe55"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 796c265c3954a808-SYD
x-xss-protection: 1; mode=block
expires: Sun, 12 Mar 2023 11:08:55 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 016F 4 KB
1 KB 113ms
112ms Document
text/html 104.18.217.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.217.65 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
age: 175225
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 796c265dcb2aa808-SYD
content-encoding: br
content-type: text/html
date: Thu, 09 Feb 2023 11:08:55 GMT
expires: Sun, 12 Mar 2023 11:08:55 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_2023020601.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 582ms
191ms Script
text/javascript 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

sffe /

Resource Hash

e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 15:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133115
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:36:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Feb 2024 15:13:16 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 866 B
923 B 582ms
193ms XHR
application/json 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.irctc.co.in

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

485dee28b836ceffebb2603513be31de136e0ab4f06eaa07192c9599ccbebb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 380
x-xss-protection: 0
expires: Thu, 09 Feb 2023 11:08:55 GMT

GET
H2 200 21928950349 Show response
fundingchoicesmessages.google.com/i/ 123 KB
42 KB 665ms
272ms Script
application/javascript 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21928950349?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

121b9155bb21017f5b6cadd4493fe1946bdfd3370123ec6576d24e011a9a702e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WO9v33uiNk_bgAIW4v_4wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WO9v33uiNk_bgAIW4v_4wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXDjDfZNr4n0fzZdj5EiKqjkSkbPAMSPonx7kbFc9D-WrakjtTMvOFxptc9pMxFXmJQwmc0Aabz_4Nao2dqO3k= Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 221ms
220ms Script
application/javascript 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXDjDfZNr4n0fzZdj5EiKqjkSkbPAMSPonx7kbFc9D-WrakjtTMvOFxptc9pMxFXmJQwmc0Aabz_4Nao2dqO3k=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1OTQwOTM3LDM4OTAwMDAwMF0sIjhGOUMwRjA4LTRGMEQtNDFDMi04NUNGLTM1M0JBMjVENDYwQSIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cuaXJjdGMuY28uaW4vbmdldC8iLG51bGwsW1s4LCJrUHEwVkVFTU81WSJdLFs5LCJlbi1HQiJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.kPq0VEEMO5Y.es5.O/d=1/rs=AJlcJMyKg6_4fene88MFclphG8YTINZXPg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

4b42b66068f63a2d4155a4927995299dd5b0d48415755f4453b958e6f8faefa2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kE_pABcjIGjfh0uuy4BB6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-kE_pABcjIGjfh0uuy4BB6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXEDyKM3W0YjSqdwTzBDWpK8ghZtwSk2qYLymmvNKcZRnMdOVKUhHDmklXgGlI0BdLYl1ZDyG1iYmYBi9eMBmpn7PWKtzK5P7fQB2p8ZxoMy2I3rbeLN1CL6jOUw4UuCSwVcsV0rQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 242ms
241ms Script
application/javascript 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXEDyKM3W0YjSqdwTzBDWpK8ghZtwSk2qYLymmvNKcZRnMdOVKUhHDmklXgGlI0BdLYl1ZDyG1iYmYBi9eMBmpn7PWKtzK5P7fQB2p8ZxoMy2I3rbeLN1CL6jOUw4UuCSwVcsV0rQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1OTQwOTM3LDYyMDAwMDAwMF0sIjhGOUMwRjA4LTRGMEQtNDFDMi04NUNGLTM1M0JBMjVENDYwQSIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cuaXJjdGMuY28uaW4vbmdldC8iLG51bGwsW1s4LCJrUHEwVkVFTU81WSJdLFs5LCJlbi1HQiJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

ff58483c9a26bf873baac0bf877992ba5883c441ad774d9c42b6e9a5da158e1b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l7QiPr4q3hJsXJP_Kd6_5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l7QiPr4q3hJsXJP_Kd6_5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 203ms
202ms Image
image/gif 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.27655496355312414

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JxiWnSvX_iJc6wIyEJ5q-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-JxiWnSvX_iJc6wIyEJ5q-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 204ms
204ms Image
image/gif 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.9422795121537133

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-801_TM3P0lv4cNUwj6qxUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-801_TM3P0lv4cNUwj6qxUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVU4iJ5VrW5-PYM5crjNxxo0IP5t96msquDu1SwRnmg3ZLsm29MlFAv7uG8N-WxgDW95P5Fh_ekksAm1HQKbBpIa4-P7X7g9XCTleYydqytSCxfQhZirubJkoN_ylvNa1Eu_Oi5dw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 585ms
204ms XHR
text/html 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU4iJ5VrW5-PYM5crjNxxo0IP5t96msquDu1SwRnmg3ZLsm29MlFAv7uG8N-WxgDW95P5Fh_ekksAm1HQKbBpIa4-P7X7g9XCTleYydqytSCxfQhZirubJkoN_ylvNa1Eu_Oi5dw==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hgxtbFSM6degz_05i66pWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Feb 2023 11:08:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hgxtbFSM6degz_05i66pWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxW00EdkWP_fOXjvE1mhM0zuPInhLzZXdFl05N-WC9EynbVqP10YFi6DHEzcFUqr0d9VZ5wSom0Lk32RILy9RJamp8lQuvpufND1bguouTekwSA74z-glvMePHBOo6GrwK7OR8FhvqvWmrFqO1r7ncb5n9ySZ... 54 B
110 B 205ms
205ms Script
application/javascript 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW00EdkWP_fOXjvE1mhM0zuPInhLzZXdFl05N-WC9EynbVqP10YFi6DHEzcFUqr0d9VZ5wSom0Lk32RILy9RJamp8lQuvpufND1bguouTekwSA74z-glvMePHBOo6GrwK7OR8FhvqvWmrFqO1r7ncb5n9ySZQTO9MkNXpZ3o2pPbtVGJdiue43b90sg/_=adscripts&/popup_code.-page-ad.&adbannerid=-source/ads/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.kPq0VEEMO5Y.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMyKg6_4fene88MFclphG8YTINZXPg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

b3ef4d36a89629a589418f3163b5c65915fcc9e913350b188e43f95826c20ac2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yKt1Q3JxqxeCkCZYTZ-fbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:08:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-yKt1Q3JxqxeCkCZYTZ-fbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
455 B 581ms
190ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.kPq0VEEMO5Y.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMyKg6_4fene88MFclphG8YTINZXPg/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 13:07:05 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU4iJ5VrW5-PYM5crjNxxo0IP5t96msquDu1SwRnmg3ZLsm29MlFAv7uG8N-WxgDW95P5Fh_ekksAm1HQKbBpIa4-P7X7g9XCTleYydqytSCxfQhZirubJkoN_ylvNa1Eu_Oi5dw==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O2UrRkWLdBETL53-U7ba2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Feb 2023 11:08:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-O2UrRkWLdBETL53-U7ba2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.irctc.co.in
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK labels_en.json Show response
www.irctc.co.in/nget/assets/json/ 93 KB
40 KB 563ms
562ms XHR
application/json 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/assets/json/labels_en.json

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

262963e8e03e2668c715978d71b6c65cc44688477bc24ed857049cc816494472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.irctc.co.in/nget/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:08:59 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-17256"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK errorMessage_en.json Show response
www.irctc.co.in/nget/assets/json/ 35 KB
12 KB 286ms
285ms XHR
application/json 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/assets/json/errorMessage_en.json

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

4fbda464b0ab362bf4a8767ef18fcce104801dc20ea391eb390dff26bc5b5287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.irctc.co.in/nget/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:08:59 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-8b59"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12213

GET StationLinguisticNames
www.irctc.co.in/eticketing/ 0
0

GET
H/1.1 200
OK trainList Show response
www.irctc.co.in/eticketing/ 140 KB
62 KB 576ms
576ms XHR
application/javascript 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/trainList

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

a344d0aa1d84fccc99c58b6f8a9c5d2aeeedf8c5135fc8a4b6b563e3db2db356

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
greq: 1675940939813
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/

Response headers

Date: Thu, 09 Feb 2023 11:08:59 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK 1675940939838 Show response
www.irctc.co.in/eticketing/protected/profile/textToNumber/ 3 B
2 KB 860ms
290ms XHR
text/plain 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/protected/profile/textToNumber/1675940939838

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

2e00b312b0a9681bef09f9085a4e918b8fceb0c0b1c043dc17c90beef5fa446c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
greq: 1675940939813
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Thu, 09 Feb 2023 11:09:00 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain
Access-Control-Allow-Origin: https://stagenget.irctc.co.in
Connection: keep-alive
Content-Length: 3
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK css-sprite-combined1.11356089c173c53adec9.png
www.irctc.co.in/nget/ 35 KB
35 KB 1662ms
286ms Image
image/png 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/css-sprite-combined1.11356089c173c53adec9.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

88d6097c7ba2f13047bedd278df6f7a530352beb534af2f3d94cd712f0711eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-8bd3"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35795

GET
H2 200 fontawesome-webfont.woff2
cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/ 75 KB
76 KB 108ms
107ms Font
font/woff2 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:08:59 GMT
x-content-type-options: nosniff
age: 23107318
x-jsd-version: 4.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77160
x-served-by: cache-fra19135-FRA, cache-syd10138-SYD
x-jsd-version-type: version
etag: W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
531 B 584ms
193ms Script
application/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 582ms
194ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 706 B
887 B 225ms
224ms XHR
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=780447519093834&correlator=1916269250865500&eid=31072021%2C44752585&output=ldjh&gdfp_req=1&vrg=2023020601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=37179215%2CHOME_TRAFFIC_TRACKER&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1617374288&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675940939909&lmt=1675341674&dlt=1675940934161&idt=2246&adxs=800&adys=3070&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&frm=20&vis=1&psz=1600x3070&msz=0x0&fws=128&ohw=0&ga_vid=109911499.1675940935&ga_sid=1675940940&ga_hid=1792414643&ga_fc=true

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

5e5b7e6fff91ce32859b5e4db5c15f46c80ee0af993f173fbabed67ec53083b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 377
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E35D 6 KB
3 KB 583ms
191ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:09:00 GMT
expires: Fri, 09 Feb 2024 11:09:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK newsandalert Show response
www.irctc.co.in/eticketing/webservices/taenqservices/ 14 KB
8 KB 807ms
285ms XHR
application/json 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/webservices/taenqservices/newsandalert

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

6190af3855d63cc16ac0056127dad9247710224d3acba2559cd30f612a99ee0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
greq: 1675940939813
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Pragma: no-cache
Date: Thu, 09 Feb 2023 11:09:00 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: no-cache, no-store, must-revalidate,max-age=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK country Show response
www.irctc.co.in/eticketing/protected/mapps1/ 15 KB
6 KB 944ms
289ms XHR
application/json 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/protected/mapps1/country

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

b4f02b4945904cf13e611646c307337e264ed09075bfcd90429da42f507d0fdf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
greq: 1675940939813
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Thu, 09 Feb 2023 11:09:00 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Connection: keep-alive

GET
H/1.1 200
OK StationLinguisticNames Show response
www.irctc.co.in/eticketing/ 370 KB
174 KB 1304ms
569ms XHR
application/javascript 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/StationLinguisticNames?hl=en_hi

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

bd373ef53aed5a64589da23b9c16b9d390576bdb371f5909814b757f330bbecb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
greq: 1675940939813
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Thu, 09 Feb 2023 11:09:00 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: max-age=21600
Content-Disposition: filename="StationLinguisticNames_en_hi.js"
Connection: keep-alive

GET
H2 200 nlpCubeBox.js Show response
cdn.nlpcaptcha.in/js/ 3 KB
3 KB 954ms
312ms Script
application/javascript 169.150.207.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlpcaptcha.in/js/nlpCubeBox.js
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/main-es2015.52a5ae59daebac56b2c7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.207.217 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-207-217.bunnyinfra.net
Software: BunnyCDN-SG1-1031 /
Resource Hash: fd717dd825a505eae20728b83a9058feb690059b9fa3abe91cd8e3c55ac14c07

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-encoding: br
cdn-edgestorageid: 715
cdn-cachedat: 01/22/2023 03:54:17
cdn-pullzone: 87331
last-modified: Sun, 20 Nov 2022 09:29:53 GMT
server: BunnyCDN-SG1-1031
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6379f391-df0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: d0e17a896eadb9e0132f51468c1397c8
cdn-requestcountrycode: AU
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chatbotlib.min.js Show response
sdk.irctc.corover.ai/askdisha-bucket/ 889 B
1 KB 1180ms
399ms Script
application/javascript 3.111.180.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbotlib.min.js
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/main-es2015.52a5ae59daebac56b2c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.111.180.10 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-111-180-10.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: 29395c5352fa16a6e5db9b6db042b016b4703c3f13c2ac2e50daf2fcbe80917a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
x-amzn-trace-id: Root=1-63e4d44c-1afb1f8543ac91614f0cb686
x-amzn-requestid: 51d75eec-8876-48e8-842a-da2674f0cd27
content-length: 889
x-amz-apigw-id: AEYcDF17hcwFZWw=
content-type: application/javascript

GET
H/1.1 200
OK Web_alerts_700x90.jpeg
contents.irctc.co.in/en/ 34 KB
34 KB 1162ms
292ms Image
image/jpeg 103.252.142.22
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contents.irctc.co.in/en/Web_alerts_700x90.jpeg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.22 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

Software

Resource Hash

8d37ba57f34de55fa31f52bc2bfbd915dc265fd6008d16a03702bce45b11d8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://*.irctc.co.in
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Jun 2022 10:36:32 GMT
ETag: "62ac5930-8768"
X-Frame-Options: allow-from https://*.irctc.co.in
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34664
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Koo.png
www.irctc.co.in/nget/assets/images/ 981 B
1 KB 316ms
282ms Image
image/png 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/Koo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

4e332dddbbf42315e57389a1acceeba09e8e557301137fa7c17084463d90ee10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-3d5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 981

GET
H/1.1 200
OK G20_Logo.png
www.irctc.co.in/nget/assets/images/ 5 KB
5 KB 1169ms
285ms Image
image/png 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/G20_Logo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

0249990b2729bc3064b6ab3ca227955708e9599ff362008931c7d73b9eccee4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-1422"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5154

GET
H/1.1 200
OK logo_top_eng.jpg
www.irctc.co.in/nget/assets/images/ 4 KB
4 KB 1033ms
286ms Image
image/jpeg 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/logo_top_eng.jpg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

09abcd93a612c0eff446b57176ab9520a6826bf88fadbae6c10093b389ce51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:00 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-ee7"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3815

GET
H/1.1 200
OK checkBox.8cf423073e71167979b5.jpg
www.irctc.co.in/nget/ 688 B
1003 B 998ms
286ms Image
image/jpeg 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/checkBox.8cf423073e71167979b5.jpg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

74d955fc1fabc21de7667611927dae6d60804e5696684359564d897970095203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:00 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-2b0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 688

GET
H/1.1 200
OK home_page_banner1.ab4db3998511d52c6612.jpg
www.irctc.co.in/nget/ 196 KB
197 KB 980ms
286ms Image
image/jpeg 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/home_page_banner1.ab4db3998511d52c6612.jpg

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

cdf52f83d9e402b936bbf65818f2fec7270ae54d83883d69baded01cf0d3228b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:00 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-31165"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 201061

GET
H/1.1 200
OK primeicons.04701ca33ce96d325419.ttf
www.irctc.co.in/nget/ 39 KB
20 KB 698ms
568ms Font
application/octet-stream 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/nget/primeicons.04701ca33ce96d325419.ttf

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

38fa9ef0a9b1bfed89c84a815e2f827a690dd92cbdcda7a4f74f2020ccd9d7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irctc.co.in/nget/styles.2c093eed1ff9b4d2c007.css
Origin: https://www.irctc.co.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:00 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 12:40:24 GMT
Server: nginx
ETag: "63dbaf38-9a94"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20387

GET
H/1.1 200
OK logo.png
www.irctc.co.in/nget/assets/images/ 2 KB
2 KB 1230ms
285ms Image
image/png 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/logo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

11ebf641b813e8a0a052556192651e12b650e6386f8a252b46843c8bd20e9a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-730"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1840

GET
H/1.1 200
OK chart.png
www.irctc.co.in/nget/assets/images/icons/ 371 B
685 B 1400ms
284ms Image
image/png 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/icons/chart.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

5ce8bf6ae4d027eba517d00945ea878f377dd31272849fd33d553dffad1f7d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-173"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 371

GET
H/1.1 200
OK pnr.png
www.irctc.co.in/nget/assets/images/icons/ 324 B
638 B 1264ms
284ms Image
image/png 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/icons/pnr.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

ed988b9e45ba388c6d237e75853f2d50c6747151a47d3705aedbf29d53a5258e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-144"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 324

GET
H/1.1 200
OK secondry-logo.png
www.irctc.co.in/nget/assets/images/ 3 KB
3 KB 1217ms
286ms Image
image/png 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irctc.co.in/nget/assets/images/secondry-logo.png

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

94499175047491038f44a62b1d7a658ccee12d833c405e980b8fe2621464431e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/nget/train-search
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:01 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 02 Feb 2023 12:41:14 GMT
Server: nginx
ETag: "63dbaf6a-c4d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3149

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU4iJ5VrW5-PYM5crjNxxo0IP5t96msquDu1SwRnmg3ZLsm29MlFAv7uG8N-WxgDW95P5Fh_ekksAm1HQKbBpIa4-P7X7g9XCTleYydqytSCxfQhZirubJkoN_ylvNa1Eu_Oi5dw==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0Y8uFhadI1iTotNyvxIRjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0Y8uFhadI1iTotNyvxIRjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.irctc.co.in
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU4iJ5VrW5-PYM5crjNxxo0IP5t96msquDu1SwRnmg3ZLsm29MlFAv7uG8N-WxgDW95P5Fh_ekksAm1HQKbBpIa4-P7X7g9XCTleYydqytSCxfQhZirubJkoN_ylvNa1Eu_Oi5dw==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ESNAqi5KAF3W69-xuAe8Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-ESNAqi5KAF3W69-xuAe8Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVU4iJ5VrW5-PYM5crjNxxo0IP5t96msquDu1SwRnmg3ZLsm29MlFAv7uG8N-WxgDW95P5Fh_ekksAm1HQKbBpIa4-P7X7g9XCTleYydqytSCxfQhZirubJkoN_ylvNa1Eu_Oi5dw==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-138y0-sweAlbhV-r_DWdvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-138y0-sweAlbhV-r_DWdvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.irctc.co.in
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUEardA0eyTwxVJ0JljAV-tLvU21lqZAI4BbB45Li3qLVVLAV5I3UNlaD-EjQnVQ8yz7zkEGnXhojl0FsaU7kg4WOWdeKwzc8dP8lPYVdJwRlGWmqWmMa6btERc4Q_V8oLg-buDcQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 221ms
221ms Script
application/javascript 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUEardA0eyTwxVJ0JljAV-tLvU21lqZAI4BbB45Li3qLVVLAV5I3UNlaD-EjQnVQ8yz7zkEGnXhojl0FsaU7kg4WOWdeKwzc8dP8lPYVdJwRlGWmqWmMa6btERc4Q_V8oLg-buDcQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1OTQwOTQwLDI3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmlyY3RjLmNvLmluL25nZXQvdHJhaW4tc2VhcmNoIixudWxsLFtbOCwia1BxMFZFRU1PNVkiXSxbOSwiZW4tR0IiXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

84dfd7f5af8a3bb1f5aad14e6530674c44306713c8b08151cd91dc8322761e01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y2DBHiX_nt3Kzf_LyZbxzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y2DBHiX_nt3Kzf_LyZbxzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUSkcQ4SEooZ9MtC9LGwKoda6gj_OffP5Rhns45li3H9TEAKmLa7HUkuXLNQbSiA_jr5mLEkYW6JKvavO6XQKfKttK2jGznfS-tOUNBl4Jb8Ntl_KW8u77Qxqtc1lhxcFaeNG0Lqw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 198ms
198ms XHR
text/html 142.250.4.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUSkcQ4SEooZ9MtC9LGwKoda6gj_OffP5Rhns45li3H9TEAKmLa7HUkuXLNQbSiA_jr5mLEkYW6JKvavO6XQKfKttK2jGznfS-tOUNBl4Jb8Ntl_KW8u77Qxqtc1lhxcFaeNG0Lqw==

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_PsRdUI_kcsqPjjdorEarw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Feb 2023 11:09:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-_PsRdUI_kcsqPjjdorEarw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.irctc.co.in
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 580ms
197ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122267849-1

Requested by

Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbotlib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

bb4a69618d4d0d92ec8a479ff7753396276e027b28684be1af173c7cecc7c798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44116
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Feb 2023 11:09:01 GMT

GET
H2 200 chatbot_IRCTC_V2.js Show response
sdk.irctc.corover.ai/askdisha-bucket/ 72 KB
72 KB 774ms
774ms Script
application/javascript 3.111.180.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675940941152
Requested by: Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbotlib.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.111.180.10 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-111-180-10.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: d861a2e14ab2643c5ccf2608c3e9ce0ec9e0c4787e5de948984c39d31c10794e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:01 GMT
x-amzn-trace-id: Root=1-63e4d44d-3f2fd0d20fc7ea3249e91c31
x-amzn-requestid: 522f5545-a6ee-4921-a7ee-49ba15d6aa4e
content-length: 73892
x-amz-apigw-id: AEYcHGqchcwFqLA=
content-type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 191ms
191ms XHR
text/plain 172.217.194.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1792414643&t=pageview&_s=1&dl=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&ul=en-us&de=UTF-8&dt=IRCTC%20Next%20Generation%20eTicketing%20System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAIAB~&jid=882020121&gjid=1000331969&cid=109911499.1675940935&tid=UA-122267849-1&_gid=904819680.1675940935&_r=1&gtm=457e3280&z=275752378

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 191ms
191ms Script
text/javascript 172.217.194.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122267849-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 10:15:36 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3206
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Feb 2023 12:15:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
353 B 577ms
191ms XHR
text/plain 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-122267849-1&cid=109911499.1675940935&jid=882020121&gjid=1000331969&_gid=904819680.1675940935&_u=aEDAAUAAAAAAACAAIAB~&z=28584477

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irctc.co.in/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:09:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 1737ms
1737ms Script
text/javascript 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675940941152

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

sffe /

Resource Hash

fef4a081b1ec23e8d4dd655e6d292d1ca7cbffe39775977461c8b08490784466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27214
x-xss-protection: 0
server: sffe
etag: "1477 / 183 of 1000 / last-modified: 1675935793"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 11:09:03 GMT

GET 320x50_placeholder.html
assistant.corover.mobi/ Frame 65E8 0
0

GET
H/1.1 200
OK AskDisha2.0-Book-train-ticket-blue.gif
uiresource.ap-south-1.linodeobjects.com/irctc/ 85 KB
86 KB 647ms
197ms Image
image/gif 139.162.42.49
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uiresource.ap-south-1.linodeobjects.com/irctc/AskDisha2.0-Book-train-ticket-blue.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.42.49 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy2-sin1.linode.com
Software: /
Resource Hash: e7d216bc3ccbc2487aff1649e35d2ee3d329d941e48cd2e9f8ba83f7412ea10d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Thu, 19 May 2022 04:59:38 GMT
x-amz-request-id: tx0000000000000029c062f-0063e4d44e-59a92be-default
ETag: "b94c560aafb127dfe9a3bc66b988f74f"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87364

GET
H2 200 320x50_placeholder.html Show response
assistant.corover.mobi/ Frame 8DCD 1 KB
802 B 602ms
196ms Document
text/html 54.192.150.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assistant.corover.mobi/320x50_placeholder.html
Requested by: Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675940941152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-98.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 172d69ea24f81ead966ddd005f1868a2d0c34748229f85265e8c48e61c25f1e8

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 38969
content-encoding: br
content-type: text/html
date: Thu, 09 Feb 2023 00:20:07 GMT
etag: W/"1e581b1b942d6160c0ce433f7391981a"
last-modified: Mon, 23 Jan 2023 14:05:09 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
x-amz-cf-id: pez_MVq_p8SC1l5JnA801Q-rObgIEPI5d4nlszm9SP-a5am0yXhu2w==
x-amz-cf-pop: SIN2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 156 KB
58 KB 971ms
319ms Script
application/javascript 156.146.56.170
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: sdk.irctc.corover.ai
URL: https://sdk.irctc.corover.ai/askdisha-bucket/chatbot_IRCTC_V2.js?1675940941152
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.56.170 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 156-146-56-170.bunnyinfra.net
Software: BunnyCDN-SG1-978 /
Resource Hash: 3b4c1f54376b082499b8eda5f0d5138714cc785243bf347a7bb38816ed6d1d82

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: br
cdn-edgestorageid: 1021
cdn-storageserver: SG-76
cdn-cachedat: 02/08/2023 09:52:30
cdn-pullzone: 873945
last-modified: Wed, 08 Feb 2023 09:52:13 GMT
server: BunnyCDN-SG1-978
cdn-fileserver: 233
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63e370cd-27029"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: ab0cd468bc64b587755d228ee817f086
cdn-requestcountrycode: AU
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK disha.gif
eticket.ap-south-1.linodeobjects.com/ 386 KB
386 KB 599ms
199ms Image
image/gif 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/disha.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: a51b849270fefbfd714cc4b625cb0f91b29025cbf33fb3da985a3bde40894ccc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Thu, 07 Apr 2022 23:12:50 GMT
x-amz-request-id: tx0000000000000029dca16-0063e4d44e-59a828b-default
ETag: "2ab0547d498e8cdeee21bc8fb91974d7"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 394942

GET
H/1.1 200
OK irctc.png
eticket.ap-south-1.linodeobjects.com/ 216 KB
216 KB 599ms
198ms Image
image/png 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/irctc.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: af35cff9e5c54ebfb078d8f6c3f1220e8cd98f34e4dfecbfa1e9b8da15037cf9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Tue, 05 Apr 2022 10:12:37 GMT
x-amz-request-id: tx000000000000021a5e469-0063e4d44e-53433e2-default
ETag: "cb3871b3e44a2591773e9322070fc9a2"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221026

GET
H/1.1 200
OK Thumbsup.gif
dishav3.ap-south-1.linodeobjects.com/ 697 KB
697 KB 611ms
212ms Image
image/gif 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dishav3.ap-south-1.linodeobjects.com/Thumbsup.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: e2927f16c3d19be6cfa6a76cd46151a348682feb5492b4547eba7043122ef57f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Wed, 03 Aug 2022 02:45:57 GMT
x-amz-request-id: tx00000000000002dd95af9-0063e4d44e-5211619-default
ETag: "bb782b9930513fe8e146ecaf4447f642"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 713664

GET
BLOB 200
OK 3e2f444a-30fc-4d19-bd16-680ad565fd05
https://www.irctc.co.in/ 794 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.irctc.co.in/3e2f444a-30fc-4d19-bd16-680ad565fd05
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd703ef56efbb4bd984727e547e21e9591ad9ccbdf0349e1fee0d6b526a8f80e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 794
Content-Type: image/svg+xml

GET
H/1.1 200
OK Minimum.png
eticket.ap-south-1.linodeobjects.com/ 3 KB
3 KB 607ms
206ms Image
image/png 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/Minimum.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: 5ba5e420bc8592ac1d1c281ecf90ad92c17f023e96c8a2bd9e12d072cb75cdce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Fri, 20 May 2022 07:08:10 GMT
x-amz-request-id: tx00000000000002dd95afa-0063e4d44e-5211619-default
ETag: "e5d0f9e65b32203909bd904c72408836"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2942

GET
H/1.1 200
OK DEALS....png
uiresource.blob.core.windows.net/chatbot-res/irctc/res/ 48 KB
48 KB 935ms
233ms Image
image/png 20.150.114.33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uiresource.blob.core.windows.net/chatbot-res/irctc/res/DEALS....png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.114.33 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8600726486c2065e1f5c13a5f7fdeaff05ac6098bb5c6d9726e5f93f1e7ae345

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 09 Feb 2023 11:09:03 GMT
Last-Modified: Tue, 26 Nov 2019 14:29:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D7727D0F3019E6"
Content-Type: image/png
x-ms-request-id: c7f452a1-001e-0024-2d76-3c3d96000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 49140
x-ms-lease-state: available

GET
H/1.1 200
OK close-white-ad.png
eticket.ap-south-1.linodeobjects.com/ 1 KB
1 KB 599ms
199ms Image
image/png 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/close-white-ad.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: 66287d6e66f6823abe9c9ee9eaaf6355936571e002236a9cc75aeacc5eb86c4a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Fri, 03 Jun 2022 14:56:24 GMT
x-amz-request-id: tx0000000000000029c776b-0063e4d44e-59a9306-default
ETag: "502ea029dd3cc26d5af756562b2bb292"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1155

GET
H/1.1 200
OK IRCTC-banner-4.gif
dishav3.ap-south-1.linodeobjects.com/ 223 KB
223 KB 600ms
201ms Image
image/gif 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dishav3.ap-south-1.linodeobjects.com/IRCTC-banner-4.gif
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: c793dd8a847fe4f25969decc6f72cabe54099061f550f5536bd8661de6121eb5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Sat, 24 Dec 2022 15:59:01 GMT
x-amz-request-id: tx0000000000000029c776a-0063e4d44e-59a9306-default
ETag: "d46e6f25cd4a751bab1e468eaf4c0c5d"
Content-Type: image/gif
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 227940

GET
H/1.1 200
OK train-blue.svg
eticket.ap-south-1.linodeobjects.com/ 3 KB
3 KB 599ms
198ms Image
image/svg+xml 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eticket.ap-south-1.linodeobjects.com/train-blue.svg
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: 1a435e38d1ebd36e06475ba4851e212bc3e800007ac9e1d874dedf10691134b6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Tue, 05 Apr 2022 09:16:06 GMT
x-amz-request-id: tx0000000000000029c776c-0063e4d44e-59a9306-default
ETag: "5f401ef194b5c964ffcd480f8ed189fb"
Content-Type: image/svg+xml
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3106

GET
H/1.1 200
OK disha-support.png
dishav3.ap-south-1.linodeobjects.com/ 25 KB
25 KB 600ms
200ms Image
image/png 172.104.56.205
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dishav3.ap-south-1.linodeobjects.com/disha-support.png
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.56.205 , Singapore, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: osproxy6-sin1.linode.com
Software: /
Resource Hash: 9b048c6923acbaead832cbf4da52658759e4a503436a3b7aca36eb647e0749c3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Last-Modified: Fri, 23 Dec 2022 16:19:36 GMT
x-amz-request-id: tx0000000000000068f83c0-0063e4d44e-58a9921-default
ETag: "d25caffc3a7289c603771441fe650394"
Content-Type: image/png
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25172

GET
H/1.1 200
OK StationLinguisticNames Show response
www.irctc.co.in/eticketing/ 2 KB
3 KB 282ms
282ms XHR
application/javascript 103.252.142.21
CRIS-ND-21-IN Cen...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irctc.co.in/eticketing/StationLinguisticNames?hl=popular_en

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

103.252.142.21 , India, ASN45596 (CRIS-ND-21-IN Centre For Railway Information Systems, IN),

Reverse DNS

nget.irctc.co.in

Software

nginx /

Resource Hash

8cc3f7da9e0c12b1c8e94437e566e23607b7b6616388af1a27e33a912e9f8e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://.google.co.in https://.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://.google.co.in https://.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
greq: 1675940939813
Content-Language: en
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
bmirak: webbm
Referer: https://www.irctc.co.in/nget/train-search

Response headers

Date: Thu, 09 Feb 2023 11:09:02 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https://ib.adnxs.com/ut/v3/prebid https://rtb2.automatad.com/ortb2/resp https://dmx.districtm.io/b/v1 https://ap.lijit.com https://adserver-us.adtech.advertising.com https://fonts.googleapis.com https://ad.doubleclick.net https://cdnjs.cloudflare.com https://b2cdn.automatad.com https://cdn.ampproject.org https://securepubads.g.doubleclick.net https://tpc.googlesyndication.com https://assistant.corover.mobi https://go.automatad.com https://www.googletagmanager.com https://uiresource.blob.core.windows.net https://www.gstatic.com https://pagead2.googlesyndication.com https://www.google-analytics.com http://irctclive.nlpcaptcha.in https://www.googletagservices.com https://*.google.co.in https://*.google.com https://cbpssubscriber.mygov.in https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://googleads.g.doubleclick.net;img-src 'self' https://*.google.co.in https://*.google.com;font-src 'self';prefetch-src 'self' https://*safeframe.googlesyndication.com;object-src 'none'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; preload
Server: nginx
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://www.operations.irctc.co.in
Cache-Control: max-age=21600
Content-Disposition: filename="StationLinguisticNames_popular_en.js"
Connection: keep-alive

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 583ms
196ms Image
image/gif 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-122267849-1&cid=109911499.1675940935&jid=882020121&_u=aEDAAUAAAAAAACAAIAB~&z=867308563

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 605ms
218ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-122267849-1&cid=109911499.1675940935&jid=882020121&_u=aEDAAUAAAAAAACAAIAB~&z=867308563

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8DCD 79 KB
27 KB 1126ms
1126ms Script
text/javascript 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: assistant.corover.mobi
URL: https://assistant.corover.mobi/320x50_placeholder.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

sffe /

Resource Hash

fef4a081b1ec23e8d4dd655e6d292d1ca7cbffe39775977461c8b08490784466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27214
x-xss-protection: 0
server: sffe
etag: "1477 / 205 of 1000 / last-modified: 1675935793"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 11:09:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 195ms
192ms Script
application/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 193ms
193ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.irctc.co.in

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 106 KB
19 KB 609ms
609ms XHR
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=780447519093834&correlator=1916269250865500&eid=31072021%2C44752585&output=ldjh&gdfp_req=1&vrg=2023020601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=37179215%2CGPT_NWEB_HOME_UPCOMING_JOURNEY_RIGHT1%2CGPT_NWEB_HOME_TOP1%2CGPT_NWEB_HOME_TOP%2CGPT_NWEB_HOME_CENTER%2CGPT_NWEB_HOME_RIGHT_BOTTOM&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C970x90%7C728x90%2C1200x250%7C970x250%7C970x90%7C728x90%2C970x90%7C728x90%2C300x600%7C120x600%7C160x600&ifi=2&adks=1604966888%2C4165385285%2C3390067838%2C1292122486%2C878741977&sfv=1-0-40&sc=1&cookie=ID%3De12d520539c1ccd9%3AT%3D1675940940%3AS%3DALNI_MYYfJD1niWQpu68WSxUzSnSgq-sAA&gpic=UID%3D00000bbea90e7c15%3AT%3D1675940940%3ART%3D1675940940%3AS%3DALNI_MbimD64jt8gWh6V_dTK-4ytC4HUxA&abxe=1&dt=1675940942974&lmt=1675341674&dlt=1675940934161&idt=2246&adxs=-9%2C15%2C15%2C15%2C1005&adys=-9%2C781%2C860%2C1399%2C2223&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C2%7C3&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&frm=20&vis=1&psz=0x-1%7C1600x68%7C1600x2894%7C1600x2894%7C350x0&msz=0x-1%7C1585x15%7C1585x15%7C1585x0%7C350x0&fws=2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=109911499.1675940935&ga_sid=1675940940&ga_hid=1792414643&ga_fc=true

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

e76262294b6951ce10d307f7754314cfd56b7c73892dd617c1929b0032128e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19803
x-xss-protection: 0
google-lineitem-id: 5749208860,5506837085,-1,-2,5506837085
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138357635885,138416261507,-1,-2,138416799396
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 771 B
373 B 553ms
553ms XHR
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=780447519093834&correlator=1916269250865500&eid=31072021%2C44752585&output=ldjh&gdfp_req=1&vrg=2023020601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21928950349%3A21748009408%2Circtc_chatbot_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&adks=1033719140&sfv=1-0-40&sc=1&cookie=ID%3De12d520539c1ccd9%3AT%3D1675940940%3AS%3DALNI_MYYfJD1niWQpu68WSxUzSnSgq-sAA&gpic=UID%3D00000bbea90e7c15%3AT%3D1675940940%3ART%3D1675940940%3AS%3DALNI_MbimD64jt8gWh6V_dTK-4ytC4HUxA&abxe=1&dt=1675940942981&lmt=1675341674&dlt=1675940934161&idt=2246&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.irctc.co.in%2Fnget%2Ftrain-search&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=375&ga_vid=109911499.1675940935&ga_sid=1675940940&ga_hid=1792414643&ga_fc=true

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

75891765e870156a26e68a1d1afac45a388f3496c607824e6cb4332575faa865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.irctc.co.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 12C9 0
0 198ms
197ms Fetch
image/gif 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskNukRknkzJPej55XWyEWL2W0lFVxEza5OzVuN7UubY1uobCG5HrmW8K4MwyWPGSi6dD7Bz6UVGjJ8sPS_Bn6-cNsMnFIhAQs7uN6pR_-czQb39DhFvD1FljZ4oWmwNrdv23Nl9GdCDDpp8R0A8agnDpkOC2iD7KUZgNtYKUZ4AMNcOdMwPZIxCT-MDJFEMjkW3UWLUobupcZhyijetirUIbYXvbB4xet3XZikxd4lcCGMglE3_JhQY3c2jAbVhPk5o5M4QxsRwmIcyhgrXcyCNwQFvQu75WcAp4V8oOai9GqGZMThEsBCVy4PM-W90NWD&sai=AMfl-YTPb7cYTEFHH4Nb_SQykI4RvaKnwsK35wXP1eeqwlkejczmcooBovCWVwRb8xFTPoQgvJDQVRF90IcfNt1L6zzzzSRYswqTjWUHSq-HZ2wDZLK4S_GrctgRYlwVjos&sig=Cg0ArKJSzGVUu7bRLnBKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 12C9 3 KB
1 KB 631ms
245ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 04:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 04:36:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12C9 156 KB
48 KB 193ms
191ms Script
text/javascript 172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f157.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:09:03 GMT

GET
H2 200 6896575230520559133
tpc.googlesyndication.com/simgad/ Frame 12C9 55 KB
55 KB 865ms
480ms Image
image/jpeg 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6896575230520559133

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

519538ad530d1ba2e60c8a3a9c864663edd0c1adfb729925c8e665d71c9af6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 07:16:56 GMT
x-content-type-options: nosniff
age: 13928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56422
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:21:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 07:16:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 12C9 0
0 239ms
238ms Image
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0N5_CxLvklF-tmohxMkuTAshGCpj32aJH4fVTp_Vbpw7StfH48qWgdlNGL1DxcNMB7_rwQrvdncygGdoa5zGe8dSOKQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 container.html Show response
94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A0A7 6 KB
3 KB 191ms
190ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:09:00 GMT
expires: Fri, 09 Feb 2024 11:09:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 085C 0
0 196ms
195ms Fetch
image/gif 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4qf7Yb7bgQxizDJsTpwVIm3H3vcrMj8Ii-XCGD5SJcqO7J_THKIC9qo06jaYE53F57SgFA_tDoT2FAseQlNeN4jyesKx_7m2VqO3BLBriCYqYz_eumT0yriCxjp4QvU0ilThexkVMJjgA4cqlyLJVfIRu3UuEE0XaiAnmbRlpZ2yCWdr6i2tIcjuZc1S2V-HZLu6w1igEcmC3UV_Ju_1H3DE4xG5M76N2jdxwiSbyT54w8s9sqbrFmruxSkZd4QcQMV6WMbGGp9HnuHLMgVzxUtDml3dv7nGgiehg3ueGiNxH-O_1k-erhxUxw7iv8IiQjdmnfqWfffuf&sai=AMfl-YS3EnWcoQh8ViZ-3L-GBSJo1-CydSxvSXIrriqpUBfMlxD_aJZlPCLWwsjEu5fQoOjeH6QUSsLS9fS49XwiS-iC3Hc_awDPUZnk6dTMCY3ixVH_q9MgNj_1krWu1Zg&sig=Cg0ArKJSzOBmAwJO0KbsEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 085C 3 KB
1 KB 603ms
235ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 04:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 04:36:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 085C 156 KB
48 KB 292ms
291ms Script
text/javascript 172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f157.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:09:03 GMT

GET
H2 200 11090241117728884468
tpc.googlesyndication.com/simgad/ Frame 085C 94 KB
94 KB 612ms
245ms Image
image/jpeg 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11090241117728884468

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

c8bd816f4b2992b4aecfb4f447b3c978da672068f2185c30cb39804ff2d7db03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:51:47 GMT
x-content-type-options: nosniff
age: 112637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95835
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 05:28:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Feb 2024 03:51:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 085C 0
0 232ms
232ms Image
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRj30hBK_QGQJODUrZjVIgJsnosdvogTEmQwVkiqi9HblJnKm7ansaMeMBkZcEPnhtRPgj9UHTo0CzRp1NfEl0XEEvLlg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 12C9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f15eacaef477d8701e3540b091c8dab60d464101b06b0d16c48f4605af52bf

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 085C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6770002ff989386dd307adb490b0d4cc473f1730b1c208b7cc48e12b574f946e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A0A7 0
0 202ms
201ms Fetch
text/html 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbCoNT9TkY8u5B7mUssUPmOaSwA-Y_NGxXLKLtOWFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi02Njg1NzExMDI2NjU3Mjc3yAEJqQKLFQUZRVmnPuACAKgDAaoEgAJP0GBEw7dBQcB-8CWjmKJD_YTGp3O8-gJwhXBfje86PsIwq0Ii3nhMDPVzk5Kg6-cv4GXU46LAjYKTpAVbIEpor9RfALxKZlOl9fGKNeYf9TqqeIa6QF_QiuRTltIp0mmPVze_8s1b83QMEEiQJau12gnYdIWVcREZTwuvdFnrkW4qgEqb8L9oIe98edpxgnYbZLIgU9YkJYnpYSsidyne7-EM2_wwrNmXZqS-aXQ4H0izHcEb_R1Scvkjp9x7WrhULk7mM53cQm7HIfJzNbyqOrPA43tgNogzfZAF-e1h1LX7lcAfi4FGysBFp3S8vO9EA7bfw9bDE2EHxtgAeWlJ4AQBgAbOi5apkq_vqewBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjY4NTcxMTAyNjY1NzI3NxjfxBM&sigh=giG6yEhfW4g&uach_m=[UACH]&cid=CAQSPADUE5ymwv-P42ZQKIKRBfH-UpkRGkueKqKCgjy-YpKCqA6sFc6ZzDo6HLPLLYg04UsKBf6CelIsBl5a2RgB
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f157.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame A0A7 0
0 742ms
246ms Fetch 182.161.74.19
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k4XHEtH5RLAJ-gFi-C0SAgAAAG_u9rC8hJHfJ4hRQwk5jtsQTtTkY1ppiWQVz5H4IG5wABIAAAoOQVFVQkRRWUREUUVCRFE&wp=Y-TUTwAB3MsCrIo5AASzGO7xJZsIuZQPE-zSmA

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 213551
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 24E9 154 KB
50 KB 721ms
322ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y-TUTwAB3MsCrIo5AASzGO7xJZsIuZQPE-zSmA&u=%7CcY8BcfvWESuMLjxUpwMGakDdQ8FUlBIUJJM4E%2BdM5fo%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op95y2Yu2xOk3YIAr2PWN1BECKdg9VDOUoS-taJNOE5ehPlmTW5BnyYGjkv88MWE_k9znBBFMWkTMaRj91ElYObNca9HPyHXSLtNM2XG57JJxW9CKgVDwAen4bbeaN8Dadt1C5PB0RW2s1b_x8D0IXtweNHVMxVbcRvZ-8d6xcaehmiD29zzZu33vYCJ4RDW2pVd3vc7fRLVfHJwpFx1Djmtw0cgTJBs7urVyYVtlFvl4qI70dScUNaFTjuwEltmi4KTPOzASSSujqjVdzSwhPVOO5qGo1_9owTS2F0Sszr_ng14dPMEQtw2JuQNr8HyW0SmfR9h4xhSbYq4lkJa320mK-5r0gS_ZdaM7Xk5vgV5zcf4bniBbMpPYla99w7bCBJkD-hcZ6pEdF1FKVrMjXaJ4sbnzVoVJTL2kn9RCQ-j6eMnj2Vsh84NZA0bWWttJtkN8dSSF7hRy0QyT0ivU2f2i1dTxHeEeeTsu-BDU2WjYO-bg--MbkVP1fNsfJjSMDU7KOHsfWx77pQht8n7BilsCTHBmqfy8mFi4tWuZ2KlB-Ue2IVcRr1K1J6SYAH0r27ABJJn2LoCzSxRE6v5siPsos&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfNusT9TkY8u5B7mUssUPmOaSwA-Y_NGxXLKLtOWFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi02Njg1NzExMDI2NjU3Mjc3yAEJqQKLFQUZRVmnPuACAKgDAaoEgwJP0GBEw7dBQcB-8CWjmKJD_YTGp3O8-gJwhXBfje86PsIwq0Ii3nhMDPVzk5Kg6-cv4GXU46LAjYKTpAVbIEpor9RfALxKZlOl9fGKNeYf9TqqeIa6QF_QiuRTltIp0mmPVze_8s1b83QMEEiQJau12gnYdIWVcREZTwuvdFnrkW4qgEqb8L9oIe98edpxgnYbZLIgU9YkJYnpYSsidyne7-EM2_wwrNmXZqS-aXQ4H0izHcEb_R1Scvkjp9x7WrhULk7mM53cQm7HIfJzNbyqOrPA43tgNogzfdIH2H-EGjyFakluFWoQUANss34rtsFc6z4slUwKrX8r3j_r6Be2enfd4AQBgAbOi5apkq_vqewBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3KXhwztC0Tw1DR_IlU4EmdjLRFng%26client%3Dca-pub-6685711026657277%26adurl%3D

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

7930bbf04510ced4cdae7a78fb4b9868fc71235d947f5d12e7ee480048301056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:09:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=bnm8nEuQ8R8sV7Rpt3uMYKl3d6Y785c5FLoZx64tELtekyx3EmkohL0hgBsh0f7zrXGEHnTnvgGkSftACfwFO_UwM2Otg-V1pQQ3NgZpo55Hm4NbgpdLYLRqZbXL7yqp8NykIJAYiTdEFcHmwlhcWV2Jvszyw9nvWXCDXCuxBOp3bguw4bnSWPq15l4okRPn5zxTdQMZtNX4UCQJwUyI73NiRx8OystOyUSJ-Wf9tJVH6yHvPB0RfYxhj6N2-KhPRhUVod-M07HBDjke"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 99537735
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame A0A7 3 KB
1 KB 406ms
235ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 04:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 04:36:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 25A4 1 KB
758 B 192ms
190ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 83223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:02:00 GMT
etag: 48472445140208031
expires: Thu, 09 Feb 2023 12:02:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame A0A7 18 KB
8 KB 361ms
191ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 22:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 22:28:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A0A7 0
0 240ms
238ms Image
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNvsYpPcpMrcCxrJxqN8ZS5V5iJdAMiXboZGiW3eft-WuCy8wGduj48FmZGV1gKWaKLOqBT2TQHcyBoFVB3Yn50np68Q
Requested by: Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A0A7 24 KB
7 KB 379ms
210ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Feb 2024 09:06:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0A7 156 KB
48 KB 268ms
267ms Script
text/javascript 172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f157.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:09:03 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECiBDHHRLoMO70KfeklUiVY&google_push=Aa02lx-0N4tifI96Xwng-QAGhrr6VBCRzY3jm4JcPNJhzO1CdKgexuDu5Q...

170 B
232 B

197ms
196ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECiBDHHRLoMO70KfeklUiVY&google_push=Aa02lx-0N4tifI96Xwng-QAGhrr6VBCRzY3jm4JcPNJhzO1CdKgexuDu5Q-DnPRawBBRa2AqeQ7QIl4cU6SI7CgkfaaZM4mCr7kYjw

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-syd10179-SYD
pragma: no-cache
date: Thu, 09 Feb 2023 11:09:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1675940944.339642,VS0,VE202
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECiBDHHRLoMO70KfeklUiVY&google_push=Aa02lx-0N4tifI96Xwng-QAGhrr6VBCRzY3jm4JcPNJhzO1CdKgexuDu5Q-DnPRawBBRa2AqeQ7QIl4cU6SI7CgkfaaZM4mCr7kYjw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEGvN-5YZBDp4FkoEIfjVJe4&google_cver=1&google_push=Aa02lx_abtGrxG18mI-js8o0gxfpz1eBuV0nuz-xl2tUYbFK0cusI23zrw_S8OiG_PLN_j8pYAs_v2G...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx_abtGrxG18mI-js8o0gxfpz1eBuV0nuz-xl2tUYbFK0cusI23zrw_S8OiG_PLN_j8pYAs_v2GZMZeeWdx3Elr3jCrtg-SBFw&google_hm=bwuAwOZIT5GiZ_O...

170 B
262 B

194ms
194ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx_abtGrxG18mI-js8o0gxfpz1eBuV0nuz-xl2tUYbFK0cusI23zrw_S8OiG_PLN_j8pYAs_v2GZMZeeWdx3Elr3jCrtg-SBFw&google_hm=bwuAwOZIT5GiZ_OsAmGBqRw

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:06 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx_abtGrxG18mI-js8o0gxfpz1eBuV0nuz-xl2tUYbFK0cusI23zrw_S8OiG_PLN_j8pYAs_v2GZMZeeWdx3Elr3jCrtg-SBFw&google_hm=bwuAwOZIT5GiZ_OsAmGBqRw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGIAWFYC3dK8rnhCd5jwyvA&google_cver=1&google_push=Aa02lx9BXxw-5__stIMhvx6V79BErPo8U2x_fWUKAFcTcLrbul2Nem5ZSItDfcOHCJEqVW3zrgVyEEMQSD5ij3AXSDIBFUZ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9BXxw-5__stIMhvx6V79BErPo8U2x_fWUKAFcTcLrbul2Nem5ZSItDfcOHCJEqVW3zrgVyEEMQSD5ij3AXSDIBFUZMTvKc9w&google_hm=eS1rVk5aOU1GRTJwRmNY...

170 B
232 B

194ms
194ms

Image
image/png

142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9BXxw-5__stIMhvx6V79BErPo8U2x_fWUKAFcTcLrbul2Nem5ZSItDfcOHCJEqVW3zrgVyEEMQSD5ij3AXSDIBFUZMTvKc9w&google_hm=eS1rVk5aOU1GRTJwRmNYVUxvc1IzTkVrWHdlb2dhSU9Zcn5B

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Feb 2023 11:09:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9BXxw-5__stIMhvx6V79BErPo8U2x_fWUKAFcTcLrbul2Nem5ZSItDfcOHCJEqVW3zrgVyEEMQSD5ij3AXSDIBFUZMTvKc9w&google_hm=eS1rVk5aOU1GRTJwRmNYVUxvc1IzTkVrWHdlb2dhSU9Zcn5B
content-length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 25A4 43 B
641 B 722ms
238ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEI2JWNoEOxa6BNFVVckABGk&google_cver=1&google_push=Aa02lx-tYhw7kPPMlJQ3FbiMnf9PGwt_1L-TQhqLQfp4XKfZ2MrxCILpFvJGqapY1XL6Ulc4DPKo-dg7H1lgaeCr-mIOSjklYjfo

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 11:09:04 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25A4
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEGK5rRY5U8N4kCZ9BIYqGMw&google_cver=1&google_push=Aa02lx8Z_2TgSHjGivttRJLtvKhWIVPc8huijj3nLYklFE5lksqP6wtr1VSSy2mu9paFF1ZZYh21b-bVOX2Ft0TYwHc2uCxj6ScKiQ
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8Z_2TgSHjGivttRJLtvKhWIVPc8huijj3nLYklFE5lksqP6wtr1VSSy2mu9paFF1ZZYh21b-bVOX2Ft0TYwHc2uCxj6ScKiQ&google_hm=f5653e511f60306cf...

170 B
188 B

195ms
195ms

Image
image/png

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8Z_2TgSHjGivttRJLtvKhWIVPc8huijj3nLYklFE5lksqP6wtr1VSSy2mu9paFF1ZZYh21b-bVOX2Ft0TYwHc2uCxj6ScKiQ&google_hm=f5653e511f60306cfc9c11a81d7c7156

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8Z_2TgSHjGivttRJLtvKhWIVPc8huijj3nLYklFE5lksqP6wtr1VSSy2mu9paFF1ZZYh21b-bVOX2Ft0TYwHc2uCxj6ScKiQ&google_hm=f5653e511f60306cfc9c11a81d7c7156
date: Thu, 09 Feb 2023 11:09:04 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 25A4 35 B
622 B 862ms
276ms Image
image/gif 182.22.24.124
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEBFKL9A2k1ToDve7KOOVVaU&google_cver=1&google_push=Aa02lx8I0bs5s8LJv4UiuL0HTMLaMg3QlsfQmbs04K57ixMfNXXQh0Bv-hnhbZ1Op9JMG6ZQUzjVnxAVebPzwNsm5KJXDBviK9N9fw

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.24.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

ATS /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
x-content-type-options: nosniff
server: ATS
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2

200

report
sync.teads.tv/um/ Frame 25A4
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENRmR9hUpBenTo6oYW2Iu54&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=N2Y5YjUzMGMtZDIyMy00MzRhLWE1ZGItZjg1YTg4NDRmMDJk&google_push=Aa02lx_B1uOKRO266sB2kY9cEtNjLGYsepmHIMeTpEq71RGiUKDFK9Vl8z2rodKkZqlSz...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

343ms
343ms

Image
image/gif

23.40.33.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.40.33.62 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-33-62.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires: Thu, 09 Feb 2023 11:09:05 GMT
pragma: no-cache
date: Thu, 09 Feb 2023 11:09:05 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 25A4 0
84 B 196ms
192ms Image
text/html 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRsFcMecC2fv-LbZeAKNySTTolsd0jKAHn3-3MLMWwKDbxI7ixILJdUgz6YOkJMrfT4v6T9QQ

Requested by

Host: 94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pubads_impl_2023020601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8DCD 386 KB
130 KB 192ms
192ms Script
text/javascript 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

sffe /

Resource Hash

e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 15:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133115
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:36:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Feb 2024 15:13:16 GMT

GET
DATA 200
OK truncated
/ Frame A0A7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfedff745ba4faceb34fb66e2a00d04f07848d4c5ae29ddf3edffe6a28f28679

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 irctc.json Show response
cdn.unibotscdn.com/clientdata/ 19 KB
2 KB 975ms
325ms Fetch
application/json 156.146.56.170
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/irctc.json
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.56.170 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 156-146-56-170.bunnyinfra.net
Software: BunnyCDN-SG1-978 /
Resource Hash: 651375dedc8080bda1585b0d2f00628426d829ff1ed26f17990977cd291919d8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
cdn-edgestorageid: 784
cdn-storageserver: SG-76
cdn-cachedat: 02/08/2023 06:27:42
cdn-pullzone: 873945
last-modified: Wed, 08 Feb 2023 06:27:14 GMT
server: BunnyCDN-SG1-978
cdn-fileserver: 424
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 1d61c8a98188eee3a008da45783847e5
cdn-requestcountrycode: AU
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 24E9 2 KB
1 KB 606ms
207ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y-TUTwAB3MsCrIo5AASzGO7xJZsIuZQPE-zSmA&u=%7CcY8BcfvWESuMLjxUpwMGakDdQ8FUlBIUJJM4E%2BdM5fo%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op95y2Yu2xOk3YIAr2PWN1BECKdg9VDOUoS-taJNOE5ehPlmTW5BnyYGjkv88MWE_k9znBBFMWkTMaRj91ElYObNca9HPyHXSLtNM2XG57JJxW9CKgVDwAen4bbeaN8Dadt1C5PB0RW2s1b_x8D0IXtweNHVMxVbcRvZ-8d6xcaehmiD29zzZu33vYCJ4RDW2pVd3vc7fRLVfHJwpFx1Djmtw0cgTJBs7urVyYVtlFvl4qI70dScUNaFTjuwEltmi4KTPOzASSSujqjVdzSwhPVOO5qGo1_9owTS2F0Sszr_ng14dPMEQtw2JuQNr8HyW0SmfR9h4xhSbYq4lkJa320mK-5r0gS_ZdaM7Xk5vgV5zcf4bniBbMpPYla99w7bCBJkD-hcZ6pEdF1FKVrMjXaJ4sbnzVoVJTL2kn9RCQ-j6eMnj2Vsh84NZA0bWWttJtkN8dSSF7hRy0QyT0ivU2f2i1dTxHeEeeTsu-BDU2WjYO-bg--MbkVP1fNsfJjSMDU7KOHsfWx77pQht8n7BilsCTHBmqfy8mFi4tWuZ2KlB-Ue2IVcRr1K1J6SYAH0r27ABJJn2LoCzSxRE6v5siPsos&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfNusT9TkY8u5B7mUssUPmOaSwA-Y_NGxXLKLtOWFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi02Njg1NzExMDI2NjU3Mjc3yAEJqQKLFQUZRVmnPuACAKgDAaoEgwJP0GBEw7dBQcB-8CWjmKJD_YTGp3O8-gJwhXBfje86PsIwq0Ii3nhMDPVzk5Kg6-cv4GXU46LAjYKTpAVbIEpor9RfALxKZlOl9fGKNeYf9TqqeIa6QF_QiuRTltIp0mmPVze_8s1b83QMEEiQJau12gnYdIWVcREZTwuvdFnrkW4qgEqb8L9oIe98edpxgnYbZLIgU9YkJYnpYSsidyne7-EM2_wwrNmXZqS-aXQ4H0izHcEb_R1Scvkjp9x7WrhULk7mM53cQm7HIfJzNbyqOrPA43tgNogzfdIH2H-EGjyFakluFWoQUANss34rtsFc6z4slUwKrX8r3j_r6Be2enfd4AQBgAbOi5apkq_vqewBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3KXhwztC0Tw1DR_IlU4EmdjLRFng%26client%3Dca-pub-6685711026657277%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 24E9 2 KB
1 KB 594ms
195ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 24E9 308 B
637 B 586ms
194ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 24E9 293 B
621 B 601ms
210ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 24E9 43 B
348 B 591ms
197ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=5fkH25ws89m7xuUuZmE9nGh7lW2E80GAAYRvpPVJP843obfpWgDXiL5hK_KSInLt8q7YixVg4_V6mHH5PNdKCWR6HKLfhiDtrooF9h9uatGIeJYfFOG2aJnqxy9LHlSRIc0bZVpIVy8c8o9vvSmSo5iqRs8ex2Gh8KZ4jUZynkKzduu9IyRaXDbRkQjM-6xqslxvxMh0DcSBGYqo_HoQOTKYrwwV-Dkx5YfmjKZT2COs3Ab1OvsfKIkdkZIGt2s67EtlqoL79K_aH14Q0sRryVRUyHf6vcXIXiKiK0oj8o4Ou0ZaA66tAbCBgQzbSiWIgla-MGZ29xEobvOJt4O4x63b008rJg9HhqFDURYz-OGOocBNZIuLRwokOZ4jrNmPX4TBmG-fbBA1gqGmiTd_5r3H8jWniPLsVDcIa-xHtqn9xsP7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2771276
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 24E9 2 KB
842 B 519ms
197ms Stylesheet
text/css 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 24E9 2 KB
841 B 517ms
196ms Stylesheet
text/css 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.com.au/adsid/ Frame 8DCD 107 B
122 B 192ms
192ms Script
application/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=assistant.corover.mobi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8DCD 107 B
122 B 194ms
194ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=assistant.corover.mobi

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8DCD 21 KB
9 KB 345ms
343ms XHR
text/plain 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858906600495362&correlator=2504911798209269&eid=31072120%2C44761478%2C44752585&output=ldjh&gdfp_req=1&vrg=2023020601&ptt=17&impl=fif&us_privacy=1---&iu_parts=21748009408%2Circtc.co.in_320x50_corover&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=1&adks=3049664599&sfv=1-0-40&sc=1&cdm=assistant.corover.mobi&abxe=1&dt=1675940944721&lmt=1674482709&dlt=1675940942946&idt=1752&adxs=0&adys=0&biw=-12245933&bih=-12245933&isw=320&ish=50&scr_x=-12245933&scr_y=-12245933&ucis=m70i522mi97x&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fassistant.corover.mobi%2F320x50_placeholder.html&ref=https%3A%2F%2Fwww.irctc.co.in%2F&top=https%3A%2F%2Fwww.irctc.co.in%2F&frm=24&vis=1&psz=320x50&msz=320x50&fws=256&ohw=0&ea=0&ga_vid=1169563339.1675940945&ga_sid=1675940945&ga_hid=1711249188&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

1e9310b56e81bd69b05723a32cdd8da4c091d82670546e7f983b35f191a4faa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9252
x-xss-protection: 0
google-lineitem-id: 5109993963
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138393875762
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://assistant.corover.mobi
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8DCD 14 KB
11 KB 579ms
198ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

dd8bc701b7c935d9208309dae1183a965e300d623c7ad2ae717c8b03bf76adf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11095
x-xss-protection: 0

GET
H2 200 container.html Show response
176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 698C 6 KB
3 KB 195ms
191ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:09:04 GMT
expires: Fri, 09 Feb 2024 11:09:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 12C9 0
0 195ms
195ms Fetch
image/gif 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFRa3YYZdLvB-TPe9fSx1ViddWjqUEpAkMgoyXTgbNN31nPqBEJzC8FZVhPoaOpQ7ZwXcA0JscssGYI2ENF65R93UtylZa2gvFIf-roTHOK8lsYy5agVey3yZorqsS4zyt3jb12YPngpYtHgJSF0dYBcfNzeSwCGWJkzNc3sHjK8_MTISanjwYir8cG2kg0YqyhH8DmAazmJzsHCiCzT6sfHOUgUYwNUWNtQq8foziycTsNUhwgEdjVE5iKEEVcW9Iq0LF7cXZM9nX79njwYSPqvkjITB17TOetMAvjAPYzWvcwA-smQ-SihXN2QrDgtcA69I&sai=AMfl-YTh_j_Q-ETPuqnE3wGqOmflLGyHLa_K8lbktZTbl-9-j5guETMs9NrRlqlECQNBjoBQjmLBXN9C9T2edf_lLCqLkzsl2wQQ1Xu21lX0KoVUwkHyHhAhmXsVbjE7SOQ&sig=Cg0ArKJSzPUfdnHOBWETEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 11:09:04 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 085C 0
0 195ms
195ms Fetch
image/gif 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuePXY1DCS5sA3vNcss0tz_ZPUvnaibdrz5UCB214YQKRUqwepJorl3PgjWtuLKRnkO-sljSUOi6ZX0S4vMCQ314q3Dq4lSUrtvQrHgzHWr02tP7bU_dAz1sp2F3kOrTqF0lXtxHyRylIYwhgxahmgw3_csXp8kGHL5BHfm4Yytm_AilfvsJA2sua2XI5A8kgJNlwZ4Pu6hWo62ySgkq7A1Ncn1xHwRCtkeUS6UEbTEjqqHHv_32PcunM5Xv-bIvnux3hT3BAmAzwFeIA_TCy6G8lp-sDHwvJWgg38_QwjJdWzjC0uQYIZa-j0nSs-kXmmqDaFT9MK4pDx2gKA&sai=AMfl-YRXcd-Y3BGq00nHZCpJiSgC-04PoH7OZmvBYGC_RojG4IsQY_3ADrjfKo1A0OM4dF2ldKXnERdK9jyVsRKoPhcVLa6AeVxJ9QkArcedsYOFTv4ZUylqexedSos-xaM&sig=Cg0ArKJSzP5Szqs5ncpzEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 11:09:04 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 24E9 12 KB
6 KB 235ms
234ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 24E9 9 KB
9 KB 620ms
223ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32092&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2135%2F0257%2Fproducts%2FDT6791-AW-2.4m-Dining-Table-Messmate-2.jpg%3Fv%3D1639108136&v=3&w=800&s=IcXKIMf5SDyTSV6_28g_weKe&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ed4cc21191632a60c41a15b2d0144522abfdb611477a6bf9cf23b459f901d13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28705854
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9268
expires: Sun, 07 Jan 2024 17:00:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 24E9 21 KB
21 KB 930ms
534ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32092&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2135%2F0257%2Fproducts%2Falenzo-nest-of-coffee-table-natural-golden-base-side-table-set-nicki-core-601980.jpg%3Fv%3D1628386419&v=3&w=800&s=8d6GkraMQ1fBHpCq1udBPKPt&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

b5088b29d3bd9751f82cb34d0139b3bfd2ae7bdf0ed9a3558d03c92561d6c755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28671899
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21162
expires: Sun, 07 Jan 2024 07:34:05 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 24E9 18 KB
18 KB 842ms
445ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32092&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2135%2F0257%2Fproducts%2Fset-of-2-duke-bar-stool-black-bar-stool-sendo-core-218511_0a4865ac-f2ec-471b-9a35-5d59c0294f9f.jpg%3Fv%3D1661397876&v=3&w=800&s=bs3bssyZ4YMtZX157wyN9m-w&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

c5dd631bcd4d3dec1fe23573ea6cbc6db752de2f72caf00abfbf48cee5d58c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27759755
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18334
expires: Wed, 27 Dec 2023 18:11:41 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 24E9 8 KB
9 KB 1017ms
620ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32092&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F2135%2F0257%2Fproducts%2FTV8207-DW-3.jpg%3Fv%3D1673566252&v=3&w=800&s=iTORr4SX21XMXoLr_aOw3VTs&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

a1e6794446516b2af4e51eeaca2aabe141cab756b6c21c93f8c2a6502dcd58ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29228666
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8596
expires: Sat, 13 Jan 2024 18:13:32 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 24E9 4 KB
5 KB 1026ms
629ms Image
image/png 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?h=496&m=0&partner=32092&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F32092%2F170905%2F8c374b7cb62047d28b2d19b458617118_logo_lightbg_horizontal.png&v=3&w=196&s=Aut0QlZKvoMnYx53CZNs0WyU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

b4a8f90a67beb609d15de12f680d5318609efa323cd733601870d31ba217398d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=27701313
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4369
expires: Wed, 27 Dec 2023 01:57:38 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 24E9 0
128 B 589ms
194ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=bnm8nEuQ8R8sV7Rpt3uMYKl3d6Y785c5FLoZx64tELtekyx3EmkohL0hgBsh0f7zrXGEHnTnvgGkSftACfwFO_UwM2Otg-V1pQQ3NgZpo55Hm4NbgpdLYLRqZbXL7yqp8NykIJAYiTdEFcHmwlhcWV2Jvszyw9nvWXCDXCuxBOp3bguw4bnSWPq15l4okRPn5zxTdQMZtNX4UCQJwUyI73NiRx8OystOyUSJ-Wf9tJVH6yHvPB0RfYxhj6N2-KhPRhUVod-M07HBDjke&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Feb 2023 11:09:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 24E9 2 KB
1 KB 195ms
194ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 24E9 2 KB
1 KB 202ms
201ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H3 200 container.html Show response
176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BCD7 6 KB
3 KB 193ms
193ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:09:04 GMT
expires: Fri, 09 Feb 2024 11:09:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 24E9 15 KB
16 KB 863ms
474ms Font
application/octet-stream 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.as.criteo.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 24E9 15 KB
16 KB 781ms
394ms Font
application/octet-stream 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.as.criteo.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Feb 2024 11:09:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame BCD7 22 KB
9 KB 191ms
190ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
URL: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 04:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Feb 2023 04:36:43 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BCD7 24 KB
6 KB 197ms
197ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
URL: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Feb 2024 09:06:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCD7 156 KB
48 KB 194ms
194ms Script
text/javascript 172.253.118.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
URL: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f157.1e100.net

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:09:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A0A7 42 B
64 B 193ms
192ms Fetch
image/gif 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvC7SrhHJoO3e3dVlKOtt5sUpKsYGGG_P2nb_Jw6yRos-RHRBG4zxH1tp2yQ7bCKSjh6dW5Uu_l9sei-FDqdY-HkHqC&sig=Cg0ArKJSzLC2GlTuu0wPEAE&cid=CAASFeRospvZOSvn121DE3sNK-c00_inCw&id=lidar2&mcvt=1000&p=950,208,1200,1408&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3390067838&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675940943671&rpt=639&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8DCD 17 KB
7 KB 194ms
193ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://assistant.corover.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:09:05 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame BCD7 109 KB
38 KB 575ms
191ms Script
text/javascript 142.251.12.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
URL: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f148.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com/
Origin: https://176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Feb 2023 16:44:04 GMT

GET
H/1.1 200
OK block Show response
api.unibots.in/ 45 B
288 B 770ms
257ms Fetch
application/json 45.79.126.27
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unibots.in/block?client=Irctc&page=www.irctc.co.in/nget/train-search
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.79.126.27 Mumbai, India, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 45-79-126-27.ip.linodeusercontent.com
Software: / Express
Resource Hash: 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Feb 2023 11:09:06 GMT
Keep-Alive: timeout=5
X-Powered-By: Express
Content-Length: 45
ETag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Content-Type: application/json; charset=utf-8

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AA3 13 KB
5 KB 192ms
190ms Document
text/html 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 113656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 03:34:49 GMT
expires: Thu, 08 Feb 2024 03:34:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2D85 783 B
536 B 196ms
195ms Document
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

GSE /

Resource Hash

77546c2fade104fe7e8bdbbb508a37f0d52e1e20ab4f94e63bf1bf001ff86b94

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uyxu9Jyh4QyHn1PTOw34UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assistant.corover.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Uyxu9Jyh4QyHn1PTOw34UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:09:05 GMT
expires: Thu, 09 Feb 2023 11:09:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2D85 0
0 213ms
212ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020601&jk=2858906600495362&rc=
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AA3 36 KB
14 KB 194ms
193ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 21:57:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12C9 42 B
64 B 193ms
192ms Fetch
image/gif 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJxXdAF224Vf8-1ldx4hoo73fPqmFOZOCt7VxA4NQxGnCNO_nDPnoLVatrXhhiOcKR5bgPT4bJ9Ecid9tRKnW2Vs27Tm0Bv7ri-Miuix-0jh1mdYVk&sig=Cg0ArKJSzOWZqbGe4M_9EAE&id=lidar2&mcvt=1000&p=781,323,871,1293&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4165385285&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675940943654&rpt=1127&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 11:09:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 24E9 0
127 B 194ms
193ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Feb 2023 11:09:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4AA3 0
10 B 190ms
190ms Image
text/plain 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bBHDRA
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/train-search
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 irctc.js Show response
cdn.unibotscdn.com/clientdata/js/ 589 B
786 B 319ms
319ms Script
application/javascript 156.146.56.170
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/irctc.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.56.170 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 156-146-56-170.bunnyinfra.net
Software: BunnyCDN-SG1-978 /
Resource Hash: 6f01be0c587e61b2a221d2b0bc090338c0fe9c76e4616bf71a5b2bb347674277

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
content-encoding: br
cdn-edgestorageid: 1024
cdn-storageserver: SG-76
cdn-cachedat: 01/21/2023 20:20:15
cdn-pullzone: 873945
last-modified: Fri, 13 Jan 2023 11:20:39 GMT
server: BunnyCDN-SG1-978
cdn-fileserver: 425
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63c13e87-24d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 75f603cb6a452f5fab697abce6ff3a93
cdn-requestcountrycode: AU
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 irctc.css
cdn.unibotscdn.com/clientdata/css/ 2 KB
1 KB 320ms
320ms Stylesheet
text/css 156.146.56.170
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/irctc.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.56.170 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 156-146-56-170.bunnyinfra.net
Software: BunnyCDN-SG1-978 /
Resource Hash: 79c9c191c8c75809dee52db9025eb10d5bccbf2821f1fab385fbb4bf3b20ff37

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
content-encoding: br
cdn-edgestorageid: 715
cdn-storageserver: SG-76
cdn-cachedat: 01/22/2023 02:14:58
cdn-pullzone: 873945
last-modified: Mon, 09 Jan 2023 12:18:10 GMT
server: BunnyCDN-SG1-978
cdn-fileserver: 424
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63bc0602-68d"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: f2e56d45db26ab573ba5a4d8cf672245
cdn-requestcountrycode: AU
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 4 KB
2 KB 323ms
323ms Stylesheet
text/css 156.146.56.170
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.56.170 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 156-146-56-170.bunnyinfra.net
Software: BunnyCDN-SG1-978 /
Resource Hash: 5227153a9de496caa2ec6bda8b7daff8e4fdc7d4f309121b094f939a6289da43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
content-encoding: br
cdn-edgestorageid: 981
cdn-storageserver: SG-105
cdn-cachedat: 01/21/2023 21:27:26
cdn-pullzone: 873945
last-modified: Thu, 05 Jan 2023 12:00:51 GMT
server: BunnyCDN-SG1-978
cdn-fileserver: 233
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63b6bbf3-ed7"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: c6c7444610e7821ad968a35d4b537bb2
cdn-requestcountrycode: AU
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET index.html
s0.2mdn.net/dfp/1802824/4638801769/1654523382194/ Frame 67E9 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame BCD7 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame BCD7 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 198ms
198ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020601&st=env

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/polyfills-es2015.92db6019d455ba03538e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

11323a8b60399c39e26fb86ddf74430a3a9ab0e0f52ba8b8a61128fcdec55269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11151
x-xss-protection: 0

GET
H2 200 eyJrZXkiOiJiODRlZGIzNjg2M2U5MjNhZTNlYmRmNmJhMmQ3YTdmNyIsImN1YmVCb3hJZCI6Im5scEN1YmVCb3gyMDBYMjAwIiwiY3ViZVdpZHRoIjoyMDAsImN1YmVIZWlnaHQiOjIwMH0= Show response
cube.nlpcaptcha.in/index.php/cubes/getCubeBox/ 349 B
957 B 1277ms
434ms Script
application/javascript 95.217.169.79

General

Check archive.org

Show headers Download Go to

Full URL

https://cube.nlpcaptcha.in/index.php/cubes/getCubeBox/eyJrZXkiOiJiODRlZGIzNjg2M2U5MjNhZTNlYmRmNmJhMmQ3YTdmNyIsImN1YmVCb3hJZCI6Im5scEN1YmVCb3gyMDBYMjAwIiwiY3ViZVdpZHRoIjoyMDAsImN1YmVIZWlnaHQiOjIwMH0=

Requested by

Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.217.169.79 -, , ASN (),

Reverse DNS

Software

Resource Hash

eea9236da8e59594936a2035e4f1f1920eae76d8460db6b7397fd763abcf3a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Thu, 09 Feb 2023 11:09:07 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
etag: W/"15d-QTrx3Oz0UZj1TSIi0vlsbWG87HE"
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
content-type: application/javascript; charset=utf-8
content-length: 349
x-xss-protection: 0

GET
H2 200 cross.png
cdn.nlpcaptcha.in/cdn_images/cubebox/ 5 KB
6 KB 414ms
414ms Image
image/png 169.150.207.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlpcaptcha.in/cdn_images/cubebox/cross.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.207.217 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-207-217.bunnyinfra.net
Software: BunnyCDN-SG1-1031 /
Resource Hash: 5767ea37cc6e0f007949ede91dbcc11f56460cbf2bdd4cd488d8a1f2904c56d3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
cdn-edgestorageid: 979
cdn-cachedat: 09/21/2022 11:11:45
cdn-pullzone: 87331
content-length: 5287
last-modified: Tue, 26 Apr 2022 05:49:03 GMT
server: BunnyCDN-SG1-1031
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "626787cf-14a7"
content-type: image/png
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: 3e1622ed44637aa4662df0f8d188f2bb
accept-ranges: bytes
cdn-requestcountrycode: AU
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 drag.png
cdn.nlpcaptcha.in/cdn_images/cubebox/ 5 KB
5 KB 366ms
366ms Image
image/png 169.150.207.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlpcaptcha.in/cdn_images/cubebox/drag.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.207.217 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-207-217.bunnyinfra.net
Software: BunnyCDN-SG1-1031 /
Resource Hash: 65d6673b64cd70f41775af32a63a74d40bfaf3b9946575cc5ee4d1cadba12efb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
cdn-edgestorageid: 1024
cdn-cachedat: 10/14/2022 03:18:50
cdn-pullzone: 87331
content-length: 5192
last-modified: Tue, 26 Apr 2022 05:49:03 GMT
server: BunnyCDN-SG1-1031
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "626787cf-1448"
content-type: image/png
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: eddd66849f8a14196b2d0fca20affd4a
accept-ranges: bytes
cdn-requestcountrycode: AU
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 192ms
192ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 11:09:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 09B5 13 KB
5 KB 192ms
191ms Document
text/html 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 113658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 03:34:49 GMT
expires: Thu, 08 Feb 2024 03:34:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ECBB 783 B
535 B 194ms
193ms Document
text/html 142.251.12.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f103.1e100.net

Software

GSE /

Resource Hash

1643c5c732b04de95f026b6b1e22872d3dd123286f12b2884b2dc1877cc46668

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NZrVOO5TSro-S4YvGmKSAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-NZrVOO5TSro-S4YvGmKSAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:09:07 GMT
expires: Thu, 09 Feb 2023 11:09:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ECBB 0
0 192ms
192ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020601&jk=780447519093834&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 09B5 36 KB
14 KB 191ms
191ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:57:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 21:57:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 09B5 0
10 B 191ms
190ms Image
text/plain 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IlGkJA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 index.html Show response
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/ Frame 100D 3 KB
1 KB 1228ms
318ms Document
text/html 138.199.46.66

General

Check archive.org

Show headers Download Go to

Full URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Requested by: Host: www.irctc.co.in
URL: https://www.irctc.co.in/nget/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.46.66 -, , ASN (),
Reverse DNS
Software: BunnyCDN-SG1-858 /
Resource Hash: 7ca4630d850597a3460cfe35ee6df2f97aae1271ffe737465eeac11505b449d5

Request headers

Referer: https://www.irctc.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 11/24/2022 09:59:19
cdn-edgestorageid: 980
cdn-proxyver: 1.03
cdn-pullzone: 753745
cdn-requestcountrycode: AU
cdn-requestid: 1a13a47abdd21cfa1ff02aa05b1949e6
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
content-encoding: br
content-type: text/html
date: Thu, 09 Feb 2023 11:09:09 GMT
etag: W/"63773bce-c67"
last-modified: Fri, 18 Nov 2022 08:01:18 GMT
server: BunnyCDN-SG1-858
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 194ms
193ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020601&jk=780447519093834&bg=!8POl86fNAAaq5O5FiuQ7ADkAdvg8WudsLm9Xkd0FiqSHAVaUxoR1eaJu8-adE7_sdp8NG4fvBdzwlbIYbuqPXCEcFzGrs_wLa9sCAAAAUVIAAAACaAEHCgAZGdQ9WAA_uLVL1fIDD6_uLqcPUd3kAqO-QZkClPE1UhBlUU3bhOOk2eDt9GJlkxxwiM6ujqZR2mN9jr4PMLkSdBQwx92_oTTVp1ohR48RvjR8cipgm_EB3kQKs51CLrlYxzwfX7QoQG-TlsAsiSgdzj5OFkDzyIS9H_3nTyLsIlIxrrTHQafRGJr3SKQ-bw32HsLQItxwfTUGcJdSPmB5rFJQHHgRvp_SZe49BsSRDRIjUAABpl0pq5ZUlMw4v7mk867hx-ITmloDHXVXZltpRYb6ei1ggYfX38wG0AbLVV15W5sTF2g2HX50olH5iiafQBPgbxzICKzz7SCtypZaqP9cYgUU3TN7Wxy1KcFQedRcGobNJagO4l-U88skZZBb_A26JUJqcq__10FNWemhesnnV2BCZQvy9fg5AWCyxzQbEDOZ3-vr2drh25CQtnEv07iDpOXXqeC0BbP6Di2G4ay8mmw6d3qH735Xv_aqjZ41Kf3JHOo6ZWrq68rIRxXHbmjQlup7ID2-NzZmSnYR0I9_3XoFRrA8vdMPnKM75w1rYNk1uicsqv9sObdakdZEY-nz8v0cJbzW79DTt3O3QaVDTIAJncNP0TN8zEtqOysbAEwTu0N0AXa3em-B8G6ddgj7M4ZrC6CkS9VLkuak0p7PqcGsOUegyrMQycl0_q8TjgG8n07x-6wweg4rBrW4JT38XbWv7QE0fRlKPCFuVCe6vzNg8s-ThIQ5RsxCgBkG-aT8CcPVuUno8sbyojLN703uPPlFsTaV0xzLkRszUAN9a7GbxyJVh77D3BTUxgIcHecVWuebxjIoqR9SXKWot1UYHTpDundsC-HtAD7j-7EzLvtXlAFRMwudAxeLNigIxQ8hvBpo0vduB-Nit4Pnl50gRsFMJOokNVVfntGdcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.irctc.co.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 1_fly.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame 100D 15 KB
0 456ms
456ms Image
image/jpeg 138.199.46.66

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/1_fly.jpg
Requested by: Host: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.46.66 -, , ASN (),
Reverse DNS
Software: BunnyCDN-SG1-858 /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:09:09 GMT
cdn-edgestorageid: 945
cdn-cachedat: 11/24/2022 10:00:38
cdn-pullzone: 753745
content-length: 55235
last-modified: Fri, 18 Nov 2022 08:01:18 GMT
server: BunnyCDN-SG1-858
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63773bce-d7c3"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 9056c4d0-b0f0-4cf2-afde-2106200f0b2b
cache-control: public, max-age=2592000
cdn-requestid: 2112df1bd62741b5c56278852683cc31
accept-ranges: bytes
cdn-requestcountrycode: AU
cdn-status: 200
cdn-requestpullsuccess: True

GET 2_hotel.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame 100D 0
0

GET 3_bus.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame 100D 0
0

GET 4_glance.jpg
cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/ Frame 100D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.irctc.co.in
URL: https://www.irctc.co.in/eticketing/StationLinguisticNames?hl=en_hi

Domain: assistant.corover.mobi
URL: https://assistant.corover.mobi/320x50_placeholder.html

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1802824/4638801769/1654523382194/index.html

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiuAczTS_duq28CGAcCQjVdvqKjDvDpH0yUSGypk650WLZJG2qV9ypqw8ckfcpA8KoaegeR4upPhUr8KncltNj4eyo0oW3ByXWTjzKj_C-7fnsvtu25S3SBgVBOuYwt2PN4U_vf2D-D6AKQYLcnWMlREbOGdBQskf_cH6-eHBYlbHh3-keS605DRw2yuiZiazfM6mGbIfrnXWuOh9TbR3M7IHIGHBY3Ds8hv0URYPjtaLoSFPZXDI1Iq6OEuBNNcFn36C8yAfYpRbCWI7ME4WFx95ybq7DWxRzjK3NY7TApAoZvEZepVVPgHIaxxrnJxCicV5j0WE85zW6sHIT7tmZDponKonEZAA&sai=AMfl-YQiNBUnM8nDpI-oqJv6MN3IWd55x-qj9V5XnnFv8lqkSd9Ll934N8G3PDqEkkdqPBs_5Y8A6tO8EYQHhBOw3hHrFs4RTzvVGu-cqA&sig=Cg0ArKJSzMMeg7u2llx4EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1cAowlWg7SiGiNPtw4W-jIXuGW9AhpChPd_r2iWDe9m7jdtmkQutJLI4DRQH4CpsQFdjYzupp-XOFyMrxiwCKY6bbVhwKIqgETvSYeSwZAcO6kxt2&sig=Cg0ArKJSzBRKtGYH8on2EAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230208&bin=7&avms=ns&bs=0,0&mc=0&if=1&app=0&itpl=30&adk=3049664599&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=2&r=b&rst=1675940945078&ec=1&wmsd=2&pbe=0&vae=0&spb=0

Domain: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/2_hotel.jpg

Domain: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/3_bus.jpg

Domain: cubecdn.nlpcaptcha.in
URL: https://cubecdn.nlpcaptcha.in/cdn/Web_Rotating_165_1668758478/images/4_glance.jpg

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.irctc.co.in/	1970-01-20 19:08:20	Name: _ga Value: GA1.3.109911499.1675940935
.irctc.co.in/	1970-01-20 09:33:47	Name: _gid Value: GA1.3.904819680.1675940935
.izooto.com/	1970-01-20 19:08:20	Name: IZCID Value: 9c2801ac-581c-45c1-ac07-0458fd570653
.irctc.co.in/	1970-01-20 18:53:56	Name: __gads Value: ID=e12d520539c1ccd9:T=1675940940:S=ALNI_MYYfJD1niWQpu68WSxUzSnSgq-sAA
.irctc.co.in/	1970-01-20 18:53:56	Name: __gpi Value: UID=00000bbea90e7c15:T=1675940940:RT=1675940940:S=ALNI_MbimD64jt8gWh6V_dTK-4ytC4HUxA
.irctc.co.in/	1970-01-20 18:17:56	Name: FCNEC Value: %5B%5B%22AKsRol-41VK1fTwf7sw6i9Hmh7vVwsqdxbSIcoiakHBQ-mBUKf2lyzsNDxpwossByzUWS4nvS2w7VWelzrJDV2oYMas8rdIZpH770tTvboSELz3erCltBh1DAiNgkP4ODreSv8f3LZ3mRKzv5FXj18X5H2G0lmyGxw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
www.irctc.co.in/	1969-12-31 23:59:59	Name: JSESSIONID Value: bwo13UvJyAb7FtMzM1HS29cxJT0O0y7jMR1w8XQJbQzrIK1akuR9!951624188
.contents.irctc.co.in/	1969-12-31 23:59:59	Name: TS01016c05 Value: 01d83d9ce7fe684ee986daabd17a4c48b99a9ad834fdc101db239d95209c0b35c7af49611a06fe213351663c4cc4eef09d4e5ce87c
www.irctc.co.in/	1969-12-31 23:59:59	Name: et_appVIP1 Value: 872566282.16927.0000
.irctc.co.in/	1970-01-20 09:32:21	Name: _gat_gtag_UA_122267849_1 Value: 1
.doubleclick.net/	1970-01-20 19:08:20	Name: IDE Value: AHWqTUkyet1KcvvLJoIpal1PwbVE_OkS73CKH0RX7bBMDEwo-qogBse5nP9Zwi5e3Bw
.ctnsnet.com/	1970-01-20 18:17:56	Name: cid_6f0b80c0e6484f91a267f3ac026181a9 Value: 1
.ctnsnet.com/	1970-01-20 18:17:56	Name: gid_CAESEGvN-5YZBDp4FkoEIfjVJe4 Value: 1
.everesttech.net/	1970-01-20 18:17:56	Name: everest_g_v2 Value: g_surferid~Y_TUUAAFm5e4PQAb
.yahoo.com/	1970-01-20 18:18:18	Name: A3 Value: d=AQABBFDU5GMCEJasYaSgrn5nPCGahXqssTUFEgEBAQEl5mPuYwAAAAAA_eMAAA&S=AQAAAiEWwjWw6Ak0Bl_1KUty_QE
.send.microad.jp/	1970-01-20 11:41:56	Name: TR Value: df46fb4489f65f8846066eac98683cdb1d3c11f88d933bb0
.adingo.jp/	1970-01-20 10:15:32	Name: ID Value: f5653e511f60306cfc9c11a81d7c7156
.yahoo.co.jp/	1970-01-20 18:17:56	Name: XA Value: aq0985hhu9l2g&sd=B&t=1675940944&u=1675940944&v=1
.yahoo.co.jp/	1970-01-20 19:08:20	Name: XB Value: aq0985hhu9l2g&b=3&s=va
.teads.tv/	1970-01-20 18:16:30	Name: tt_viewer Value: 7f9b530c-d223-434a-a5db-f85a8844f02d

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.irctc.co.in/nget/train-search Message: Mixed Content: The page at 'https://www.irctc.co.in/nget/train-search' was loaded over HTTPS, but requested an insecure element 'http://contents.irctc.co.in/en/Web_alerts_700x90.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEBFKL9A2k1ToDve7KOOVVaU&google_cver=1&google_push=Aa02lx8I0bs5s8LJv4UiuL0HTMLaMg3QlsfQmbs04K57ixMfNXXQh0Bv-hnhbZ1Op9JMG6ZQUzjVnxAVebPzwNsm5KJXDBviK9N9fw Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

176bd92632c4c9b6c50bbb1185eee05a.safeframe.googlesyndication.com
94a71ea4084030403dd62f4ccdf3a5aa.safeframe.googlesyndication.com
ads.as.criteo.com
adservice.google.com
adservice.google.com.au
aid.send.microad.jp
api.unibots.in
assistant.corover.mobi
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.izooto.com
cdn.jsdelivr.net
cdn.nlpcaptcha.in
cdn.truenotify.co.in
cdn.unibotscdn.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
contents.irctc.co.in
csm.as.criteo.net
cube.nlpcaptcha.in
cubecdn.nlpcaptcha.in
dishav3.ap-south-1.linodeobjects.com
eticket.ap-south-1.linodeobjects.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ipac.ctnsnet.com
irctc.co.in
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pix.as.criteo.net
pr-bh.ybp.yahoo.com
rtb.jp2.as.criteo.com
s0.2mdn.net
sdk.irctc.corover.ai
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
uiresource.ap-south-1.linodeobjects.com
uiresource.blob.core.windows.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.irctc.co.in
assistant.corover.mobi
cubecdn.nlpcaptcha.in
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.irctc.co.in
103.252.142.21
103.252.142.22
103.252.142.27
104.18.10.207
104.18.18.117
104.18.217.65
138.199.46.66
139.162.42.49
142.250.4.102
142.250.4.132
142.251.10.154
142.251.10.94
142.251.10.97
142.251.12.103
142.251.12.148
142.251.12.154
142.251.12.156
142.251.12.94
151.101.1.229
151.101.2.49
156.146.56.170
169.150.207.217
172.104.56.205
172.217.194.102
172.217.194.155
172.217.194.157
172.253.118.157
18.139.238.23
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.142
182.161.73.148
182.161.74.19
182.22.24.124
20.150.114.33
202.233.84.1
23.40.33.62
3.111.180.10
35.186.193.173
45.79.126.27
52.193.47.13
54.192.150.98
74.125.130.132
74.125.24.156
74.125.68.157
95.217.169.79
0249990b2729bc3064b6ab3ca227955708e9599ff362008931c7d73b9eccee4c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09abcd93a612c0eff446b57176ab9520a6826bf88fadbae6c10093b389ce51cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
11323a8b60399c39e26fb86ddf74430a3a9ab0e0f52ba8b8a61128fcdec55269
11ebf641b813e8a0a052556192651e12b650e6386f8a252b46843c8bd20e9a84
121b9155bb21017f5b6cadd4493fe1946bdfd3370123ec6576d24e011a9a702e
1643c5c732b04de95f026b6b1e22872d3dd123286f12b2884b2dc1877cc46668
172d69ea24f81ead966ddd005f1868a2d0c34748229f85265e8c48e61c25f1e8
1a435e38d1ebd36e06475ba4851e212bc3e800007ac9e1d874dedf10691134b6
1e9310b56e81bd69b05723a32cdd8da4c091d82670546e7f983b35f191a4faa4
262963e8e03e2668c715978d71b6c65cc44688477bc24ed857049cc816494472
29395c5352fa16a6e5db9b6db042b016b4703c3f13c2ac2e50daf2fcbe80917a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d8a9d9440779033ef22fda8f3e83636de66dae6fb36720c3c9a077bc4e19a25
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e00b312b0a9681bef09f9085a4e918b8fceb0c0b1c043dc17c90beef5fa446c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33637f6b6a3662f9c036a67e1d0fd93836de662694bfe8b32d60acb164a752ff
38a9402c194c04c8938d549d6f8c2bec5f4b67a105d9443bb0a928795898b937
38fa9ef0a9b1bfed89c84a815e2f827a690dd92cbdcda7a4f74f2020ccd9d7f3
3b4c1f54376b082499b8eda5f0d5138714cc785243bf347a7bb38816ed6d1d82
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485dee28b836ceffebb2603513be31de136e0ab4f06eaa07192c9599ccbebb0d
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4b42b66068f63a2d4155a4927995299dd5b0d48415755f4453b958e6f8faefa2
4dc56c750713f32eca2279a7c5f231687bad8a0e061163190467c8b233f48075
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e332dddbbf42315e57389a1acceeba09e8e557301137fa7c17084463d90ee10
4fbda464b0ab362bf4a8767ef18fcce104801dc20ea391eb390dff26bc5b5287
519538ad530d1ba2e60c8a3a9c864663edd0c1adfb729925c8e665d71c9af6b2
5227153a9de496caa2ec6bda8b7daff8e4fdc7d4f309121b094f939a6289da43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5767ea37cc6e0f007949ede91dbcc11f56460cbf2bdd4cd488d8a1f2904c56d3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ba5e420bc8592ac1d1c281ecf90ad92c17f023e96c8a2bd9e12d072cb75cdce
5ce8bf6ae4d027eba517d00945ea878f377dd31272849fd33d553dffad1f7d04
5e5b7e6fff91ce32859b5e4db5c15f46c80ee0af993f173fbabed67ec53083b6
5ed8e43c88fcddea19fc1ca953fa736916195f311463ed76b23bcf0a6254f1e5
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6190af3855d63cc16ac0056127dad9247710224d3acba2559cd30f612a99ee0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651375dedc8080bda1585b0d2f00628426d829ff1ed26f17990977cd291919d8
65d6673b64cd70f41775af32a63a74d40bfaf3b9946575cc5ee4d1cadba12efb
66287d6e66f6823abe9c9ee9eaaf6355936571e002236a9cc75aeacc5eb86c4a
6770002ff989386dd307adb490b0d4cc473f1730b1c208b7cc48e12b574f946e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f01be0c587e61b2a221d2b0bc090338c0fe9c76e4616bf71a5b2bb347674277
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74d955fc1fabc21de7667611927dae6d60804e5696684359564d897970095203
75891765e870156a26e68a1d1afac45a388f3496c607824e6cb4332575faa865
77546c2fade104fe7e8bdbbb508a37f0d52e1e20ab4f94e63bf1bf001ff86b94
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7930bbf04510ced4cdae7a78fb4b9868fc71235d947f5d12e7ee480048301056
798ddfc68ce50b0c89a0d358621cd3b3f419ccb147535c3058af8c3e206390f3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c9c191c8c75809dee52db9025eb10d5bccbf2821f1fab385fbb4bf3b20ff37
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7ca4630d850597a3460cfe35ee6df2f97aae1271ffe737465eeac11505b449d5
84dfd7f5af8a3bb1f5aad14e6530674c44306713c8b08151cd91dc8322761e01
8600726486c2065e1f5c13a5f7fdeaff05ac6098bb5c6d9726e5f93f1e7ae345
88d6097c7ba2f13047bedd278df6f7a530352beb534af2f3d94cd712f0711eb9
8cc3f7da9e0c12b1c8e94437e566e23607b7b6616388af1a27e33a912e9f8e9f
8d37ba57f34de55fa31f52bc2bfbd915dc265fd6008d16a03702bce45b11d8a5
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94499175047491038f44a62b1d7a658ccee12d833c405e980b8fe2621464431e
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b048c6923acbaead832cbf4da52658759e4a503436a3b7aca36eb647e0749c3
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1e6794446516b2af4e51eeaca2aabe141cab756b6c21c93f8c2a6502dcd58ba
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a344d0aa1d84fccc99c58b6f8a9c5d2aeeedf8c5135fc8a4b6b563e3db2db356
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51b849270fefbfd714cc4b625cb0f91b29025cbf33fb3da985a3bde40894ccc
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
af35cff9e5c54ebfb078d8f6c3f1220e8cd98f34e4dfecbfa1e9b8da15037cf9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b50292bec0dc0b99eb18f83f4aa1fad567178263bf164f42d04dedcea75e82
b3ef4d36a89629a589418f3163b5c65915fcc9e913350b188e43f95826c20ac2
b4a8f90a67beb609d15de12f680d5318609efa323cd733601870d31ba217398d
b4f02b4945904cf13e611646c307337e264ed09075bfcd90429da42f507d0fdf
b5088b29d3bd9751f82cb34d0139b3bfd2ae7bdf0ed9a3558d03c92561d6c755
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bb4a69618d4d0d92ec8a479ff7753396276e027b28684be1af173c7cecc7c798
bd2ab55f0c3f815827b29222e282e6d787daa928e68505f03f891d2ab5718d03
bd373ef53aed5a64589da23b9c16b9d390576bdb371f5909814b757f330bbecb
c0f15eacaef477d8701e3540b091c8dab60d464101b06b0d16c48f4605af52bf
c5dd631bcd4d3dec1fe23573ea6cbc6db752de2f72caf00abfbf48cee5d58c0d
c62958fc98ac3452f7687435a0e5f11a44812aae297ed4849a5dbe02770b7c19
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c793dd8a847fe4f25969decc6f72cabe54099061f550f5536bd8661de6121eb5
c8bd816f4b2992b4aecfb4f447b3c978da672068f2185c30cb39804ff2d7db03
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdf52f83d9e402b936bbf65818f2fec7270ae54d83883d69baded01cf0d3228b
cff247c4d6c20697eb3565e8cdce376842e41201d0e7a571e3649d1e92f7ed39
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d861a2e14ab2643c5ccf2608c3e9ce0ec9e0c4787e5de948984c39d31c10794e
dd8bc701b7c935d9208309dae1183a965e300d623c7ad2ae717c8b03bf76adf5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfedff745ba4faceb34fb66e2a00d04f07848d4c5ae29ddf3edffe6a28f28679
e2927f16c3d19be6cfa6a76cd46151a348682feb5492b4547eba7043122ef57f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76262294b6951ce10d307f7754314cfd56b7c73892dd617c1929b0032128e4d
e7d216bc3ccbc2487aff1649e35d2ee3d329d941e48cd2e9f8ba83f7412ea10d
e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c
ed4cc21191632a60c41a15b2d0144522abfdb611477a6bf9cf23b459f901d13f
ed988b9e45ba388c6d237e75853f2d50c6747151a47d3705aedbf29d53a5258e
eea9236da8e59594936a2035e4f1f1920eae76d8460db6b7397fd763abcf3a45
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd703ef56efbb4bd984727e547e21e9591ad9ccbdf0349e1fee0d6b526a8f80e
fd717dd825a505eae20728b83a9058feb690059b9fa3abe91cd8e3c55ac14c07
fef4a081b1ec23e8d4dd655e6d292d1ca7cbffe39775977461c8b08490784466
ff58483c9a26bf873baac0bf877992ba5883c441ad774d9c42b6e9a5da158e1b

www.irctc.co.in Open in urlscan Pro 103.252.142.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

92 %HTTPS

0 %IPv6

30 Domains

48 Subdomains

43 IPs

5 Countries

4390 kBTransfer

8213 kBSize

20 Cookies

85 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.irctc.co.in Open in urlscan Pro
103.252.142.21 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

92 %
HTTPS

0 %
IPv6

30
Domains

48
Subdomains

43
IPs

5
Countries

4390 kB
Transfer

8213 kB
Size

20
Cookies

178 HTTP transactions
3 data transactions