en-in.obnews.co Open in urlscan Pro
99.86.4.70  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1&C=1

Request Chain 35

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSwTcB20gzxlABYs8sMh4gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1

Request Chain 36

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEFDeXlob5XDj0-yAkw3of_8&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFDeXlob5XDj0-yAkw3of_8%26google_cver%3D1

Request Chain 37

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NjI1MTg0MTExNzY2NjQxNg%3D%3D

Request Chain 148

• https://gcdn.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1BD92595333667004ED79A3848D8DD98DE2D2894.81DFB2640214F3A34DFC7428A61FFC9C7F957371/key/ck2/file/file.mp4 HTTP 302
• https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5689514D291C78416A353F9AB4F9A18D6F32F888.5CE085A13862605FDAEE329F182AD4F36FA86B83/key/cms1/cms_redirect/yes/mh/Ss/mip/2001:ac8:20:3a00:1011:38a:8706:ca26/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1697387091/mv/m/mvi/2/pl/50/file/file.mp4

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 1438112.html Show response en-in.obnews.co/Index/newsDetail/id/	17 KB 4 KB	374ms 294ms	Document text/html	99.86.4.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-70.fra6.r.cloudfront.net Software / Resource Hash ad286f841d795b521a46453a00c2101639b963f08f7630c08a665859204184b6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private content-encoding gzip content-type text/html; charset=utf-8 date Sun, 15 Oct 2023 16:29:35 GMT vary Accept-Encoding Origin via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) x-amz-cf-id buvZtSawHeK_rMsH656RxAgVp_KXD1QGcnq19CA_TOw7e8vsLQ0srw== x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront
GET H2	200	styleChange.css en-in.obnews.co/css/	8 KB 3 KB	9ms 8ms	Stylesheet text/css	99.86.4.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://en-in.obnews.co/css/styleChange.css?id=22 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-70.fra6.r.cloudfront.net Software / Resource Hash d05595f3576ee15ede1e98e7419b741d3b7bcab6f945b8d1c5789263f08dfcce Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 09:57:07 GMT content-encoding gzip via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) last-modified Tue, 18 Jul 2023 09:18:09 GMT x-amz-cf-pop FRA6-C1 age 23548 etag W/"64b658d1-20ca" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css x-amz-cf-id PXgBAqzXsje6bEImudTIjTl0bKOMK8PmIqRUHUBPYTHAfRNC94J4bw==
GET H2	200	commentPush.js Show response www.vilykke.com/js/	7 KB 3 KB	123ms 20ms	Script application/javascript	3.162.38.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.vilykke.com/js/commentPush.js?id=13 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.38.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-38-56.cdg52.r.cloudfront.net Software / Resource Hash fe2e2467ec0b4f4d9f1facc0186be823b9ad0c691754eb92f53290efd4962181 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 05:00:58 GMT content-encoding gzip via 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront) last-modified Thu, 06 Jul 2023 12:13:28 GMT x-amz-cf-pop CDG52-P6 age 41317 etag W/"64a6afe8-1deb" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id -Y_NEDn6YUZlykk2vSKKS2xTcD0UIXLl2R7a3QFCfwiLQEgcBIqZYQ==
GET H2	200	boyuanNews24Co.js Show response cdn.boyuanhulian.com/js/	10 KB 3 KB	694ms 19ms	Script application/javascript	18.66.122.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-70.fra60.r.cloudfront.net Software / Resource Hash 4827bf75cf34d018308775eedb93df562dd16205c37e5c837edca09323a3d6d4 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 10:35:02 GMT content-encoding gzip via 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront) last-modified Thu, 06 Jul 2023 03:02:07 GMT x-amz-cf-pop FRA60-P2 age 21274 etag W/"64a62eaf-284b" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id YUdK2VXEsMuTLQQp6C5PSXDrfa_kZPhzAol-05fbzfvus_TJX89XdQ==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	90 KB 29 KB	129ms 106ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5e537372fdc346bc3983746fe20ae4f390e6ca45b19289a5e4e83bf5061023c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:35 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29545 x-xss-protection 0 server cafe etag 793 / 19645 / 31078750 / config-hash: 16770446656291207178 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 15 Oct 2023 16:29:35 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 91 KB	40ms 16ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dd93e44e8a78f4835ce3e6ca6cfdc48c798704bc72bc4af4beba2ca801d4df8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92964 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 15 Oct 2023 16:29:35 GMT
GET H2	200	2229192283.jpg cdn.shengboglobal.com/Upload/File/2023/10/11/	36 KB 37 KB	299ms 36ms	Image image/jpeg	18.239.36.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shengboglobal.com/Upload/File/2023/10/11/2229192283.jpg Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-45.ams58.r.cloudfront.net Software AliyunOSS / Resource Hash 7c8d4b3d2d1763febcf8af87e36ae3b14aab37dd855a3f5ea16b500ee27a3045 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 11:30:50 GMT via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-oss-request-id 652BCD6A99AE823034A80810 content-md5 WAmIC2hX0+07aENyX0ofDg== x-amz-cf-pop AMS58-P2 age 17925 x-cache Hit from cloudfront content-length 36946 x-oss-object-type Normal last-modified Wed, 11 Oct 2023 14:29:19 GMT server AliyunOSS etag "5809880B6857D3ED3B6843725F4A1F0E" vary Origin content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 2362414441830553821 x-amz-cf-id 6wZo3fqR-pO4-DUfhX75fP3otH4ghHPA0PLg5gIQA6F7OH7RcTfDoQ== x-oss-server-time 7
GET H2	200	2129402519.jpg cdn.shengboglobal.com/Upload/File/2023/10/15/	17 KB 17 KB	307ms 45ms	Image image/jpeg	18.239.36.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shengboglobal.com/Upload/File/2023/10/15/2129402519.jpg Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-45.ams58.r.cloudfront.net Software AliyunOSS / Resource Hash c96d25520013b41f2bdfd71782219b7ccba40920ebd6dfa09b55c1a630668961 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 13:37:41 GMT via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-oss-request-id 652BEB25EE884532361CE649 content-md5 pt7pR/JmeTe3M0FA9+27bw== x-amz-cf-pop AMS58-P2 age 10314 x-cache Hit from cloudfront content-length 17388 x-oss-object-type Normal last-modified Sun, 15 Oct 2023 13:29:40 GMT server AliyunOSS etag "A6DEE947F2667937B7334140F7EDBB6F" vary Origin content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 16820320888134274853 x-amz-cf-id 2MhjyhCEWs9wch7P-gI7hX4oZbk8gkfazmxgaOv373OMx5WhuytnAQ== x-oss-server-time 19
GET H2	200	2128597010.jpg cdn.shengboglobal.com/Upload/File/2023/10/15/	32 KB 33 KB	301ms 41ms	Image image/jpeg	18.239.36.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shengboglobal.com/Upload/File/2023/10/15/2128597010.jpg Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-45.ams58.r.cloudfront.net Software AliyunOSS / Resource Hash 2a745e7e75a14012b7a14e20beb362781256fb9323242a92539ec03aa011072a Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 13:37:41 GMT via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-oss-request-id 652BEB25700FB137318154E4 content-md5 VFwfaHlya0uurSC+GPohbw== x-amz-cf-pop AMS58-P2 age 10314 x-cache Hit from cloudfront content-length 32958 x-oss-object-type Normal last-modified Sun, 15 Oct 2023 13:28:59 GMT server AliyunOSS etag "545C1F6879726B4BAEAD20BE18FA216F" vary Origin content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 8220903097233122808 x-amz-cf-id jPULFVXZc8Xc3JwPJAo-PbkeJPcRC78fNH04qrlVCDSAemroVdRZqg== x-oss-server-time 16
GET H2	200	2129012691.jpg cdn.shengboglobal.com/Upload/File/2023/10/15/	16 KB 17 KB	292ms 32ms	Image image/jpeg	18.239.36.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shengboglobal.com/Upload/File/2023/10/15/2129012691.jpg Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-45.ams58.r.cloudfront.net Software AliyunOSS / Resource Hash 32a0973168898fca74872d66ba8fa9b927896d0daaa9b80db16d023c368a4421 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 13:37:41 GMT via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-oss-request-id 652BEB25F53B5C3733B27A47 content-md5 JpoyIGKk9QKHHTh7I3al4A== x-amz-cf-pop AMS58-P2 age 10314 x-cache Hit from cloudfront content-length 16552 x-oss-object-type Normal last-modified Sun, 15 Oct 2023 13:29:01 GMT server AliyunOSS etag "269A322062A4F502871D387B2376A5E0" vary Origin content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 2215178953062943472 x-amz-cf-id fymDfbScNMUb2vz1aTHRqNkYtSTTFJt147leuyNLxUvBLQkgUOrA3g== x-oss-server-time 16
GET H2	200	2129048507.jpg cdn.shengboglobal.com/Upload/File/2023/10/15/	14 KB 15 KB	278ms 19ms	Image image/jpeg	18.239.36.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shengboglobal.com/Upload/File/2023/10/15/2129048507.jpg Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-45.ams58.r.cloudfront.net Software AliyunOSS / Resource Hash 4e0c9abf8755b267d79bb6e4a48fb38e098b8619774a81264dd78e50b7cfba1b Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 13:37:41 GMT via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-oss-request-id 652BEB2522435B3731A81DA5 content-md5 FBwavPX3F/8osGM2amM8pQ== x-amz-cf-pop AMS58-P2 age 10314 x-cache Hit from cloudfront content-length 14374 x-oss-object-type Normal last-modified Sun, 15 Oct 2023 13:29:04 GMT server AliyunOSS etag "141C1ABCF5F717FF28B063366A633CA5" vary Origin content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 8813950590620631652 x-amz-cf-id IaEXNl61Fe7q1digAJdXOlNVcfaHu93uED9ig1_frG4_Ept6EpIl9Q== x-oss-server-time 13
GET H2	200	2129066560.jpg cdn.shengboglobal.com/Upload/File/2023/10/15/	23 KB 24 KB	281ms 22ms	Image image/jpeg	18.239.36.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shengboglobal.com/Upload/File/2023/10/15/2129066560.jpg Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.36.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-36-45.ams58.r.cloudfront.net Software AliyunOSS / Resource Hash e90871382534efae7bb2f549b8766575581c3062a59a4e4a0c705bb0b62ca337 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 13:34:57 GMT via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-oss-request-id 652BEA810A930632354F8582 content-md5 Oa7sHxbJRygF8dUXzI0eDw== x-amz-cf-pop AMS58-P2 age 10478 x-cache Hit from cloudfront content-length 23579 x-oss-object-type Normal last-modified Sun, 15 Oct 2023 13:29:06 GMT server AliyunOSS etag "39AEEC1F16C9472805F1D517CC8D1E0F" vary Origin content-type image/jpeg x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 11953295446110398299 x-amz-cf-id IAlYirruRpuF4_Y_WG5IXM-joHKjCXmsjfonKIqSuVA56GPoXmQQSQ== x-oss-server-time 18
GET H2	200	index.html Show response en-in.obnews.co/Log/	12 B 446 B	555ms 554ms	Script text/html	99.86.4.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://en-in.obnews.co/Log/index.html?news=1 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-70.fra6.r.cloudfront.net Software / Resource Hash 417488896462f42324ddb2ad36203881abcbe438d8151c28a82e2cd8b55a6d7e Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding gzip via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 vary Accept-Encoding, Origin x-cache Miss from cloudfront content-type text/html; charset=UTF-8 x-amz-cf-id UqpMMBnKbxqEHpH0MmOrRlFks4hFoYX-MjlYtX76x2KReZ_OGu1nlw==
GET H2	200	fill.js Show response en-in.obnews.co/js/	4 KB 1 KB	12ms 12ms	Script application/javascript	99.86.4.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://en-in.obnews.co/js/fill.js Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-70.fra6.r.cloudfront.net Software / Resource Hash a1acd4064e828c68361205cc55fcf26f7d0aab24b2025b125469033d3b8e6a9a Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:13:09 GMT content-encoding gzip via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) last-modified Tue, 01 Aug 2023 09:41:00 GMT x-amz-cf-pop FRA6-C1 age 985 etag W/"64c8d32c-ec2" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id Q7KNUlVg8jvoZfQT0iq4iUC88WOMRQAUbEi6J2oPfHA42-ezs4X97g==
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/hulian-network/	183 KB 46 KB	42ms 8ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/hulian-network/loader.js Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5ab9f852d855f04b57ba6c0b5e4b566ceed14991ce4b02ed284b163d4d3a1a18 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-amz-version-id Okd5.S_MtSjFfK4NCXsGvBa3wmSOH13B content-encoding gzip via 1.1 varnish date Sun, 15 Oct 2023 16:29:35 GMT x-amz-request-id D7TD7S0TBEVN6CSB age 18923 x-amz-server-side-encryption AES256 x-cache HIT x-amz-replication-status FAILED content-length 46903 x-amz-id-2 NiSyw/UrnAL8KikoqwEdcyxCR1nUDWMpllearW82r4HPma3LQAS7L8p+ASjYKeluAelcdBIOdsI= x-served-by cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 11:13:55 GMT server AmazonS3 x-timer S1697387376.784118,VS0,VE2 etag "603560cdf773e383d25353b76be1a249" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 66 access-control-allow-origin * cache-control private,max-age=14401 accept-ranges bytes x-cache-hits 1
POST H2	204	collect region1.google-analytics.com/g/	0 254 B	37ms 16ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DWX6Q6TDMK&gtm=45je3ab0&_p=562488653&cid=2099275874.1697387376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697387375&sct=1&seg=0&dl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html%3Fval%3D2df636272b724e34c835e218e4100aa9%26keyword%3DEPFO&dt=EPFO%20Withdrawal%20Big%20Update%3A%20EPFO%20%E2%80%8B%E2%80%8Bemployees%20are%20in%20trouble%2C%20this%20is%20how%20they%20can%20withdraw%20the%20entire%20money.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://en-in.obnews.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	impl.20231015-3-RELEASE.js Show response cdn.taboola.com/libtrc/	811 KB 168 KB	8ms 7ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/hulian-network/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash 7bab19098c317dcd4522ff95c1e6a9ae9ffe7a6d3a28056bc9eb98295d09b743 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-amz-version-id tetPSDn4JXiYX92AoGnrx9JK7cVIxlsV content-encoding br via 1.1 varnish date Sun, 15 Oct 2023 16:29:35 GMT x-amz-request-id MXX7G34FXWX3MWXT age 24420 x-amz-server-side-encryption AES256 x-cache HIT content-length 171903 x-amz-id-2 jvqR5cDVoEthMssuTwEzIsvNBWymY5BeLcySoLviL3pIO/C15fjpJMH539pQwHdQypAEX6I7F4E= x-served-by cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 09:35:05 GMT server AmazonS3-br x-timer S1697387376.828924,VS0,VE0 etag "b25190d8bb0cab9eabbcf6a614338e83" vary Accept-Encoding content-type application/javascript abp 24 access-control-allow-origin * cache-control private,max-age=31536000 accept-ranges bytes x-cache-hits 82311
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/	420 KB 132 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 11:35:55 GMT content-encoding br x-content-type-options nosniff age 17620 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134705 x-xss-protection 0 server cafe etag 4581834702576728701 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 14 Oct 2024 11:35:55 GMT
GET H2	200	spa-detector.20231015-3-RELEASE.es6.js Show response cdn.taboola.com/libtrc/	2 KB 1 KB	7ms 7ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/spa-detector.20231015-3-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/hulian-network/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8c38d4fd5ef08abc9a0dac79c6b6c6565dfcc7f75c107cba930ca5fcab831b04 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-amz-version-id n8N5u9S5.cSRU_OFy7NQ2aZzLZmXoOZ9 content-encoding gzip via 1.1 varnish date Sun, 15 Oct 2023 16:29:35 GMT x-amz-request-id K05EB49AJ2MX0S4B age 1514 x-amz-server-side-encryption AES256 x-cache HIT x-amz-replication-status PENDING content-length 778 x-amz-id-2 2Hihh0xVtwSnpbBCeY8dMWpgLDATMpCjERw113DkNIVnxh6bMkrkkJxhenHdmFV/stjTN/azuB8= x-served-by cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 16:04:22 GMT server AmazonS3 x-timer S1697387376.881502,VS0,VE0 etag "eab3bab6edc5ac48b612c56545fea5fd" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 87 access-control-allow-origin * cache-control private,max-age=2629743 accept-ranges bytes x-cache-hits 2157
GET H2	200	sync Show response gum.criteo.com/	46 B 288 B	53ms 19ms	Script text/javascript	2a02:2638:d::d ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20231015-3-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:35 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 212459 expires 60
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	62 KB 14 KB	1845ms 1845ms	Fetch text/plain	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=407560818686247&correlator=1781870493221491&eid=31078750%2C31078787%2C31078789%2C31078659%2C21065725&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fif&iu_parts=22847393195%2Cen-in-news%2Cobnews-300x250-073101-xl-en-in-news&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697387375941&lmt=1697380175&adxs=360&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html%3Fval%3D2df636272b724e34c835e218e4100aa9%26keyword%3DEPFO&vis=1&psz=879x260&msz=879x250&fws=0&ohw=0&ga_vid=2099275874.1697387376&ga_sid=1697387376&ga_hid=562488653&ga_fc=true&dlt=1697387375673&idt=237&adks=3239762501&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4a6844dcb0a971a3186ca8d62a329abee426a3f5edb925e64197f6a83e0d022a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:37 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14641 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://en-in.obnews.co access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	63 KB 14 KB	796ms 796ms	Fetch text/plain	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=407560818686247&correlator=1781870493221491&eid=31078750%2C31078787%2C31078789%2C31078659%2C21065725&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fif&iu_parts=22847393195%2Cen-in-news%2Cobnews-300x250-073103-xl-en-in-news&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697387375951&lmt=1697380175&adxs=360&adys=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html%3Fval%3D2df636272b724e34c835e218e4100aa9%26keyword%3DEPFO&vis=1&psz=879x260&msz=879x250&fws=0&ohw=0&ga_vid=2099275874.1697387376&ga_sid=1697387376&ga_hid=562488653&ga_fc=true&dlt=1697387375673&idt=237&adks=1751035886&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8bd471861ee3b53d3426c5d4bab3c6fd37a34c27e5c557e183cee89b53439e59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14601 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://en-in.obnews.co access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	26 KB 10 KB	362ms 361ms	Fetch text/plain	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=407560818686247&correlator=1781870493221491&eid=31078750%2C31078787%2C31078789%2C31078659%2C21065725&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fif&iu_parts=22847393195%2Cen-in-news%2Cobnews-300x250-073104-xl-en-in-news&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697387375955&lmt=1697380175&adxs=360&adys=2099&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html%3Fval%3D2df636272b724e34c835e218e4100aa9%26keyword%3DEPFO&vis=1&psz=1210x260&msz=1210x250&fws=0&ohw=0&ga_vid=2099275874.1697387376&ga_sid=1697387376&ga_hid=562488653&ga_fc=true&dlt=1697387375673&idt=237&adks=2456324742&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 261cdbb51a9bc1f5faa0a1e73c8826d297053dae0bcedf31dac0ab539957cae3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10466 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://en-in.obnews.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	89 KB 28 KB	2219ms 2219ms	Fetch text/plain	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=407560818686247&correlator=1781870493221491&eid=31078750%2C31078787%2C31078789%2C31078659%2C21065725&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fif&iu_parts=22847393195%2Cen-in-news%2Cobnews-300x250-073102-xl-en-in-news&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697387375957&lmt=1697380175&adxs=360&adys=7472&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html%3Fval%3D2df636272b724e34c835e218e4100aa9%26keyword%3DEPFO&vis=1&psz=879x260&msz=879x250&fws=0&ohw=0&ga_vid=2099275874.1697387376&ga_sid=1697387376&ga_hid=562488653&ga_fc=true&dlt=1697387375673&idt=237&adks=3895481544&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash da0df259d124c760719e59da06b3f274a600e97e92347860848ae4d06089d887 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:38 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28282 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://en-in.obnews.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23ED	6 KB 3 KB	71ms 16ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 15 Oct 2023 16:29:36 GMT expires Mon, 14 Oct 2024 16:29:36 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89DC	6 KB 3 KB	11ms 10ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 15 Oct 2023 16:29:36 GMT expires Mon, 14 Oct 2024 16:29:36 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame F45F	624 B 827 B	78ms 50ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARj9toL4ATAB&v=APEucNXB8YlL9RdjwiJYcc_E_d5aNNtqPwaFO9p4MuRse-nwGaCLHU0s2ZcZ5f5r1lplxLK9fqW023NXykRfY9fniZzEe-3agn5v6hOn5WIq2S3r1yrDbU1p4eHcTsum8r9zZUIDGEWJ1kIjtCDCVK5nYqaybxTSnrUGOppB8d8o__UHL29GCWg Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 15 Oct 2023 16:29:36 GMT expires Sun, 15 Oct 2023 16:29:36 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame B02E	89 KB 31 KB	127ms 91ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 15 Oct 2023 16:29:36 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B02E	3 KB 1 KB	49ms 10ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 14:27:51 GMT content-encoding br x-content-type-options nosniff age 7305 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 29 Oct 2023 14:27:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame B02E	20 KB 9 KB	47ms 9ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 22:47:03 GMT content-encoding br x-content-type-options nosniff age 63753 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8337 x-xss-protection 0 server cafe etag 13483435759450910196 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 28 Oct 2023 22:47:03 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B02E	187 KB 59 KB	45ms 18ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60003 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697024009209687" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 15 Oct 2023 16:29:36 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B02E	42 B 110 B	190ms 155ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJWZ3aAt8-Scf9aUyMMIYTewkATcIn0Y7cHmV8pj9rngRcTh5apAi40ES_96LuYL2EJ-IocJ7Gl9GI5MxEd1ehLdR8_n8PTLWXTlAZeLlO3F_EJ74 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B02E	0 121 B	189ms 154ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13741231241107967992&x=1&ct=76 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	like.html Show response www.vilykke.com/index/	328 B 611 B	542ms 505ms	XHR application/json	3.162.38.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.vilykke.com/index/like.html?uuid=df136ca9-4ea1-40db-99d2-639b35fa1843&channel=obnews&id=1438112&url=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html%3Fval%3D2df636272b724e34c835e218e4100aa9%26keyword%3DEPFO Requested by Host: www.vilykke.com URL: https://www.vilykke.com/js/commentPush.js?id=13 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.38.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-38-56.cdg52.r.cloudfront.net Software / Resource Hash 15fbabf565732e7a696ffc50cb5d159dd4ed4cab89d5400c91f2b99687b9a847 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding gzip via 1.1 a28484674ba426e000be2ae849e78a26.cloudfront.net (CloudFront) referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop CDG52-P6 vary Accept-Encoding x-cache Miss from cloudfront content-type application/json; charset=utf-8 x-frame-options SAMEORIGIN access-control-allow-origin * access-control-expose-headers * x-amz-cf-id 7ESgqgf2C9Rb212kK3PPVnHomvmh5ZhqItLnuYaW2LYTEpnOj-HaDw== x-xss-protection 1; mode=block
GET H2	200	index Show response cdn.boyuanhulian.com/TaboolaNews/	53 KB 8 KB	689ms 654ms	XHR application/json	18.66.122.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.boyuanhulian.com/TaboolaNews/index?init=init&uuid=df136ca9-4ea1-40db-99d2-639b35fa1843&lan=en-in Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-70.fra60.r.cloudfront.net Software / Resource Hash a590f2d9c0a7aeaaf855853b545a7ecf7a80274f325815075177fc3676392c25 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding gzip via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop FRA60-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * x-frame-options SAMEORIGIN x-amz-cf-id 0HxlltSnDSvDVMIEx6Vbgt63uXSwBvpDeGxoU8gPzFUA6vQNMDdxWw== x-xss-protection 1; mode=block
GET H2	200	rum dsum-sec.casalemedia.com/ Frame F45F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1&C=1	43 B 335 B	26ms 25ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARj9toL4ATAB&v=APEucNXB8YlL9RdjwiJYcc_E_d5aNNtqPwaFO9p4MuRse-nwGaCLHU0s2ZcZ5f5r1lplxLK9fqW023NXykRfY9fniZzEe-3agn5v6hOn5WIq2S3r1yrDbU1p4eHcTsum8r9zZUIDGEWJ1kIjtCDCVK5nYqaybxTSnrUGOppB8d8o__UHL29GCWg Protocol H2 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgYCiBuS5swM8eeB935Ym9vnGPpXijQA7lQVif6jSE7h2aP7tDIxD4E5rPKrF9QJnu%2BO8JeIpdfBjQJ5HZS2OMj9u8uYxy%2B9063KEcm2zX47eTCMYmbMTSqV8cG13zMlvaFBWzBejPsd0w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8169711f4805bbd7-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIgj1efZrf5m%2FTnTL8TPMAcLxAukQIxsQhhze%2BMYzvjdUFZmJcnu2DbVd2405pf4%2FCbAaPno1UyCNFov7pCYLxMEPOKdjBHPsyXPNtcaNJrwe6R59x8TYxnw7RG2nmQlIatQ25GmuSU19Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1&C=1 cache-control no-cache cf-ray 8169711f1fc9bbd7-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame F45F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSwTcB20gzxlABYs8sMh4gAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1	43 B 768 B	27ms 26ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARj9toL4ATAB&v=APEucNXB8YlL9RdjwiJYcc_E_d5aNNtqPwaFO9p4MuRse-nwGaCLHU0s2ZcZ5f5r1lplxLK9fqW023NXykRfY9fniZzEe-3agn5v6hOn5WIq2S3r1yrDbU1p4eHcTsum8r9zZUIDGEWJ1kIjtCDCVK5nYqaybxTSnrUGOppB8d8o__UHL29GCWg Protocol H3 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u4wf4pHoNKKAFWCn1recXqBGY8OqQjiiAf3D9GciYE26ZbcO34bvCnswV9zPXcR6nu6B1gb8VXGz%2F2RfGBHpYEAUZKEl4VlEA%2BSGMIzt5M8UQqmG4Cg4SlLAqnQgRqeYiu%2Fh1OS109VUA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8169711f8a851cc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXmsWOiyR6xTwqenF-exZc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame F45F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEFDeXlob5XDj0-yAkw3of_8&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFDeXlob5XDj0-yAkw3of_8%26google_cver%3D1	43 B 886 B	9ms 7ms	Image image/gif	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFDeXlob5XDj0-yAkw3of_8%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARj9toL4ATAB&v=APEucNXB8YlL9RdjwiJYcc_E_d5aNNtqPwaFO9p4MuRse-nwGaCLHU0s2ZcZ5f5r1lplxLK9fqW023NXykRfY9fniZzEe-3agn5v6hOn5WIq2S3r1yrDbU1p4eHcTsum8r9zZUIDGEWJ1kIjtCDCVK5nYqaybxTSnrUGOppB8d8o__UHL29GCWg Protocol H2 Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT an-x-request-uuid b135ca57-5a3d-4a38-b906-1b3c6935e048 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT an-x-request-uuid 77587a30-ec1f-4e84-81cb-c7a7115a1087 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFDeXlob5XDj0-yAkw3of_8%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame F45F Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NjI1MTg0MTExNzY2NjQxNg%3D%3D	170 B 243 B	24ms 23ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NjI1MTg0MTExNzY2NjQxNg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKSDwQEQ27vuARj9toL4ATAB&v=APEucNXB8YlL9RdjwiJYcc_E_d5aNNtqPwaFO9p4MuRse-nwGaCLHU0s2ZcZ5f5r1lplxLK9fqW023NXykRfY9fniZzEe-3agn5v6hOn5WIq2S3r1yrDbU1p4eHcTsum8r9zZUIDGEWJ1kIjtCDCVK5nYqaybxTSnrUGOppB8d8o__UHL29GCWg Protocol H2 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT an-x-request-uuid 8ec637ee-bf23-4fa4-8f58-d364204c27c3 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU3NjI1MTg0MTExNzY2NjQxNg%3D%3D x-proxy-origin 45.141.152.77; 45.141.152.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B02E	0 56 B	154ms 154ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4496066550132&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B02E	0 56 B	151ms 151ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4496066550132&version=m202309260101&ct=76&x=1&cor=13741231241107968000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame B02E	80 KB 37 KB	54ms 51ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBWLCAjE3nIHYCswTtrn1xysUHTduPPvKABEK5r_Q3GcgFvJD8s3HVTJ6PXDz52Yuj2VQrXzIVpNZ6bB6AaecbKVFSmg&cry=1&dbm_d=AKAmf-B_qez_qOy1Mf3x7eyEE2o7X-OJPbDAoTqvIMYjXheiJmrp_WUsOv0cUHotzzPDGWL9NEeGBN7SbylVV2Yk9CepjA43TJpKitqfPyCOmQ1662odNxaXnT9JvHjh85EOAKf3g8cqM-aThREFBfgO3ybFgUuRWKU9im_8NR4tHb6JM9KrFTKfnB3FxPtJorcZIS-tQLM_XOgYeRCscVXEDb2fHLjpvkYsHC0Uaap-VpYEAfrm1Zj90VPoTrHNEESDZ2wMfDI1xhTkHUKpq3XL9E4VtJpQ-huFwAoUbdkbJdfIQZw94mHYo8boT53h9NOUQVNDk-o1caXrekdhokBfUfSZnwPtkju-0hdYll6bN-gbhFqjKWLHKBx8dDgeKb_9GONgr6fgzexDgd5eoSyYdOT7_l7v87r8xzugJwakG55QJOqtERbgkvOjHl4jyB8pBVDsJRTAl60V4PCkIeGlH1GrVboA0TB0CpHEaNFs8hQYiZNlc25dCN9SW9Lk7td9tJT1zOZZVcochir-l9ZrXZzOezdq9x813scARz7sU8053NpbZlAGkGvjqDpPqzxg3TvF3sV-6h5kem3gJL0pSbovFZS5kK2UP0UoVLq8NODhSAfeXiu8YUHbT2Ior62OeM28Z-3ojrjAftaQwv8opwEooJwtYrwi_3IkcCdAKn6GG3pDlyY8S-wt06sp3IKzK4vDtER-LMEp3tLH0QQnhceju-McV_f9HYUe9j-KsueV35DQWnkAyVVMQQ9qY4lyMaeyXGz-WdF6PWVoGKr91sPneOtJf0hpYn3MelfYEV2EANU52lxAMfRZSLGE2hhskPOSxgTXA62-H72JRW6-HVaEa-Z8dorj8M9N--8ZCvsXAKkfZ3MWvIv5Ny1MGOAwcWQQG8BOVxPbI4XgDQm2-GHtc1kFOzmiJoujHEkoMN6QJNU4ySgvZa0IvPRDH_kS8or423BjAQyS_khU7XqBfGgX2gYuB3F7klUFSAZf_JGFSOXniYN8hVwbVNbmlZmVfQLuMtVojy-ke7fzdM2U8ufRKuE7TCjKibVATzw-XwFtLPGphNalfuK73jEvJpFcbEKVWEtvN1WyteKn2JQtAJhQHwcSRDni-_QFjgve3De9j9mQGVI6l4R5ag_JxWnoL7MstyLocfvF6u-hWp9OmyCwo0X4domgSbtvWGUWaL_1j_Z05s4uSTHO0EG-9nEtqNOd_gJjZqV0V5Xjt_-Xxs9w9AIMC0xrAMd_b0LBO6UHAqHCFZRW6XlgN81LI1Yrw1lIj0GeXlDW3EGsfcDDFQA9R24wpd0vgAwuo2xDeP21R3adBaOw3_WSd6qCzkGomRHMVdH4smHD-vTiPeppDtNMMPvjo0A6ljeFdaQUCoEfBNjyvxoQTsHI9ojKK1SSjQG8nR1Xm4WMn4P1bz4AuS6zQEbixKLtfuUU7bhuK5kVpLKLmktv0KrUIJ2cUefNxKQr9n2FMkTNRweQOVS-BTUfDjJ0ZG9rIebWSL2VV_Tq4IIy9LiHZ7h9QGaCzcsqfCX2Pt7kCltYYGBpsuBGqKsSK5JuysT_KPfLslCs7z7WaJSdHAzJm6tXXS_gT8bzAkmNOcvuJFC6cjuT7mZjfG9is0mkzu7eGwPK5ql-XlaTmk7XYYloa0nL-qsovs0HlY_i37-0aPo_da3WcRZTNECOkg3zzs_vSzn1dvbUXxIWtnR14AEkbZoWTbC4s-zpG04VnF-HfLO-L03fRiz0gshL8XSdSAFaqdAng3qlRMB0G4GgwpF9tHAdarIP1uRxpqN1Bk4bh7xSmXY1KrUjC6b3YMtFQeKU30GYgrIJyVizC2dRKBB8n5XB8z3smcSyXcnv6fFUQCEWHWEx-yCMQGZCxgX0DTb7IBZ8S9rdUwVrDrgC8sK0rpMG93qgoGZ99BLbfWrKpD4oZw-TJkunKnB32zsvTBzJVM3Pc2iN5FrPVAw7Pe7woMJ24_FG9KgI9l4CB22TRHfuqUQDOHMPqMrlYfKGMlmxGS1KQW_qCbSCw3qXAj9E5jW_-bZshDnjsmBBlczg-f06l31O9CbeBBDxAro_o7rfJLENa25rS04n7E5yko6ycadQPCdZvlpf4KCGEAO2IzYQPjYMVa9Mqrj7XQBw0CEhh_u6PRRnoWxVSS45DUZNYITip10GC-8jhqoWLshFFtfBK8ab3KlxYXMrpGYg5g5y2kIAtnlayit1PIp37VjK-8Z3rtlhL0xMlAO7tsHRi20vL_dM3lM7tBayVoUo7BSogn9H4vwtPshFF4jjShvRqkTxRdMKAxCg_g4e-OonzWMkPP_JJYNw0-_PpZjDQS-KBX2PN7AaqAz4JPa2VQ0SdfutQ-aNb71Nz5UU2m1RyRIqWwXJnw4H2IOiqkeAt43e4vxcw7aECxQ_uf_frxszmIXbNDqYahKyrACiWFV3ZwIHQ2A2uum1n1O1LLoePzhAshQVEhIeUg0eW0rDISLaky7LGvJQ2FaYrr4RBRa1KhEFaftb8oemfi5BtNRVFgymlCWrHnfPMGlFgIhbUm5gOj1aI9y-a1sUADGBkSHQgvu_p5FGZ1V6EOBS2wPShxsy0XcGeB6aQ0qgeCKV2S8qdtImiDh6lX4OWRdfsMhJg8l9ZHk2PM7n7EiKzmwEx4LwYU-bFvqHGeQC9AC6Kby1NLXRsjDijt8X94RAdKBaZb8vmzcb6ex80jlF1CUiI5Ctt-pNxUyBdttA_OUzUyqc3KP3kWee90chMO6pKzwliYbdNLADaklvyhnM1zWV_l2l7dmeRGcf3_e2ZITTXLW1SS7UZ0-vOAXbAhyB4tj8cJLTIf4eMSctwMXB8e-SYe-WWubobfin3urxcthKbTWR0zSjyM_NYhdCFREwsb5mCiCynJi5-8UKCDwv-4-17FT7adIeTkI87YXvRrXb90jpey4i0JnkNIDP486oS9JhnaiDkVNZ_FggYTKvrb4CBuPPQleof_MfEdoXpdqH7i6HAn4tsOiu5a0ZRpYGfl_S14aAcTorKnH8-sU70bhbORGS3ZpYipEKP-xdesMkEO9X3BHQqjJpQ2LlwSdKlCpxvoCK9yQK8JojINnfIAtMe_16qCilkSZx8MdUN1iMCa7pOHjr37db5NEUIrB0eB9eNja4cqDY7b-4kpxqh8xh3xWYAXQNf8Ux0tI6FlqIauqL6Sun-nmW_TfiBa1i0dkUKTYHlBdtGny_tUUc5ZVH0ittm44UP7m8GKGJ0Eh4DVlI-hG3WEIXAT5p9c2wR2RiRCQQvuHTcL61vjykv6FQnAqEhk0168YTc2nrimra0jcZJrbgPJg2ikgg4Tl584oJjyqEko3ilXIYicIz-257YndHyCRsWKihhbQxICPA_LaP5j_-8MIP_rH1NNByFE0wevmjf20upP0wXu8VJQXc5dTIgIh9dh_E-6QC3luPDXZQtmgVGF-Ob6pwW8f7hSo5bI9XdFPphT5JRJbLAZvPhQU5eoeaGacWAG9Az9IvWRheuPaT3PG4q3J9Pdlats5Tj8PZEA66zs5hFDlL3ddw7cEg2dUlhO7lPoRONXlOkqDa4_SDOKGUOCZq9GDWyGlY2kzRgTCZHv3AQ7-CkhNStCR2mbhaGMzjUkNUeKp64_WaId2A_PGetgYBCoZp8vYHIYwM9lX0eus96M01D53k35JPtRVoAwGu3Pc9LZLV06_IeOOv5Ds3ExQnTZId9ZrWLnxe9X4Bc141-F27gTqTKO1_1PhldIpXVdDHkDTPnCN0lljhl-1Tq34n7ymp-_n6fPyS_ImYjHRROfXVdgLacJ_JybwgN3-IyxqPqsjBK3Pm8mEIK5aB10PcMqZ1dE2kie2g_dLIlVmYOQxsf4zmmVv28B7TOIHTLRZtnITDcFfpqZVhrfSgCOoPz2U756tOTicyH7MhkQb4CYr68Zd_HnNIm0jEVDx6ZhSZzFywLIoKQds9nbs0sU_lJ0eEoRew&cid=CAQSTADICaaNq63gwVf_UXSPoSvBcw9FmzMhiifhODvpL16x23wGfxIRoYNlMgQgF0tfPhH4V3lbCYDw0oa7dl59yzj7Ct0jbFjy26gFb8QYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html&ds=l&xdt=1&iif=1&cor=13741231241107968000&adk=2307692975&idt=133&cac=0&dtd=15 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 63a83e852c411e46b739404a914b02fd735d500625c0d4cf88f9305f02200ee2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37927 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B02E	30 KB 11 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBWLCAjE3nIHYCswTtrn1xysUHTduPPvKABEK5r_Q3GcgFvJD8s3HVTJ6PXDz52Yuj2VQrXzIVpNZ6bB6AaecbKVFSmg&cry=1&dbm_d=AKAmf-B_qez_qOy1Mf3x7eyEE2o7X-OJPbDAoTqvIMYjXheiJmrp_WUsOv0cUHotzzPDGWL9NEeGBN7SbylVV2Yk9CepjA43TJpKitqfPyCOmQ1662odNxaXnT9JvHjh85EOAKf3g8cqM-aThREFBfgO3ybFgUuRWKU9im_8NR4tHb6JM9KrFTKfnB3FxPtJorcZIS-tQLM_XOgYeRCscVXEDb2fHLjpvkYsHC0Uaap-VpYEAfrm1Zj90VPoTrHNEESDZ2wMfDI1xhTkHUKpq3XL9E4VtJpQ-huFwAoUbdkbJdfIQZw94mHYo8boT53h9NOUQVNDk-o1caXrekdhokBfUfSZnwPtkju-0hdYll6bN-gbhFqjKWLHKBx8dDgeKb_9GONgr6fgzexDgd5eoSyYdOT7_l7v87r8xzugJwakG55QJOqtERbgkvOjHl4jyB8pBVDsJRTAl60V4PCkIeGlH1GrVboA0TB0CpHEaNFs8hQYiZNlc25dCN9SW9Lk7td9tJT1zOZZVcochir-l9ZrXZzOezdq9x813scARz7sU8053NpbZlAGkGvjqDpPqzxg3TvF3sV-6h5kem3gJL0pSbovFZS5kK2UP0UoVLq8NODhSAfeXiu8YUHbT2Ior62OeM28Z-3ojrjAftaQwv8opwEooJwtYrwi_3IkcCdAKn6GG3pDlyY8S-wt06sp3IKzK4vDtER-LMEp3tLH0QQnhceju-McV_f9HYUe9j-KsueV35DQWnkAyVVMQQ9qY4lyMaeyXGz-WdF6PWVoGKr91sPneOtJf0hpYn3MelfYEV2EANU52lxAMfRZSLGE2hhskPOSxgTXA62-H72JRW6-HVaEa-Z8dorj8M9N--8ZCvsXAKkfZ3MWvIv5Ny1MGOAwcWQQG8BOVxPbI4XgDQm2-GHtc1kFOzmiJoujHEkoMN6QJNU4ySgvZa0IvPRDH_kS8or423BjAQyS_khU7XqBfGgX2gYuB3F7klUFSAZf_JGFSOXniYN8hVwbVNbmlZmVfQLuMtVojy-ke7fzdM2U8ufRKuE7TCjKibVATzw-XwFtLPGphNalfuK73jEvJpFcbEKVWEtvN1WyteKn2JQtAJhQHwcSRDni-_QFjgve3De9j9mQGVI6l4R5ag_JxWnoL7MstyLocfvF6u-hWp9OmyCwo0X4domgSbtvWGUWaL_1j_Z05s4uSTHO0EG-9nEtqNOd_gJjZqV0V5Xjt_-Xxs9w9AIMC0xrAMd_b0LBO6UHAqHCFZRW6XlgN81LI1Yrw1lIj0GeXlDW3EGsfcDDFQA9R24wpd0vgAwuo2xDeP21R3adBaOw3_WSd6qCzkGomRHMVdH4smHD-vTiPeppDtNMMPvjo0A6ljeFdaQUCoEfBNjyvxoQTsHI9ojKK1SSjQG8nR1Xm4WMn4P1bz4AuS6zQEbixKLtfuUU7bhuK5kVpLKLmktv0KrUIJ2cUefNxKQr9n2FMkTNRweQOVS-BTUfDjJ0ZG9rIebWSL2VV_Tq4IIy9LiHZ7h9QGaCzcsqfCX2Pt7kCltYYGBpsuBGqKsSK5JuysT_KPfLslCs7z7WaJSdHAzJm6tXXS_gT8bzAkmNOcvuJFC6cjuT7mZjfG9is0mkzu7eGwPK5ql-XlaTmk7XYYloa0nL-qsovs0HlY_i37-0aPo_da3WcRZTNECOkg3zzs_vSzn1dvbUXxIWtnR14AEkbZoWTbC4s-zpG04VnF-HfLO-L03fRiz0gshL8XSdSAFaqdAng3qlRMB0G4GgwpF9tHAdarIP1uRxpqN1Bk4bh7xSmXY1KrUjC6b3YMtFQeKU30GYgrIJyVizC2dRKBB8n5XB8z3smcSyXcnv6fFUQCEWHWEx-yCMQGZCxgX0DTb7IBZ8S9rdUwVrDrgC8sK0rpMG93qgoGZ99BLbfWrKpD4oZw-TJkunKnB32zsvTBzJVM3Pc2iN5FrPVAw7Pe7woMJ24_FG9KgI9l4CB22TRHfuqUQDOHMPqMrlYfKGMlmxGS1KQW_qCbSCw3qXAj9E5jW_-bZshDnjsmBBlczg-f06l31O9CbeBBDxAro_o7rfJLENa25rS04n7E5yko6ycadQPCdZvlpf4KCGEAO2IzYQPjYMVa9Mqrj7XQBw0CEhh_u6PRRnoWxVSS45DUZNYITip10GC-8jhqoWLshFFtfBK8ab3KlxYXMrpGYg5g5y2kIAtnlayit1PIp37VjK-8Z3rtlhL0xMlAO7tsHRi20vL_dM3lM7tBayVoUo7BSogn9H4vwtPshFF4jjShvRqkTxRdMKAxCg_g4e-OonzWMkPP_JJYNw0-_PpZjDQS-KBX2PN7AaqAz4JPa2VQ0SdfutQ-aNb71Nz5UU2m1RyRIqWwXJnw4H2IOiqkeAt43e4vxcw7aECxQ_uf_frxszmIXbNDqYahKyrACiWFV3ZwIHQ2A2uum1n1O1LLoePzhAshQVEhIeUg0eW0rDISLaky7LGvJQ2FaYrr4RBRa1KhEFaftb8oemfi5BtNRVFgymlCWrHnfPMGlFgIhbUm5gOj1aI9y-a1sUADGBkSHQgvu_p5FGZ1V6EOBS2wPShxsy0XcGeB6aQ0qgeCKV2S8qdtImiDh6lX4OWRdfsMhJg8l9ZHk2PM7n7EiKzmwEx4LwYU-bFvqHGeQC9AC6Kby1NLXRsjDijt8X94RAdKBaZb8vmzcb6ex80jlF1CUiI5Ctt-pNxUyBdttA_OUzUyqc3KP3kWee90chMO6pKzwliYbdNLADaklvyhnM1zWV_l2l7dmeRGcf3_e2ZITTXLW1SS7UZ0-vOAXbAhyB4tj8cJLTIf4eMSctwMXB8e-SYe-WWubobfin3urxcthKbTWR0zSjyM_NYhdCFREwsb5mCiCynJi5-8UKCDwv-4-17FT7adIeTkI87YXvRrXb90jpey4i0JnkNIDP486oS9JhnaiDkVNZ_FggYTKvrb4CBuPPQleof_MfEdoXpdqH7i6HAn4tsOiu5a0ZRpYGfl_S14aAcTorKnH8-sU70bhbORGS3ZpYipEKP-xdesMkEO9X3BHQqjJpQ2LlwSdKlCpxvoCK9yQK8JojINnfIAtMe_16qCilkSZx8MdUN1iMCa7pOHjr37db5NEUIrB0eB9eNja4cqDY7b-4kpxqh8xh3xWYAXQNf8Ux0tI6FlqIauqL6Sun-nmW_TfiBa1i0dkUKTYHlBdtGny_tUUc5ZVH0ittm44UP7m8GKGJ0Eh4DVlI-hG3WEIXAT5p9c2wR2RiRCQQvuHTcL61vjykv6FQnAqEhk0168YTc2nrimra0jcZJrbgPJg2ikgg4Tl584oJjyqEko3ilXIYicIz-257YndHyCRsWKihhbQxICPA_LaP5j_-8MIP_rH1NNByFE0wevmjf20upP0wXu8VJQXc5dTIgIh9dh_E-6QC3luPDXZQtmgVGF-Ob6pwW8f7hSo5bI9XdFPphT5JRJbLAZvPhQU5eoeaGacWAG9Az9IvWRheuPaT3PG4q3J9Pdlats5Tj8PZEA66zs5hFDlL3ddw7cEg2dUlhO7lPoRONXlOkqDa4_SDOKGUOCZq9GDWyGlY2kzRgTCZHv3AQ7-CkhNStCR2mbhaGMzjUkNUeKp64_WaId2A_PGetgYBCoZp8vYHIYwM9lX0eus96M01D53k35JPtRVoAwGu3Pc9LZLV06_IeOOv5Ds3ExQnTZId9ZrWLnxe9X4Bc141-F27gTqTKO1_1PhldIpXVdDHkDTPnCN0lljhl-1Tq34n7ymp-_n6fPyS_ImYjHRROfXVdgLacJ_JybwgN3-IyxqPqsjBK3Pm8mEIK5aB10PcMqZ1dE2kie2g_dLIlVmYOQxsf4zmmVv28B7TOIHTLRZtnITDcFfpqZVhrfSgCOoPz2U756tOTicyH7MhkQb4CYr68Zd_HnNIm0jEVDx6ZhSZzFywLIoKQds9nbs0sU_lJ0eEoRew&cid=CAQSTADICaaNq63gwVf_UXSPoSvBcw9FmzMhiifhODvpL16x23wGfxIRoYNlMgQgF0tfPhH4V3lbCYDw0oa7dl59yzj7Ct0jbFjy26gFb8QYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html&ds=l&xdt=1&iif=1&cor=13741231241107968000&adk=2307692975&idt=133&cac=0&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 13:57:20 GMT content-encoding br x-content-type-options nosniff age 9136 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11602 x-xss-protection 0 server cafe etag 2362517075893974484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 29 Oct 2023 13:57:20 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame B02E	11 KB 4 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBWLCAjE3nIHYCswTtrn1xysUHTduPPvKABEK5r_Q3GcgFvJD8s3HVTJ6PXDz52Yuj2VQrXzIVpNZ6bB6AaecbKVFSmg&cry=1&dbm_d=AKAmf-B_qez_qOy1Mf3x7eyEE2o7X-OJPbDAoTqvIMYjXheiJmrp_WUsOv0cUHotzzPDGWL9NEeGBN7SbylVV2Yk9CepjA43TJpKitqfPyCOmQ1662odNxaXnT9JvHjh85EOAKf3g8cqM-aThREFBfgO3ybFgUuRWKU9im_8NR4tHb6JM9KrFTKfnB3FxPtJorcZIS-tQLM_XOgYeRCscVXEDb2fHLjpvkYsHC0Uaap-VpYEAfrm1Zj90VPoTrHNEESDZ2wMfDI1xhTkHUKpq3XL9E4VtJpQ-huFwAoUbdkbJdfIQZw94mHYo8boT53h9NOUQVNDk-o1caXrekdhokBfUfSZnwPtkju-0hdYll6bN-gbhFqjKWLHKBx8dDgeKb_9GONgr6fgzexDgd5eoSyYdOT7_l7v87r8xzugJwakG55QJOqtERbgkvOjHl4jyB8pBVDsJRTAl60V4PCkIeGlH1GrVboA0TB0CpHEaNFs8hQYiZNlc25dCN9SW9Lk7td9tJT1zOZZVcochir-l9ZrXZzOezdq9x813scARz7sU8053NpbZlAGkGvjqDpPqzxg3TvF3sV-6h5kem3gJL0pSbovFZS5kK2UP0UoVLq8NODhSAfeXiu8YUHbT2Ior62OeM28Z-3ojrjAftaQwv8opwEooJwtYrwi_3IkcCdAKn6GG3pDlyY8S-wt06sp3IKzK4vDtER-LMEp3tLH0QQnhceju-McV_f9HYUe9j-KsueV35DQWnkAyVVMQQ9qY4lyMaeyXGz-WdF6PWVoGKr91sPneOtJf0hpYn3MelfYEV2EANU52lxAMfRZSLGE2hhskPOSxgTXA62-H72JRW6-HVaEa-Z8dorj8M9N--8ZCvsXAKkfZ3MWvIv5Ny1MGOAwcWQQG8BOVxPbI4XgDQm2-GHtc1kFOzmiJoujHEkoMN6QJNU4ySgvZa0IvPRDH_kS8or423BjAQyS_khU7XqBfGgX2gYuB3F7klUFSAZf_JGFSOXniYN8hVwbVNbmlZmVfQLuMtVojy-ke7fzdM2U8ufRKuE7TCjKibVATzw-XwFtLPGphNalfuK73jEvJpFcbEKVWEtvN1WyteKn2JQtAJhQHwcSRDni-_QFjgve3De9j9mQGVI6l4R5ag_JxWnoL7MstyLocfvF6u-hWp9OmyCwo0X4domgSbtvWGUWaL_1j_Z05s4uSTHO0EG-9nEtqNOd_gJjZqV0V5Xjt_-Xxs9w9AIMC0xrAMd_b0LBO6UHAqHCFZRW6XlgN81LI1Yrw1lIj0GeXlDW3EGsfcDDFQA9R24wpd0vgAwuo2xDeP21R3adBaOw3_WSd6qCzkGomRHMVdH4smHD-vTiPeppDtNMMPvjo0A6ljeFdaQUCoEfBNjyvxoQTsHI9ojKK1SSjQG8nR1Xm4WMn4P1bz4AuS6zQEbixKLtfuUU7bhuK5kVpLKLmktv0KrUIJ2cUefNxKQr9n2FMkTNRweQOVS-BTUfDjJ0ZG9rIebWSL2VV_Tq4IIy9LiHZ7h9QGaCzcsqfCX2Pt7kCltYYGBpsuBGqKsSK5JuysT_KPfLslCs7z7WaJSdHAzJm6tXXS_gT8bzAkmNOcvuJFC6cjuT7mZjfG9is0mkzu7eGwPK5ql-XlaTmk7XYYloa0nL-qsovs0HlY_i37-0aPo_da3WcRZTNECOkg3zzs_vSzn1dvbUXxIWtnR14AEkbZoWTbC4s-zpG04VnF-HfLO-L03fRiz0gshL8XSdSAFaqdAng3qlRMB0G4GgwpF9tHAdarIP1uRxpqN1Bk4bh7xSmXY1KrUjC6b3YMtFQeKU30GYgrIJyVizC2dRKBB8n5XB8z3smcSyXcnv6fFUQCEWHWEx-yCMQGZCxgX0DTb7IBZ8S9rdUwVrDrgC8sK0rpMG93qgoGZ99BLbfWrKpD4oZw-TJkunKnB32zsvTBzJVM3Pc2iN5FrPVAw7Pe7woMJ24_FG9KgI9l4CB22TRHfuqUQDOHMPqMrlYfKGMlmxGS1KQW_qCbSCw3qXAj9E5jW_-bZshDnjsmBBlczg-f06l31O9CbeBBDxAro_o7rfJLENa25rS04n7E5yko6ycadQPCdZvlpf4KCGEAO2IzYQPjYMVa9Mqrj7XQBw0CEhh_u6PRRnoWxVSS45DUZNYITip10GC-8jhqoWLshFFtfBK8ab3KlxYXMrpGYg5g5y2kIAtnlayit1PIp37VjK-8Z3rtlhL0xMlAO7tsHRi20vL_dM3lM7tBayVoUo7BSogn9H4vwtPshFF4jjShvRqkTxRdMKAxCg_g4e-OonzWMkPP_JJYNw0-_PpZjDQS-KBX2PN7AaqAz4JPa2VQ0SdfutQ-aNb71Nz5UU2m1RyRIqWwXJnw4H2IOiqkeAt43e4vxcw7aECxQ_uf_frxszmIXbNDqYahKyrACiWFV3ZwIHQ2A2uum1n1O1LLoePzhAshQVEhIeUg0eW0rDISLaky7LGvJQ2FaYrr4RBRa1KhEFaftb8oemfi5BtNRVFgymlCWrHnfPMGlFgIhbUm5gOj1aI9y-a1sUADGBkSHQgvu_p5FGZ1V6EOBS2wPShxsy0XcGeB6aQ0qgeCKV2S8qdtImiDh6lX4OWRdfsMhJg8l9ZHk2PM7n7EiKzmwEx4LwYU-bFvqHGeQC9AC6Kby1NLXRsjDijt8X94RAdKBaZb8vmzcb6ex80jlF1CUiI5Ctt-pNxUyBdttA_OUzUyqc3KP3kWee90chMO6pKzwliYbdNLADaklvyhnM1zWV_l2l7dmeRGcf3_e2ZITTXLW1SS7UZ0-vOAXbAhyB4tj8cJLTIf4eMSctwMXB8e-SYe-WWubobfin3urxcthKbTWR0zSjyM_NYhdCFREwsb5mCiCynJi5-8UKCDwv-4-17FT7adIeTkI87YXvRrXb90jpey4i0JnkNIDP486oS9JhnaiDkVNZ_FggYTKvrb4CBuPPQleof_MfEdoXpdqH7i6HAn4tsOiu5a0ZRpYGfl_S14aAcTorKnH8-sU70bhbORGS3ZpYipEKP-xdesMkEO9X3BHQqjJpQ2LlwSdKlCpxvoCK9yQK8JojINnfIAtMe_16qCilkSZx8MdUN1iMCa7pOHjr37db5NEUIrB0eB9eNja4cqDY7b-4kpxqh8xh3xWYAXQNf8Ux0tI6FlqIauqL6Sun-nmW_TfiBa1i0dkUKTYHlBdtGny_tUUc5ZVH0ittm44UP7m8GKGJ0Eh4DVlI-hG3WEIXAT5p9c2wR2RiRCQQvuHTcL61vjykv6FQnAqEhk0168YTc2nrimra0jcZJrbgPJg2ikgg4Tl584oJjyqEko3ilXIYicIz-257YndHyCRsWKihhbQxICPA_LaP5j_-8MIP_rH1NNByFE0wevmjf20upP0wXu8VJQXc5dTIgIh9dh_E-6QC3luPDXZQtmgVGF-Ob6pwW8f7hSo5bI9XdFPphT5JRJbLAZvPhQU5eoeaGacWAG9Az9IvWRheuPaT3PG4q3J9Pdlats5Tj8PZEA66zs5hFDlL3ddw7cEg2dUlhO7lPoRONXlOkqDa4_SDOKGUOCZq9GDWyGlY2kzRgTCZHv3AQ7-CkhNStCR2mbhaGMzjUkNUeKp64_WaId2A_PGetgYBCoZp8vYHIYwM9lX0eus96M01D53k35JPtRVoAwGu3Pc9LZLV06_IeOOv5Ds3ExQnTZId9ZrWLnxe9X4Bc141-F27gTqTKO1_1PhldIpXVdDHkDTPnCN0lljhl-1Tq34n7ymp-_n6fPyS_ImYjHRROfXVdgLacJ_JybwgN3-IyxqPqsjBK3Pm8mEIK5aB10PcMqZ1dE2kie2g_dLIlVmYOQxsf4zmmVv28B7TOIHTLRZtnITDcFfpqZVhrfSgCOoPz2U756tOTicyH7MhkQb4CYr68Zd_HnNIm0jEVDx6ZhSZzFywLIoKQds9nbs0sU_lJ0eEoRew&cid=CAQSTADICaaNq63gwVf_UXSPoSvBcw9FmzMhiifhODvpL16x23wGfxIRoYNlMgQgF0tfPhH4V3lbCYDw0oa7dl59yzj7Ct0jbFjy26gFb8QYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html&ds=l&xdt=1&iif=1&cor=13741231241107968000&adk=2307692975&idt=133&cac=0&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 13:43:51 GMT content-encoding br x-content-type-options nosniff age 9945 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 29 Oct 2023 13:43:51 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B02E	0 0	99ms 54ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1BeEo7d9NPDv6L3f-d8XHOzfSxcUgBd7UufvZbnaCJeLK5Uc-QWUCe60bFv9lhaxA3aqL-7bphwMtkGD9mtx8p62xfW3-Q6qf6E9zNlaxxyzg8V468P1_hq7aBJtzXB2y4ABxqAywtFxGFP5zvsVgcjReGlkt6hc-SKn0LJTNQJEmRh6gj9F2D5IdmtqhM37N89b5Ek07ogeEG3N84zbSRQWCjGXcVKtWZ5yy2pt2nw6cQKZHI53zc9cS7jBqkD3gldW45w7LrpdyCDCyWDezjrxiPSjUgpUeQ09zP1oHejZK_QArqGyviEc2egIdQS8PcGbUrK2J3Gu7ca209zwTjCIsl6sZslbr51o86JKZSEqnL-wK8PTYIwQcaSWGXBhgth8XP2AGijYD0bfK3aA88j_1cPPptvqET5F-ys3cEZiZvI6J8vXjqsNcfZftYAHE1McTU6C6gj1Eje8kb7yVKXiueR2vWFholQD84Y7Hh_1Crpt6Xlg6D5XzleioqAGNuQQtROFkNcEtu_B1Co5d9pDlcxWnOTAFiZchVyTXyeycF_L-9xgBi-BL20Y1jqP6aMIMZml1gzDdngO897GJntP0HIqCwerln3HBpE04CVhcka_1wVJIa7IcIaNEY_C4j_h-USH2Xo-sOljcQ4R1xe89s5MJHgMhRP_QLWeMKjEFr9xSxRblqxTR-0g-mTa9F81unmvT2kFI9XK0vH2FYLa4fSm4TjtooSfL1ta0xAstJkPJYv11rVnD3HMrHdfZDkA6y690DIkIpMtr6Xzw7DXc0Ai7Nc79iVk-YE1EnKCvhlGM0Ci_finAG24_S4QngM2guGVvLMnaKSr-Bs3XEj5EGpll9g50dxsAE3vwinHANCacxxdAPGPWmDg4PzEazja_BQ1W6YccBVBt9ht24iKh941NGF2rdjJoS4LvMLZRFAdbFZIzeEDxBfS0OoVVn-IOlQVaeKKDEXktNBRqoTtG_lDNGlJwhGOQxv-9c5MBR8qTEtjDD6PzPdHq0joyqwMLVNCZ-mgWdtVTDc49esAs7gNY1G1w1d48qVX-vi3lk6O6V-Q7GoxqheQcM8ZOj_o43LN7BZ9zy4-lu-FOBEz_CqMNbneBpzB620k9HmouoYtivRilAWO-4R0H2QfniFRE-Y1siH79QMBwuUZtQB-LVEL2QTVgdakUqe5JMs6m5bhR5iKfs9ESpO3ipd7M7iJ8xormzG7-IECnw-qO6swHq8aDRnsIGQ55WKkAyKO3ZOo_JUOfJdoqLxpl6IHe2GqgcVhRLlsstlEBN8echX3jVO6TzrykYvXdQOQ_WlRH0rYRQuLx2vRpWIJFBCcylnW-tEQA4EVNpIzemkqyByjq8XMDZMZ70rRFm3sDsy7tTvT1tQnv3wC4XphLR-A-dj_BbxQx_Xs&sai=AMfl-YQfffKh7AnCaj_UsTO4jMxCuD1SKaShJZdgcKlolqK5Sn4lkhRVfoZ3NDoz_1UT4-5d0J_Tpvb96Gf14KcnCUO8MpFIS60CnfvqKXRf0qwAtemSaIamIRWlDxMWuLVlopfj1bZYXxl7gYINNiyivzJzLusQi8Jc7GSsiEzggys_3FAHaxQS4sXPL4PqIYfhz76HTE93M0JpRlaW_uQoZYnzmXZhnUB5qXg3nuccAMFXZc1KDQtK2mrjg-g-xEABDMM6invHD_NohmlOghvRawrP91T4cE1wX5pBHz4bWwo-B6phuqAK_SzHZwT3OQ&sig=Cg0ArKJSzJQGS5Q63XtwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231004.37512&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBWLCAjE3nIHYCswTtrn1xysUHTduPPvKABEK5r_Q3GcgFvJD8s3HVTJ6PXDz52Yuj2VQrXzIVpNZ6bB6AaecbKVFSmg&cry=1&dbm_d=AKAmf-B_qez_qOy1Mf3x7eyEE2o7X-OJPbDAoTqvIMYjXheiJmrp_WUsOv0cUHotzzPDGWL9NEeGBN7SbylVV2Yk9CepjA43TJpKitqfPyCOmQ1662odNxaXnT9JvHjh85EOAKf3g8cqM-aThREFBfgO3ybFgUuRWKU9im_8NR4tHb6JM9KrFTKfnB3FxPtJorcZIS-tQLM_XOgYeRCscVXEDb2fHLjpvkYsHC0Uaap-VpYEAfrm1Zj90VPoTrHNEESDZ2wMfDI1xhTkHUKpq3XL9E4VtJpQ-huFwAoUbdkbJdfIQZw94mHYo8boT53h9NOUQVNDk-o1caXrekdhokBfUfSZnwPtkju-0hdYll6bN-gbhFqjKWLHKBx8dDgeKb_9GONgr6fgzexDgd5eoSyYdOT7_l7v87r8xzugJwakG55QJOqtERbgkvOjHl4jyB8pBVDsJRTAl60V4PCkIeGlH1GrVboA0TB0CpHEaNFs8hQYiZNlc25dCN9SW9Lk7td9tJT1zOZZVcochir-l9ZrXZzOezdq9x813scARz7sU8053NpbZlAGkGvjqDpPqzxg3TvF3sV-6h5kem3gJL0pSbovFZS5kK2UP0UoVLq8NODhSAfeXiu8YUHbT2Ior62OeM28Z-3ojrjAftaQwv8opwEooJwtYrwi_3IkcCdAKn6GG3pDlyY8S-wt06sp3IKzK4vDtER-LMEp3tLH0QQnhceju-McV_f9HYUe9j-KsueV35DQWnkAyVVMQQ9qY4lyMaeyXGz-WdF6PWVoGKr91sPneOtJf0hpYn3MelfYEV2EANU52lxAMfRZSLGE2hhskPOSxgTXA62-H72JRW6-HVaEa-Z8dorj8M9N--8ZCvsXAKkfZ3MWvIv5Ny1MGOAwcWQQG8BOVxPbI4XgDQm2-GHtc1kFOzmiJoujHEkoMN6QJNU4ySgvZa0IvPRDH_kS8or423BjAQyS_khU7XqBfGgX2gYuB3F7klUFSAZf_JGFSOXniYN8hVwbVNbmlZmVfQLuMtVojy-ke7fzdM2U8ufRKuE7TCjKibVATzw-XwFtLPGphNalfuK73jEvJpFcbEKVWEtvN1WyteKn2JQtAJhQHwcSRDni-_QFjgve3De9j9mQGVI6l4R5ag_JxWnoL7MstyLocfvF6u-hWp9OmyCwo0X4domgSbtvWGUWaL_1j_Z05s4uSTHO0EG-9nEtqNOd_gJjZqV0V5Xjt_-Xxs9w9AIMC0xrAMd_b0LBO6UHAqHCFZRW6XlgN81LI1Yrw1lIj0GeXlDW3EGsfcDDFQA9R24wpd0vgAwuo2xDeP21R3adBaOw3_WSd6qCzkGomRHMVdH4smHD-vTiPeppDtNMMPvjo0A6ljeFdaQUCoEfBNjyvxoQTsHI9ojKK1SSjQG8nR1Xm4WMn4P1bz4AuS6zQEbixKLtfuUU7bhuK5kVpLKLmktv0KrUIJ2cUefNxKQr9n2FMkTNRweQOVS-BTUfDjJ0ZG9rIebWSL2VV_Tq4IIy9LiHZ7h9QGaCzcsqfCX2Pt7kCltYYGBpsuBGqKsSK5JuysT_KPfLslCs7z7WaJSdHAzJm6tXXS_gT8bzAkmNOcvuJFC6cjuT7mZjfG9is0mkzu7eGwPK5ql-XlaTmk7XYYloa0nL-qsovs0HlY_i37-0aPo_da3WcRZTNECOkg3zzs_vSzn1dvbUXxIWtnR14AEkbZoWTbC4s-zpG04VnF-HfLO-L03fRiz0gshL8XSdSAFaqdAng3qlRMB0G4GgwpF9tHAdarIP1uRxpqN1Bk4bh7xSmXY1KrUjC6b3YMtFQeKU30GYgrIJyVizC2dRKBB8n5XB8z3smcSyXcnv6fFUQCEWHWEx-yCMQGZCxgX0DTb7IBZ8S9rdUwVrDrgC8sK0rpMG93qgoGZ99BLbfWrKpD4oZw-TJkunKnB32zsvTBzJVM3Pc2iN5FrPVAw7Pe7woMJ24_FG9KgI9l4CB22TRHfuqUQDOHMPqMrlYfKGMlmxGS1KQW_qCbSCw3qXAj9E5jW_-bZshDnjsmBBlczg-f06l31O9CbeBBDxAro_o7rfJLENa25rS04n7E5yko6ycadQPCdZvlpf4KCGEAO2IzYQPjYMVa9Mqrj7XQBw0CEhh_u6PRRnoWxVSS45DUZNYITip10GC-8jhqoWLshFFtfBK8ab3KlxYXMrpGYg5g5y2kIAtnlayit1PIp37VjK-8Z3rtlhL0xMlAO7tsHRi20vL_dM3lM7tBayVoUo7BSogn9H4vwtPshFF4jjShvRqkTxRdMKAxCg_g4e-OonzWMkPP_JJYNw0-_PpZjDQS-KBX2PN7AaqAz4JPa2VQ0SdfutQ-aNb71Nz5UU2m1RyRIqWwXJnw4H2IOiqkeAt43e4vxcw7aECxQ_uf_frxszmIXbNDqYahKyrACiWFV3ZwIHQ2A2uum1n1O1LLoePzhAshQVEhIeUg0eW0rDISLaky7LGvJQ2FaYrr4RBRa1KhEFaftb8oemfi5BtNRVFgymlCWrHnfPMGlFgIhbUm5gOj1aI9y-a1sUADGBkSHQgvu_p5FGZ1V6EOBS2wPShxsy0XcGeB6aQ0qgeCKV2S8qdtImiDh6lX4OWRdfsMhJg8l9ZHk2PM7n7EiKzmwEx4LwYU-bFvqHGeQC9AC6Kby1NLXRsjDijt8X94RAdKBaZb8vmzcb6ex80jlF1CUiI5Ctt-pNxUyBdttA_OUzUyqc3KP3kWee90chMO6pKzwliYbdNLADaklvyhnM1zWV_l2l7dmeRGcf3_e2ZITTXLW1SS7UZ0-vOAXbAhyB4tj8cJLTIf4eMSctwMXB8e-SYe-WWubobfin3urxcthKbTWR0zSjyM_NYhdCFREwsb5mCiCynJi5-8UKCDwv-4-17FT7adIeTkI87YXvRrXb90jpey4i0JnkNIDP486oS9JhnaiDkVNZ_FggYTKvrb4CBuPPQleof_MfEdoXpdqH7i6HAn4tsOiu5a0ZRpYGfl_S14aAcTorKnH8-sU70bhbORGS3ZpYipEKP-xdesMkEO9X3BHQqjJpQ2LlwSdKlCpxvoCK9yQK8JojINnfIAtMe_16qCilkSZx8MdUN1iMCa7pOHjr37db5NEUIrB0eB9eNja4cqDY7b-4kpxqh8xh3xWYAXQNf8Ux0tI6FlqIauqL6Sun-nmW_TfiBa1i0dkUKTYHlBdtGny_tUUc5ZVH0ittm44UP7m8GKGJ0Eh4DVlI-hG3WEIXAT5p9c2wR2RiRCQQvuHTcL61vjykv6FQnAqEhk0168YTc2nrimra0jcZJrbgPJg2ikgg4Tl584oJjyqEko3ilXIYicIz-257YndHyCRsWKihhbQxICPA_LaP5j_-8MIP_rH1NNByFE0wevmjf20upP0wXu8VJQXc5dTIgIh9dh_E-6QC3luPDXZQtmgVGF-Ob6pwW8f7hSo5bI9XdFPphT5JRJbLAZvPhQU5eoeaGacWAG9Az9IvWRheuPaT3PG4q3J9Pdlats5Tj8PZEA66zs5hFDlL3ddw7cEg2dUlhO7lPoRONXlOkqDa4_SDOKGUOCZq9GDWyGlY2kzRgTCZHv3AQ7-CkhNStCR2mbhaGMzjUkNUeKp64_WaId2A_PGetgYBCoZp8vYHIYwM9lX0eus96M01D53k35JPtRVoAwGu3Pc9LZLV06_IeOOv5Ds3ExQnTZId9ZrWLnxe9X4Bc141-F27gTqTKO1_1PhldIpXVdDHkDTPnCN0lljhl-1Tq34n7ymp-_n6fPyS_ImYjHRROfXVdgLacJ_JybwgN3-IyxqPqsjBK3Pm8mEIK5aB10PcMqZ1dE2kie2g_dLIlVmYOQxsf4zmmVv28B7TOIHTLRZtnITDcFfpqZVhrfSgCOoPz2U756tOTicyH7MhkQb4CYr68Zd_HnNIm0jEVDx6ZhSZzFywLIoKQds9nbs0sU_lJ0eEoRew&cid=CAQSTADICaaNq63gwVf_UXSPoSvBcw9FmzMhiifhODvpL16x23wGfxIRoYNlMgQgF0tfPhH4V3lbCYDw0oa7dl59yzj7Ct0jbFjy26gFb8QYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html&ds=l&xdt=1&iif=1&cor=13741231241107968000&adk=2307692975&idt=133&cac=0&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B02E	41 KB 14 KB	13ms 11ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBWLCAjE3nIHYCswTtrn1xysUHTduPPvKABEK5r_Q3GcgFvJD8s3HVTJ6PXDz52Yuj2VQrXzIVpNZ6bB6AaecbKVFSmg&cry=1&dbm_d=AKAmf-B_qez_qOy1Mf3x7eyEE2o7X-OJPbDAoTqvIMYjXheiJmrp_WUsOv0cUHotzzPDGWL9NEeGBN7SbylVV2Yk9CepjA43TJpKitqfPyCOmQ1662odNxaXnT9JvHjh85EOAKf3g8cqM-aThREFBfgO3ybFgUuRWKU9im_8NR4tHb6JM9KrFTKfnB3FxPtJorcZIS-tQLM_XOgYeRCscVXEDb2fHLjpvkYsHC0Uaap-VpYEAfrm1Zj90VPoTrHNEESDZ2wMfDI1xhTkHUKpq3XL9E4VtJpQ-huFwAoUbdkbJdfIQZw94mHYo8boT53h9NOUQVNDk-o1caXrekdhokBfUfSZnwPtkju-0hdYll6bN-gbhFqjKWLHKBx8dDgeKb_9GONgr6fgzexDgd5eoSyYdOT7_l7v87r8xzugJwakG55QJOqtERbgkvOjHl4jyB8pBVDsJRTAl60V4PCkIeGlH1GrVboA0TB0CpHEaNFs8hQYiZNlc25dCN9SW9Lk7td9tJT1zOZZVcochir-l9ZrXZzOezdq9x813scARz7sU8053NpbZlAGkGvjqDpPqzxg3TvF3sV-6h5kem3gJL0pSbovFZS5kK2UP0UoVLq8NODhSAfeXiu8YUHbT2Ior62OeM28Z-3ojrjAftaQwv8opwEooJwtYrwi_3IkcCdAKn6GG3pDlyY8S-wt06sp3IKzK4vDtER-LMEp3tLH0QQnhceju-McV_f9HYUe9j-KsueV35DQWnkAyVVMQQ9qY4lyMaeyXGz-WdF6PWVoGKr91sPneOtJf0hpYn3MelfYEV2EANU52lxAMfRZSLGE2hhskPOSxgTXA62-H72JRW6-HVaEa-Z8dorj8M9N--8ZCvsXAKkfZ3MWvIv5Ny1MGOAwcWQQG8BOVxPbI4XgDQm2-GHtc1kFOzmiJoujHEkoMN6QJNU4ySgvZa0IvPRDH_kS8or423BjAQyS_khU7XqBfGgX2gYuB3F7klUFSAZf_JGFSOXniYN8hVwbVNbmlZmVfQLuMtVojy-ke7fzdM2U8ufRKuE7TCjKibVATzw-XwFtLPGphNalfuK73jEvJpFcbEKVWEtvN1WyteKn2JQtAJhQHwcSRDni-_QFjgve3De9j9mQGVI6l4R5ag_JxWnoL7MstyLocfvF6u-hWp9OmyCwo0X4domgSbtvWGUWaL_1j_Z05s4uSTHO0EG-9nEtqNOd_gJjZqV0V5Xjt_-Xxs9w9AIMC0xrAMd_b0LBO6UHAqHCFZRW6XlgN81LI1Yrw1lIj0GeXlDW3EGsfcDDFQA9R24wpd0vgAwuo2xDeP21R3adBaOw3_WSd6qCzkGomRHMVdH4smHD-vTiPeppDtNMMPvjo0A6ljeFdaQUCoEfBNjyvxoQTsHI9ojKK1SSjQG8nR1Xm4WMn4P1bz4AuS6zQEbixKLtfuUU7bhuK5kVpLKLmktv0KrUIJ2cUefNxKQr9n2FMkTNRweQOVS-BTUfDjJ0ZG9rIebWSL2VV_Tq4IIy9LiHZ7h9QGaCzcsqfCX2Pt7kCltYYGBpsuBGqKsSK5JuysT_KPfLslCs7z7WaJSdHAzJm6tXXS_gT8bzAkmNOcvuJFC6cjuT7mZjfG9is0mkzu7eGwPK5ql-XlaTmk7XYYloa0nL-qsovs0HlY_i37-0aPo_da3WcRZTNECOkg3zzs_vSzn1dvbUXxIWtnR14AEkbZoWTbC4s-zpG04VnF-HfLO-L03fRiz0gshL8XSdSAFaqdAng3qlRMB0G4GgwpF9tHAdarIP1uRxpqN1Bk4bh7xSmXY1KrUjC6b3YMtFQeKU30GYgrIJyVizC2dRKBB8n5XB8z3smcSyXcnv6fFUQCEWHWEx-yCMQGZCxgX0DTb7IBZ8S9rdUwVrDrgC8sK0rpMG93qgoGZ99BLbfWrKpD4oZw-TJkunKnB32zsvTBzJVM3Pc2iN5FrPVAw7Pe7woMJ24_FG9KgI9l4CB22TRHfuqUQDOHMPqMrlYfKGMlmxGS1KQW_qCbSCw3qXAj9E5jW_-bZshDnjsmBBlczg-f06l31O9CbeBBDxAro_o7rfJLENa25rS04n7E5yko6ycadQPCdZvlpf4KCGEAO2IzYQPjYMVa9Mqrj7XQBw0CEhh_u6PRRnoWxVSS45DUZNYITip10GC-8jhqoWLshFFtfBK8ab3KlxYXMrpGYg5g5y2kIAtnlayit1PIp37VjK-8Z3rtlhL0xMlAO7tsHRi20vL_dM3lM7tBayVoUo7BSogn9H4vwtPshFF4jjShvRqkTxRdMKAxCg_g4e-OonzWMkPP_JJYNw0-_PpZjDQS-KBX2PN7AaqAz4JPa2VQ0SdfutQ-aNb71Nz5UU2m1RyRIqWwXJnw4H2IOiqkeAt43e4vxcw7aECxQ_uf_frxszmIXbNDqYahKyrACiWFV3ZwIHQ2A2uum1n1O1LLoePzhAshQVEhIeUg0eW0rDISLaky7LGvJQ2FaYrr4RBRa1KhEFaftb8oemfi5BtNRVFgymlCWrHnfPMGlFgIhbUm5gOj1aI9y-a1sUADGBkSHQgvu_p5FGZ1V6EOBS2wPShxsy0XcGeB6aQ0qgeCKV2S8qdtImiDh6lX4OWRdfsMhJg8l9ZHk2PM7n7EiKzmwEx4LwYU-bFvqHGeQC9AC6Kby1NLXRsjDijt8X94RAdKBaZb8vmzcb6ex80jlF1CUiI5Ctt-pNxUyBdttA_OUzUyqc3KP3kWee90chMO6pKzwliYbdNLADaklvyhnM1zWV_l2l7dmeRGcf3_e2ZITTXLW1SS7UZ0-vOAXbAhyB4tj8cJLTIf4eMSctwMXB8e-SYe-WWubobfin3urxcthKbTWR0zSjyM_NYhdCFREwsb5mCiCynJi5-8UKCDwv-4-17FT7adIeTkI87YXvRrXb90jpey4i0JnkNIDP486oS9JhnaiDkVNZ_FggYTKvrb4CBuPPQleof_MfEdoXpdqH7i6HAn4tsOiu5a0ZRpYGfl_S14aAcTorKnH8-sU70bhbORGS3ZpYipEKP-xdesMkEO9X3BHQqjJpQ2LlwSdKlCpxvoCK9yQK8JojINnfIAtMe_16qCilkSZx8MdUN1iMCa7pOHjr37db5NEUIrB0eB9eNja4cqDY7b-4kpxqh8xh3xWYAXQNf8Ux0tI6FlqIauqL6Sun-nmW_TfiBa1i0dkUKTYHlBdtGny_tUUc5ZVH0ittm44UP7m8GKGJ0Eh4DVlI-hG3WEIXAT5p9c2wR2RiRCQQvuHTcL61vjykv6FQnAqEhk0168YTc2nrimra0jcZJrbgPJg2ikgg4Tl584oJjyqEko3ilXIYicIz-257YndHyCRsWKihhbQxICPA_LaP5j_-8MIP_rH1NNByFE0wevmjf20upP0wXu8VJQXc5dTIgIh9dh_E-6QC3luPDXZQtmgVGF-Ob6pwW8f7hSo5bI9XdFPphT5JRJbLAZvPhQU5eoeaGacWAG9Az9IvWRheuPaT3PG4q3J9Pdlats5Tj8PZEA66zs5hFDlL3ddw7cEg2dUlhO7lPoRONXlOkqDa4_SDOKGUOCZq9GDWyGlY2kzRgTCZHv3AQ7-CkhNStCR2mbhaGMzjUkNUeKp64_WaId2A_PGetgYBCoZp8vYHIYwM9lX0eus96M01D53k35JPtRVoAwGu3Pc9LZLV06_IeOOv5Ds3ExQnTZId9ZrWLnxe9X4Bc141-F27gTqTKO1_1PhldIpXVdDHkDTPnCN0lljhl-1Tq34n7ymp-_n6fPyS_ImYjHRROfXVdgLacJ_JybwgN3-IyxqPqsjBK3Pm8mEIK5aB10PcMqZ1dE2kie2g_dLIlVmYOQxsf4zmmVv28B7TOIHTLRZtnITDcFfpqZVhrfSgCOoPz2U756tOTicyH7MhkQb4CYr68Zd_HnNIm0jEVDx6ZhSZzFywLIoKQds9nbs0sU_lJ0eEoRew&cid=CAQSTADICaaNq63gwVf_UXSPoSvBcw9FmzMhiifhODvpL16x23wGfxIRoYNlMgQgF0tfPhH4V3lbCYDw0oa7dl59yzj7Ct0jbFjy26gFb8QYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html&ds=l&xdt=1&iif=1&cor=13741231241107968000&adk=2307692975&idt=133&cac=0&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 12:26:28 GMT content-encoding br x-content-type-options nosniff age 273788 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 12:26:28 GMT
GET H2	200	11460497065199060881 s0.2mdn.net/simgad/ Frame B02E	36 KB 37 KB	44ms 7ms	Image image/jpeg	2a00:1450:4001:806::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/11460497065199060881 Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e6381f48465d62d77740da863cbad6f2680cf83f45878269c88fce14dba8dff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 11 Oct 2023 07:51:35 GMT x-content-type-options nosniff age 376681 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37282 x-xss-protection 0 last-modified Tue, 19 Sep 2023 08:38:38 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 10 Oct 2024 07:51:35 GMT
GET DATA	200 OK	truncated / Frame B02E	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa50b8351c6261af1ea3f45b08c0acfc18a7d793666ba849081d4608c550a606 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B02E	0 0	47ms 46ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1BeEo7d9NPDv6L3f-d8XHOzfSxcUgBd7UufvZbnaCJeLK5Uc-QWUCe60bFv9lhaxA3aqL-7bphwMtkGD9mtx8p62xfW3-Q6qf6E9zNlaxxyzg8V468P1_hq7aBJtzXB2y4ABxqAywtFxGFP5zvsVgcjReGlkt6hc-SKn0LJTNQJEmRh6gj9F2D5IdmtqhM37N89b5Ek07ogeEG3N84zbSRQWCjGXcVKtWZ5yy2pt2nw6cQKZHI53zc9cS7jBqkD3gldW45w7LrpdyCDCyWDezjrxiPSjUgpUeQ09zP1oHejZK_QArqGyviEc2egIdQS8PcGbUrK2J3Gu7ca209zwTjCIsl6sZslbr51o86JKZSEqnL-wK8PTYIwQcaSWGXBhgth8XP2AGijYD0bfK3aA88j_1cPPptvqET5F-ys3cEZiZvI6J8vXjqsNcfZftYAHE1McTU6C6gj1Eje8kb7yVKXiueR2vWFholQD84Y7Hh_1Crpt6Xlg6D5XzleioqAGNuQQtROFkNcEtu_B1Co5d9pDlcxWnOTAFiZchVyTXyeycF_L-9xgBi-BL20Y1jqP6aMIMZml1gzDdngO897GJntP0HIqCwerln3HBpE04CVhcka_1wVJIa7IcIaNEY_C4j_h-USH2Xo-sOljcQ4R1xe89s5MJHgMhRP_QLWeMKjEFr9xSxRblqxTR-0g-mTa9F81unmvT2kFI9XK0vH2FYLa4fSm4TjtooSfL1ta0xAstJkPJYv11rVnD3HMrHdfZDkA6y690DIkIpMtr6Xzw7DXc0Ai7Nc79iVk-YE1EnKCvhlGM0Ci_finAG24_S4QngM2guGVvLMnaKSr-Bs3XEj5EGpll9g50dxsAE3vwinHANCacxxdAPGPWmDg4PzEazja_BQ1W6YccBVBt9ht24iKh941NGF2rdjJoS4LvMLZRFAdbFZIzeEDxBfS0OoVVn-IOlQVaeKKDEXktNBRqoTtG_lDNGlJwhGOQxv-9c5MBR8qTEtjDD6PzPdHq0joyqwMLVNCZ-mgWdtVTDc49esAs7gNY1G1w1d48qVX-vi3lk6O6V-Q7GoxqheQcM8ZOj_o43LN7BZ9zy4-lu-FOBEz_CqMNbneBpzB620k9HmouoYtivRilAWO-4R0H2QfniFRE-Y1siH79QMBwuUZtQB-LVEL2QTVgdakUqe5JMs6m5bhR5iKfs9ESpO3ipd7M7iJ8xormzG7-IECnw-qO6swHq8aDRnsIGQ55WKkAyKO3ZOo_JUOfJdoqLxpl6IHe2GqgcVhRLlsstlEBN8echX3jVO6TzrykYvXdQOQ_WlRH0rYRQuLx2vRpWIJFBCcylnW-tEQA4EVNpIzemkqyByjq8XMDZMZ70rRFm3sDsy7tTvT1tQnv3wC4XphLR-A-dj_BbxQx_Xs&sai=AMfl-YQfffKh7AnCaj_UsTO4jMxCuD1SKaShJZdgcKlolqK5Sn4lkhRVfoZ3NDoz_1UT4-5d0J_Tpvb96Gf14KcnCUO8MpFIS60CnfvqKXRf0qwAtemSaIamIRWlDxMWuLVlopfj1bZYXxl7gYINNiyivzJzLusQi8Jc7GSsiEzggys_3FAHaxQS4sXPL4PqIYfhz76HTE93M0JpRlaW_uQoZYnzmXZhnUB5qXg3nuccAMFXZc1KDQtK2mrjg-g-xEABDMM6invHD_NohmlOghvRawrP91T4cE1wX5pBHz4bWwo-B6phuqAK_SzHZwT3OQ&sig=Cg0ArKJSzJQGS5Q63XtwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=62&vt=11&dtpt=60&dett=2&cstd=0&cisv=r20231004.37512&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBWLCAjE3nIHYCswTtrn1xysUHTduPPvKABEK5r_Q3GcgFvJD8s3HVTJ6PXDz52Yuj2VQrXzIVpNZ6bB6AaecbKVFSmg&cry=1&dbm_d=AKAmf-B_qez_qOy1Mf3x7eyEE2o7X-OJPbDAoTqvIMYjXheiJmrp_WUsOv0cUHotzzPDGWL9NEeGBN7SbylVV2Yk9CepjA43TJpKitqfPyCOmQ1662odNxaXnT9JvHjh85EOAKf3g8cqM-aThREFBfgO3ybFgUuRWKU9im_8NR4tHb6JM9KrFTKfnB3FxPtJorcZIS-tQLM_XOgYeRCscVXEDb2fHLjpvkYsHC0Uaap-VpYEAfrm1Zj90VPoTrHNEESDZ2wMfDI1xhTkHUKpq3XL9E4VtJpQ-huFwAoUbdkbJdfIQZw94mHYo8boT53h9NOUQVNDk-o1caXrekdhokBfUfSZnwPtkju-0hdYll6bN-gbhFqjKWLHKBx8dDgeKb_9GONgr6fgzexDgd5eoSyYdOT7_l7v87r8xzugJwakG55QJOqtERbgkvOjHl4jyB8pBVDsJRTAl60V4PCkIeGlH1GrVboA0TB0CpHEaNFs8hQYiZNlc25dCN9SW9Lk7td9tJT1zOZZVcochir-l9ZrXZzOezdq9x813scARz7sU8053NpbZlAGkGvjqDpPqzxg3TvF3sV-6h5kem3gJL0pSbovFZS5kK2UP0UoVLq8NODhSAfeXiu8YUHbT2Ior62OeM28Z-3ojrjAftaQwv8opwEooJwtYrwi_3IkcCdAKn6GG3pDlyY8S-wt06sp3IKzK4vDtER-LMEp3tLH0QQnhceju-McV_f9HYUe9j-KsueV35DQWnkAyVVMQQ9qY4lyMaeyXGz-WdF6PWVoGKr91sPneOtJf0hpYn3MelfYEV2EANU52lxAMfRZSLGE2hhskPOSxgTXA62-H72JRW6-HVaEa-Z8dorj8M9N--8ZCvsXAKkfZ3MWvIv5Ny1MGOAwcWQQG8BOVxPbI4XgDQm2-GHtc1kFOzmiJoujHEkoMN6QJNU4ySgvZa0IvPRDH_kS8or423BjAQyS_khU7XqBfGgX2gYuB3F7klUFSAZf_JGFSOXniYN8hVwbVNbmlZmVfQLuMtVojy-ke7fzdM2U8ufRKuE7TCjKibVATzw-XwFtLPGphNalfuK73jEvJpFcbEKVWEtvN1WyteKn2JQtAJhQHwcSRDni-_QFjgve3De9j9mQGVI6l4R5ag_JxWnoL7MstyLocfvF6u-hWp9OmyCwo0X4domgSbtvWGUWaL_1j_Z05s4uSTHO0EG-9nEtqNOd_gJjZqV0V5Xjt_-Xxs9w9AIMC0xrAMd_b0LBO6UHAqHCFZRW6XlgN81LI1Yrw1lIj0GeXlDW3EGsfcDDFQA9R24wpd0vgAwuo2xDeP21R3adBaOw3_WSd6qCzkGomRHMVdH4smHD-vTiPeppDtNMMPvjo0A6ljeFdaQUCoEfBNjyvxoQTsHI9ojKK1SSjQG8nR1Xm4WMn4P1bz4AuS6zQEbixKLtfuUU7bhuK5kVpLKLmktv0KrUIJ2cUefNxKQr9n2FMkTNRweQOVS-BTUfDjJ0ZG9rIebWSL2VV_Tq4IIy9LiHZ7h9QGaCzcsqfCX2Pt7kCltYYGBpsuBGqKsSK5JuysT_KPfLslCs7z7WaJSdHAzJm6tXXS_gT8bzAkmNOcvuJFC6cjuT7mZjfG9is0mkzu7eGwPK5ql-XlaTmk7XYYloa0nL-qsovs0HlY_i37-0aPo_da3WcRZTNECOkg3zzs_vSzn1dvbUXxIWtnR14AEkbZoWTbC4s-zpG04VnF-HfLO-L03fRiz0gshL8XSdSAFaqdAng3qlRMB0G4GgwpF9tHAdarIP1uRxpqN1Bk4bh7xSmXY1KrUjC6b3YMtFQeKU30GYgrIJyVizC2dRKBB8n5XB8z3smcSyXcnv6fFUQCEWHWEx-yCMQGZCxgX0DTb7IBZ8S9rdUwVrDrgC8sK0rpMG93qgoGZ99BLbfWrKpD4oZw-TJkunKnB32zsvTBzJVM3Pc2iN5FrPVAw7Pe7woMJ24_FG9KgI9l4CB22TRHfuqUQDOHMPqMrlYfKGMlmxGS1KQW_qCbSCw3qXAj9E5jW_-bZshDnjsmBBlczg-f06l31O9CbeBBDxAro_o7rfJLENa25rS04n7E5yko6ycadQPCdZvlpf4KCGEAO2IzYQPjYMVa9Mqrj7XQBw0CEhh_u6PRRnoWxVSS45DUZNYITip10GC-8jhqoWLshFFtfBK8ab3KlxYXMrpGYg5g5y2kIAtnlayit1PIp37VjK-8Z3rtlhL0xMlAO7tsHRi20vL_dM3lM7tBayVoUo7BSogn9H4vwtPshFF4jjShvRqkTxRdMKAxCg_g4e-OonzWMkPP_JJYNw0-_PpZjDQS-KBX2PN7AaqAz4JPa2VQ0SdfutQ-aNb71Nz5UU2m1RyRIqWwXJnw4H2IOiqkeAt43e4vxcw7aECxQ_uf_frxszmIXbNDqYahKyrACiWFV3ZwIHQ2A2uum1n1O1LLoePzhAshQVEhIeUg0eW0rDISLaky7LGvJQ2FaYrr4RBRa1KhEFaftb8oemfi5BtNRVFgymlCWrHnfPMGlFgIhbUm5gOj1aI9y-a1sUADGBkSHQgvu_p5FGZ1V6EOBS2wPShxsy0XcGeB6aQ0qgeCKV2S8qdtImiDh6lX4OWRdfsMhJg8l9ZHk2PM7n7EiKzmwEx4LwYU-bFvqHGeQC9AC6Kby1NLXRsjDijt8X94RAdKBaZb8vmzcb6ex80jlF1CUiI5Ctt-pNxUyBdttA_OUzUyqc3KP3kWee90chMO6pKzwliYbdNLADaklvyhnM1zWV_l2l7dmeRGcf3_e2ZITTXLW1SS7UZ0-vOAXbAhyB4tj8cJLTIf4eMSctwMXB8e-SYe-WWubobfin3urxcthKbTWR0zSjyM_NYhdCFREwsb5mCiCynJi5-8UKCDwv-4-17FT7adIeTkI87YXvRrXb90jpey4i0JnkNIDP486oS9JhnaiDkVNZ_FggYTKvrb4CBuPPQleof_MfEdoXpdqH7i6HAn4tsOiu5a0ZRpYGfl_S14aAcTorKnH8-sU70bhbORGS3ZpYipEKP-xdesMkEO9X3BHQqjJpQ2LlwSdKlCpxvoCK9yQK8JojINnfIAtMe_16qCilkSZx8MdUN1iMCa7pOHjr37db5NEUIrB0eB9eNja4cqDY7b-4kpxqh8xh3xWYAXQNf8Ux0tI6FlqIauqL6Sun-nmW_TfiBa1i0dkUKTYHlBdtGny_tUUc5ZVH0ittm44UP7m8GKGJ0Eh4DVlI-hG3WEIXAT5p9c2wR2RiRCQQvuHTcL61vjykv6FQnAqEhk0168YTc2nrimra0jcZJrbgPJg2ikgg4Tl584oJjyqEko3ilXIYicIz-257YndHyCRsWKihhbQxICPA_LaP5j_-8MIP_rH1NNByFE0wevmjf20upP0wXu8VJQXc5dTIgIh9dh_E-6QC3luPDXZQtmgVGF-Ob6pwW8f7hSo5bI9XdFPphT5JRJbLAZvPhQU5eoeaGacWAG9Az9IvWRheuPaT3PG4q3J9Pdlats5Tj8PZEA66zs5hFDlL3ddw7cEg2dUlhO7lPoRONXlOkqDa4_SDOKGUOCZq9GDWyGlY2kzRgTCZHv3AQ7-CkhNStCR2mbhaGMzjUkNUeKp64_WaId2A_PGetgYBCoZp8vYHIYwM9lX0eus96M01D53k35JPtRVoAwGu3Pc9LZLV06_IeOOv5Ds3ExQnTZId9ZrWLnxe9X4Bc141-F27gTqTKO1_1PhldIpXVdDHkDTPnCN0lljhl-1Tq34n7ymp-_n6fPyS_ImYjHRROfXVdgLacJ_JybwgN3-IyxqPqsjBK3Pm8mEIK5aB10PcMqZ1dE2kie2g_dLIlVmYOQxsf4zmmVv28B7TOIHTLRZtnITDcFfpqZVhrfSgCOoPz2U756tOTicyH7MhkQb4CYr68Zd_HnNIm0jEVDx6ZhSZzFywLIoKQds9nbs0sU_lJ0eEoRew&cid=CAQSTADICaaNq63gwVf_UXSPoSvBcw9FmzMhiifhODvpL16x23wGfxIRoYNlMgQgF0tfPhH4V3lbCYDw0oa7dl59yzj7Ct0jbFjy26gFb8QYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html&ds=l&xdt=1&iif=1&cor=13741231241107968000&adk=2307692975&idt=133&cac=0&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 52C4	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 204648 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 13 Oct 2023 07:38:48 GMT expires Sat, 12 Oct 2024 07:38:48 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B02E	0 20 B	150ms 150ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=Biq2EcBMsZbidIbbB9u8Pifa6kAYAAAAAOAHgBAI Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Show response pagead2.googlesyndication.com/bg/ Frame 52C4	37 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 11 Oct 2023 22:08:51 GMT content-encoding br x-content-type-options nosniff age 325245 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14689 x-xss-protection 0 last-modified Tue, 10 Oct 2023 07:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Oct 2024 22:08:51 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012309290141000/ Frame F724	196 KB 56 KB	49ms 8ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:48 GMT age 429348 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56111 x-xss-protection 0 server sffe etag "196a98f213e9af2a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:48 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame F724	15 KB 5 KB	66ms 26ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:48 GMT age 429348 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:48 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame F724	94 KB 28 KB	61ms 21ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:48 GMT age 429348 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:48 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame F724	5 KB 2 KB	64ms 25ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:48 GMT age 429348 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:48 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012309290141000/v0/ Frame F724	40 KB 13 KB	59ms 20ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 17:13:48 GMT age 429348 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 17:13:48 GMT
GET H2	200	css fonts.googleapis.com/ Frame F724	4 KB 1 KB	43ms 21ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 15 Oct 2023 16:29:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 15 Oct 2023 16:18:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 15 Oct 2023 16:29:36 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame F724	2 KB 2 KB	10ms 9ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 00:18:28 GMT x-content-type-options nosniff server cafe age 58268 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Mon, 16 Oct 2023 00:18:28 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame F724	295 B 319 B	9ms 8ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 15:21:19 GMT x-content-type-options nosniff server cafe age 4097 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Mon, 16 Oct 2023 15:21:19 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/8713707925352896608/ Frame F724	15 KB 15 KB	13ms 13ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8713707925352896608/14763004658117789537?w=400&h=209&tw=1&q=75 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 943e7e5161b09ca2a631446c62d23eaac0b3e851987d130b87e3ed09f6256ce3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 10 Oct 2023 07:28:45 GMT x-content-type-options nosniff age 464451 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14876 x-xss-protection 0 last-modified Thu, 30 Jun 2022 19:07:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 09 Oct 2024 07:28:45 GMT
GET DATA	200 OK	truncated / Frame F724	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame F724	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cb75e6efa638c440ee8507e453f73d348b7f9490338b01cc04d520a676a36bc9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 52C4	0 20 B	155ms 155ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Biq2EcBMsZbidIbbB9u8Pifa6kAYAAAAAOAHgBAI&bg=!XV6lXhHNAAZy-tsgUvo7ADQBe5WfOJoGrOWLJJ8p_A6uKPURUdGGB3JKwrKPcw-jv02ZOqPKcN6gWMGNK8hIFgJUaBqaAgAAAGJSAAAACGgBB5kDn1PCHpcT-GrG4BwOYSlA230l5x4qlUIRylb4T4mS8cUrLEZoq993u9nZnX8YDQsYqznsE29UiwaC-CQIjb-1fEVA7hPJOoMlShM1IYCS2iZCVpkD2RjKabCKlNwjebxc343JnblD-cCMDQ4RoCfmlvF4dngqL-wL_yEzd999HTzE99Jnz_cAU52_0o-ZAnJtoJBsbMZFEieiZh14N2qUdfJruRH8GEkEe1v5oUB6bWrj3P-C3rj_zcZ-7tNQ1Ox5z75Rzq1LGKcOTZ6vyi4HN1JsMhEHYi4SkpMA38NYQgrN-_Kz6gN7WBDxxOnIejSe7UghMAtmIJqhwY3LyF5onhdr2mXHAyos2p8DWD_cTzS-ih2YoMaLpWY10GYd_Ot3gTi1vsSPMkFcVn-_lhhWwZ7n9kCHJj2pfAB0UyM_6uImInAK87YNB1zQC4XqbsSU9cRSAkW9Dw4tFIoMWBScZ6fZ8GXYwbq0aeFsSSMnJkXcmxMhYjyjsOE2BRQntD3WFLOy0a23QAGO2defmDnQlSkLH6xHzy8RJSvS09cnz7aDFOB1N1__H12CI9uLIwn0lijGb7SopUsjyLgE7kY8CVZYP8-X7bv4WDIwsM_Ln7bfNeXhDFuOfRe8kLu1iF1CLPOJcBjARI22zCzFay2Gfn5xGr_z2P6msOvtP5dh6G8ijKWkO2VZzxDK8nk_pXvSt94QnCXei87D5T0_8zchXw6iWegeqxIEGm_ey071iLgFgxE7JVfo6F0YtfTfo3AJ-CaMmhNfh4L6ETKf-By2v1VJ7v4R3ffzyyMgMeQuvGn88n7BOZzR6-kwgnOyNrYKJfvjkBEUVwNvvWwYlDlQwoRyjXDW1Xj3lBYWY9cd5EaBuGJCUJWC7Ks13we67AEhKYBBil86uOsXo_6f0Yktn5hUxCyWaNzA9N62PHGlDh70FPodIjpJCBTN8wzVo9DgHKRCy2RVrbOodALs_pB-TyPmDzqsPfAnoVwEsagGTIKqH1d_QcMoaLmpb2jhKTPdqwk8FVI9Zam5xDx9JHMZtCQ3852T5BWHyc9ay4-8kY6cAyr0swSi2eaDI68P-xFrV_BMJixeReTMtYVIiuXfq2-olbxDZ7dDaAg9lJAIulpR3fXD-9WCJ5eHslwZz8Y8rg2ZyzFo8QFMEZVbxv36dpocro8sZfC6UjH38IqV0MfiLRIBHv-tg7Q2XcKNg4hO4COY5b9JDleNEAdi5BvuSA Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame F724	16 KB 16 KB	29ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://en-in.obnews.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:20:08 GMT x-content-type-options nosniff age 252568 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 18:20:08 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame F724	15 KB 15 KB	29ms 9ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://en-in.obnews.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 04:06:52 GMT x-content-type-options nosniff age 217364 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Oct 2024 04:06:52 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	74ms 60ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310090101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e355553893bc4476c4edb66cb37b286097f7fbb9bbb10305e2e0d691f8608b1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12069 x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame F724	0 0	55ms 55ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C4vgWcBMsZfzUEtTugQe1vbXAD_ng-4tz1O69-c8RvMPU9YwcEAEgzufKlwFgleKQgqAHoAG62-OYA8gBCeACAKgDAcgDCqoEoQNP0OdQBdEmJ6C4RcFOLQjUpR-W0YfgGkkw0rupUDQm5ygK04UruYW1JxHr4sgAjgIDLw3W7aAH4YAP_0WDPzbe571M9NJ2bMHdiDzwjtiDnqDtxt873AVxl1KzLqJuVsbexEhGULEgix-yqbAm32Tok7pCln3jiMeKUERUVaE9VvRnfVwCACSv6l6z16isbTyKrrL4bhwobjfWCQ1Muoqyh3jLG05pf0HPtLKjFkjUk-SCc-iKWV34qoysFJzkCcMSxaEeel32j3HK1vBQAWms79xuEBwAe-Kka5OLhxXeyb2Sg0qX3rSrBIlt7gUWFW9ldpImulglvUj7SGUV2xq-yH9ybQIjaHiAexzdiU9On1YzLFSvT4euSYqk5VcKDpzSdlw2G0EBejqXIC1s40CP7BPqpEQyWH93yjMNtNWHE3ouGg_Ju5bXbh9GluOV6QvWISQHSU1L06zCNE9s1OSLYfQnTzQ3yfQbry3ixEu-o9sXr49LZB01j0vjMwFTRvTRhkljuFOIZ5YZQytVyYQBm_N96DfrUnVB5VfU-ptlCmHABLL947DtA-AEAYgF75Wz4kCSBQQIBBgBkgUECAUYBKAGLoAHrqScZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEOSvhwHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgmhAWh0dHBzOi8vd3d3LmluZnJhZ2lzdGljcy5jb20vcHJvZHVjdHMvaWduaXRlLXVpLWJsYXpvcj91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249aWduaXRlLXVpLWJsYXpvciZ1dG1fdGVybT1nZXJtYW55LWRpc3BsYXktY2hhcnRzLWxtLW5ldy0yMy4xgAoDyAsB4g0TCN_V3dy8-IEDFVR34AodtV4N-NgTDYgUAdAVAZgWAYAXAbIXHwodCAASFHB1Yi0xOTEyMTYxNTM3MTQ2ODQyGIDxjAE&sigh=-upZh5MEb3E&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNc1lt7FfvgmaM2wXxE01jUBLDD2dx27nQGb4tEvYtfhW4A0wMfbgb6MsPgBSczeeSTaZN80y0mKMbwPYqd8uf0bpVtl9vlxgB&template_id=5000&cbvp=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H2	200	happy.png www.vilykke.com/image/	14 KB 13 KB	22ms 20ms	Image image/png	3.162.38.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vilykke.com/image/happy.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.38.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-38-56.cdg52.r.cloudfront.net Software / Resource Hash 91f31774a1b3ccee9225560658adf3ae5db0d97e9a63b633287a97a9dfd8c132 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 01:41:16 GMT content-encoding br via 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront) last-modified Mon, 24 Apr 2023 03:19:26 GMT x-amz-cf-pop CDG52-P6 age 53300 etag W/"6445f53e-3748" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png x-amz-cf-id isJBT2qQnwMZqr3js0osiB0HhyDM8XS6ap9FETo88sXyA8h1MfEblA==
GET H2	200	love.png www.vilykke.com/image/	15 KB 14 KB	22ms 21ms	Image image/png	3.162.38.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vilykke.com/image/love.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.38.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-38-56.cdg52.r.cloudfront.net Software / Resource Hash 9c551ed4690c12096fd95daaed51e554fa15ad7465976d672b5b425ca3d1c84c Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 01:31:00 GMT content-encoding br via 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront) last-modified Mon, 24 Apr 2023 03:19:26 GMT x-amz-cf-pop CDG52-P6 age 53916 etag W/"6445f53e-3a33" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png x-amz-cf-id C9lTyjyKe5iXu9GNALtNIG8N1Fq1-3XZ8pZ26ygUM1E9e0P4bPvP0g==
GET H2	200	excited.png www.vilykke.com/image/	12 KB 11 KB	22ms 21ms	Image image/png	3.162.38.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vilykke.com/image/excited.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.38.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-38-56.cdg52.r.cloudfront.net Software / Resource Hash 4acbd980645d421a1903f77f5f8f74265f5cacb6924a69b30a21260460de5165 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 18:13:09 GMT content-encoding br via 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront) last-modified Mon, 24 Apr 2023 03:19:26 GMT x-amz-cf-pop CDG52-P6 age 80187 etag W/"6445f53e-3130" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png x-amz-cf-id 5mKK3Wawf2L3bJ4oJKNoQRQdrBj8kevjYo0OVvz6s-XBCuyboDFaTw==
GET H2	200	sad.png www.vilykke.com/image/	13 KB 12 KB	23ms 22ms	Image image/png	3.162.38.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vilykke.com/image/sad.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.38.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-38-56.cdg52.r.cloudfront.net Software / Resource Hash 28bf68625bf3104c2afb3542d7e0006718a365c9e4c8d1dc581b2c2ceabf96f6 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 02:43:02 GMT content-encoding br via 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront) last-modified Mon, 24 Apr 2023 03:19:26 GMT x-amz-cf-pop CDG52-P6 age 49594 etag W/"6445f53e-33b5" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png x-amz-cf-id NggsEWxfVB7MeGswk8WoRmN7UlDW-zxcqpoWQvQsmaeKQpZTvn75IQ==
GET H2	200	angry.png www.vilykke.com/image/	27 KB 26 KB	23ms 22ms	Image image/png	3.162.38.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.vilykke.com/image/angry.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.38.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-38-56.cdg52.r.cloudfront.net Software / Resource Hash 7e27ccecb0a8fc5626d174aa82ef96b44c198fc1eed78624e4dd957f268ef9b2 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 23:59:15 GMT content-encoding br via 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront) last-modified Mon, 24 Apr 2023 03:19:26 GMT x-amz-cf-pop CDG52-P6 age 59421 etag W/"6445f53e-6a65" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png x-amz-cf-id 0UexZge4AKJZiW99gXHmDAYLotc5Tv-jAQTqhPKKZas2gtL_Pdh1zg==
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 15 Oct 2023 16:29:36 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1722	13 KB 5 KB	9ms 7ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 180055 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 13 Oct 2023 14:28:42 GMT expires Sat, 12 Oct 2024 14:28:42 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 4AD7	829 B 1 KB	41ms 19ms	Document text/html	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f1a34eae63ca2354bbd837fb4c35467d5a29d079993b6b599ada1d7c1d6bf41f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-xxH6C-rNKMIVPGS85ESYKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-xxH6C-rNKMIVPGS85ESYKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 15 Oct 2023 16:29:37 GMT expires Sun, 15 Oct 2023 16:29:37 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response pagead2.googlesyndication.com/bg/ Frame 1722	37 KB 14 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 09:56:25 GMT content-encoding br x-content-type-options nosniff age 23592 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14648 x-xss-protection 0 last-modified Tue, 10 Oct 2023 07:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 14 Oct 2024 09:56:25 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 4AD7	0 0	149ms 149ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310090101&jk=407560818686247&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 1722	0 10 B	7ms 6ms	Image text/plain	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?3ieVIQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:37 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 35 B	48ms 22ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__ac16ac65b47b3edb424e9ea891e05a77__%7E%7EV1%7E%7E6757874804182932226%7E%7EC6YQLo-SAO0xWwerl8xgHCBs1itb0M5MtUmj_9n6fbF9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kCf1P1jxHcE5td_gGW9B2uI2DxN2FGqsdjFC5qYIV-gW-QaD1bUmqLzowwcipFlznNgGYGeZRor9n0xXFfHpaAgVlpLxLn6i4ld-ccy5ZQWXCXBF321FcqPt1aNuFHl1x8vKTr89wAEY9KtIYSuPdBoaE3iK7ebMf8nQ4vZ9kk8x5tChKVNR2PDFtDPJ36GLiw__video&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.159453,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	47ms 22ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__db7670d5c8be47f24d7826696aeb5128__%7E%7EV1%7E%7E-7299809913630838780%7E%7EZnB3xFazt6AFeyNH36Fy6bbROYlmxkDI2s05H-okynT2zqYhKOzdyMEJqzUxRqi7WHYJZ-yB88nTY4X5EZY_bV15RQx7eTGlnYPkp-iflIoEza1duTR9P17oTt76kV2dFTv0UXMz9ANTUJE65sgpHApAmlJ1aMH-M6rCeRL3m_1F1uDCUl2erKuhM8RA00SfKsaB9etpl-SrPFUjxgmI3Q__photo&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.159453,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	43ms 18ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__d6f2a1a9ed24e2ee6e71a1b4f0f82b20__%7E%7EV1%7E%7E7235867776840940138%7E%7EQePgwXE0Dxz49Cb2ZpcroKN4php0IMivZ6V3SdtUVKoxdpUslpR-9VNPjtsxcBKC3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbTXEhLCSsic0V42Vs8mWU8EeLzOT7cVyjva5LGKW6_vCb9Loazxd23eIYkw-yudg3iPF8C2yPvlmbo_NIFLjI3JL_oNwT2ar9yKzDrB3_L1ng__photo&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.156550,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	43ms 18ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__c3af2b30c042fdfd17edb68ceb56ad86__%7E%7EV1%7E%7E-7293602522469332983%7E%7E_T7Gpz0sf6EEHEVr5eKqQOHIsU1mVNDD85Efy8vrlNju8nHiTM9Gu3lqDLJAaB5j3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJviS3cZnWhkwlbQErxl6rWz8S7OwZn3XzUJqleH0QsG2bkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.155105,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 364 B	42ms 17ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__ef9c91cfc2744645047d9177786268ce__%7E%7EV1%7E%7E3477036428917307405%7E%7EXsG9MUXq5zw4lM7IL5VxM7xJstcdU2GSVwq0NmbFDQOzwwjdRZ6pgz2AmojlO9YG3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2hYyXtowV45_KDOHvbjMiJmbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.155061,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	45ms 20ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__90f76d48d006b683f6898779a28940ab__%7E%7EV1%7E%7E-9080369501927552031%7E%7EXsG9MUXq5zw4lM7IL5VxM7xJstcdU2GSVwq0NmbFDQNiBJgVDidzYuWDkRqWXzTV3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2hYyXtowV45_KDOHvbjMiJmbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.156696,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 61 B	45ms 20ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__5865fe2443aa856575260a1c3f6040b9__%7E%7EV1%7E%7E4803012648016143092%7E%7EnJ8SST-E-v-k74-ZeydM_9Jwuckp5wLsS219oA13bWmN4_SWjsk7xeT86SCRYBjn3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2h5zLX1F8mb9-_hYtId-dp-bkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 10 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.156593,VS0,VE10 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 62 B	45ms 21ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__38413a27e1d94021c35f35e76abfc3dc__%7E%7EV1%7E%7E-8651934385578122733%7E%7EqVFxWnd4xxfyP9Hlw4CE6v5O3cQqCU-Tjyvp0K3_x-ke79Ni-eBnd8iQ4KmvvX-QJ_U_WPEdwTm13-AZb0Ha4t2DBN2NP3wksoAMLKr6rYf5BoPVtSaovOjDByKkWXOc2AZgZ5lGiv2fTFcV8eloCCwmj6DS2UctjmnuwnjhgcNADT9Fb74LL-gI9vXYLGmKkonBERKXF2SF-x96M9HHIOFrYjZFocNDjj0K4dBSRlSOs4a_7qIOhgu9DqiwHekR__video&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 11 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.156558,VS0,VE11 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 56 B	47ms 23ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__4522a575b896e11e6747ea5dbbcd69bc__%7E%7EV1%7E%7E8426544343056520874%7E%7Ei1h5LJeNqZQoIrc6Sp-TLkSGV7w9J2A8gyt8d-mZ4YzjPgoQsrxApxLG8uereCTj3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2qzBAd7G2kEgI5wrfqcmeJSbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.161074,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 56 B	48ms 23ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__ffa515f0f244cfa984d9cd8978fa3102__%7E%7EV1%7E%7E-3955586280367318865%7E%7EX0vfvuSK4OuUHd3xUmyuJizxfyX5IRZCwyGPz3W4LQB-s5GigrI_imTqXAzqLe9x3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2qG4bS6BJO6DuvLirq05Sh3XBMkc6MY4-ifB7QDvariyfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.161086,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	49ms 25ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__4560b016858a66b258038dbd7081c1f0__%7E%7EV1%7E%7E-5064941286255361008%7E%7EQawVd1mfupbLP_wRuQ-8pMtFuihUp-s3iw2nKn5vDbSI-sZO_ALv0fhacvqQ5Gpi3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2jJKdUfs80Hx1um8cXM3MOSbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 10 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.161299,VS0,VE10 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-available Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	51ms 27ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-available?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__5ba6d755013267eeee43367e2236719c__%7E%7EV1%7E%7E-2140540202654277271%7E%7EF0putZKV4-Nb2CW8vFss5dtOTitiOQ9SI1P4mnh_N-Ue79Ni-eBnd8iQ4KmvvX-QJ_U_WPEdwTm13-AZb0Ha4tbSdkwGmtJBMizA_guMkMD5BoPVtSaovOjDByKkWXOc2AZgZ5lGiv2fTFcV8eloCDZwH890xartlBtBw93B4JG_UiHbsZR-dsVrTENv8U9MQJJ5NQrWlthSkbrOIxkdI-FrYjZFocNDjj0K4dBSRlSOs4a_7qIOhgu9DqiwHekR__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843 Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 10 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.163194,VS0,VE10 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	51ms 27ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__ac16ac65b47b3edb424e9ea891e05a77__%7E%7EV1%7E%7E6757874804182932226%7E%7EC6YQLo-SAO0xWwerl8xgHCBs1itb0M5MtUmj_9n6fbF9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kCf1P1jxHcE5td_gGW9B2uI2DxN2FGqsdjFC5qYIV-gW-QaD1bUmqLzowwcipFlznNgGYGeZRor9n0xXFfHpaAgVlpLxLn6i4ld-ccy5ZQWXCXBF321FcqPt1aNuFHl1x8vKTr89wAEY9KtIYSuPdBoaE3iK7ebMf8nQ4vZ9kk8x5tChKVNR2PDFtDPJ36GLiw__video&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CLcG&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.163197,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	50ms 26ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__db7670d5c8be47f24d7826696aeb5128__%7E%7EV1%7E%7E-7299809913630838780%7E%7EZnB3xFazt6AFeyNH36Fy6bbROYlmxkDI2s05H-okynT2zqYhKOzdyMEJqzUxRqi7WHYJZ-yB88nTY4X5EZY_bV15RQx7eTGlnYPkp-iflIoEza1duTR9P17oTt76kV2dFTv0UXMz9ANTUJE65sgpHApAmlJ1aMH-M6rCeRL3m_1F1uDCUl2erKuhM8RA00SfKsaB9etpl-SrPFUjxgmI3Q__photo&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CPQG&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.162409,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 56 B	50ms 26ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__d6f2a1a9ed24e2ee6e71a1b4f0f82b20__%7E%7EV1%7E%7E7235867776840940138%7E%7EQePgwXE0Dxz49Cb2ZpcroKN4php0IMivZ6V3SdtUVKoxdpUslpR-9VNPjtsxcBKC3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbTXEhLCSsic0V42Vs8mWU8EeLzOT7cVyjva5LGKW6_vCb9Loazxd23eIYkw-yudg3iPF8C2yPvlmbo_NIFLjI3JL_oNwT2ar9yKzDrB3_L1ng__photo&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=COAF&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.162406,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	49ms 25ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__c3af2b30c042fdfd17edb68ceb56ad86__%7E%7EV1%7E%7E-7293602522469332983%7E%7E_T7Gpz0sf6EEHEVr5eKqQOHIsU1mVNDD85Efy8vrlNju8nHiTM9Gu3lqDLJAaB5j3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJviS3cZnWhkwlbQErxl6rWz8S7OwZn3XzUJqleH0QsG2bkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CKwD&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.162366,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 58 B	45ms 21ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__ef9c91cfc2744645047d9177786268ce__%7E%7EV1%7E%7E3477036428917307405%7E%7EXsG9MUXq5zw4lM7IL5VxM7xJstcdU2GSVwq0NmbFDQOzwwjdRZ6pgz2AmojlO9YG3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2hYyXtowV45_KDOHvbjMiJmbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CNYC&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.159524,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	43ms 19ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__90f76d48d006b683f6898779a28940ab__%7E%7EV1%7E%7E-9080369501927552031%7E%7EXsG9MUXq5zw4lM7IL5VxM7xJstcdU2GSVwq0NmbFDQNiBJgVDidzYuWDkRqWXzTV3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2hYyXtowV45_KDOHvbjMiJmbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CN8C&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.156434,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	42ms 19ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__5865fe2443aa856575260a1c3f6040b9__%7E%7EV1%7E%7E4803012648016143092%7E%7EnJ8SST-E-v-k74-ZeydM_9Jwuckp5wLsS219oA13bWmN4_SWjsk7xeT86SCRYBjn3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2h5zLX1F8mb9-_hYtId-dp-bkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CO8D&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.156437,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	50ms 27ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__38413a27e1d94021c35f35e76abfc3dc__%7E%7EV1%7E%7E-8651934385578122733%7E%7EqVFxWnd4xxfyP9Hlw4CE6v5O3cQqCU-Tjyvp0K3_x-ke79Ni-eBnd8iQ4KmvvX-QJ_U_WPEdwTm13-AZb0Ha4t2DBN2NP3wksoAMLKr6rYf5BoPVtSaovOjDByKkWXOc2AZgZ5lGiv2fTFcV8eloCCwmj6DS2UctjmnuwnjhgcNADT9Fb74LL-gI9vXYLGmKkonBERKXF2SF-x96M9HHIOFrYjZFocNDjj0K4dBSRlSOs4a_7qIOhgu9DqiwHekR__video&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CL4H&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 10 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.162368,VS0,VE10 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 57 B	48ms 25ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__4522a575b896e11e6747ea5dbbcd69bc__%7E%7EV1%7E%7E8426544343056520874%7E%7Ei1h5LJeNqZQoIrc6Sp-TLkSGV7w9J2A8gyt8d-mZ4YzjPgoQsrxApxLG8uereCTj3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2qzBAd7G2kEgI5wrfqcmeJSbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CO0F&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.161538,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 61 B	58ms 35ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__ffa515f0f244cfa984d9cd8978fa3102__%7E%7EV1%7E%7E-3955586280367318865%7E%7EX0vfvuSK4OuUHd3xUmyuJizxfyX5IRZCwyGPz3W4LQB-s5GigrI_imTqXAzqLe9x3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2qG4bS6BJO6DuvLirq05Sh3XBMkc6MY4-ifB7QDvariyfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CP0C&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 22 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.161583,VS0,VE22 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 350 B	48ms 26ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__4560b016858a66b258038dbd7081c1f0__%7E%7EV1%7E%7E-5064941286255361008%7E%7EQawVd1mfupbLP_wRuQ-8pMtFuihUp-s3iw2nKn5vDbSI-sZO_ALv0fhacvqQ5Gpi3rFDpnFPEqWgWrqj6Casc7Pjv4joGi2SYIp_LPMThbQcmn-kjApB6TomIlDdEdGJGuxTxams5f0pSfCkMMEI2jJKdUfs80Hx1um8cXM3MOSbkt4RUF7qo5n_0RGv9kLOfe3jmgHZXC04GgECm-uojQ__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CL8F&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.162348,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	recommendations.notify-visible Show response api.taboola.com/2.0/json/boyuan-h5-in-english/	0 56 B	46ms 23ms	XHR image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.taboola.com/2.0/json/boyuan-h5-in-english/recommendations.notify-visible?app.type=mobile&app.apikey=c09474a35c99a28e5e3bac264db33ba6f87d34fe&response.id=__5bc296950cf20d3af2001cc332ce7a78__5ba6d755013267eeee43367e2236719c__%7E%7EV1%7E%7E-2140540202654277271%7E%7EF0putZKV4-Nb2CW8vFss5dtOTitiOQ9SI1P4mnh_N-Ue79Ni-eBnd8iQ4KmvvX-QJ_U_WPEdwTm13-AZb0Ha4tbSdkwGmtJBMizA_guMkMD5BoPVtSaovOjDByKkWXOc2AZgZ5lGiv2fTFcV8eloCDZwH890xartlBtBw93B4JG_UiHbsZR-dsVrTENv8U9MQJJ5NQrWlthSkbrOIxkdI-FrYjZFocNDjj0K4dBSRlSOs4a_7qIOhgu9DqiwHekR__text&response.session=v2_4f0230088216253f66ccf2008f5b6ee1_df136ca9-4ea1-40db-99d2-639b35fa1843_1697387376_1697387376_CIi3jgYQlvhaGJCx576rjsLjUiABKAUwODib4wlAgooQSMmG2ANQ____________AVgAYABooKCVq-PzhYw8cAA&view.external-id=df136ca9-4ea1-40db-99d2-639b35fa1843&ppb=CMwG&cpb=GAEgnP__________ASoZc2cudGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMzAzMjE4gMLZugpAm-MJSIKKEFDJhtgDWP___________wFjCLFEEMlaGDBkYwj-__________8BEP7__________wEYAmRjCNJPENppGDJkYwjXFhDUHxgjZGMIzf__________ARDN__________8BGDNkYwj5__________8BEPn__________wEYB2RjCJYUEJ4cGBhkYwjSAxDgBhgIZGMI9f__________ARD1__________8BGAtkYwikJxCDNRgvZGMI9BQQnh0YH2RqJGRmMTM2Y2E5LTRlYTEtNDBkYi05OWQyLTYzOWIzNWZhMTg0M3gBgAECiAHN2fWCApABHJgBkeKvobMx Requested by Host: cdn.boyuanhulian.com URL: https://cdn.boyuanhulian.com/js/boyuanNews24Co.js?7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230084-FRA pragma no-cache server nginx x-timer S1697387377.161060,VS0,VE9 content-type image/gif access-control-allow-origin https://en-in.obnews.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb0b46727ef754cfed808218209e078c0.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	16 KB 17 KB	1530ms 1526ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb0b46727ef754cfed808218209e078c0.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 4d4f9420c700bbf15dcaf3c9873f52901e36c8f67fb05d7992835cbdc06076ca Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 1519 date Sun, 15 Oct 2023 16:29:38 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb0b46727ef754cfed808218209e078c0.jpg age 0 edge-cache-tag 473924111349224469671671222629396054307,431203461667097622652323933117443888586,29ecf9b93bbf306179626feeda1fab70 cache-tag 473924111349224469671671222629396054307,431203461667097622652323933117443888586,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, MISS, MISS, MISS x-envoy-upstream-service-time 1347 req-referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO content-length 16362 x-request-id 474d4eea66a70db97b94a1d3d74be3f7 x-backend-name LA_nlb204 x-served-by cache-iad-kiad7000140-IAD, cache-iad-kiad7000165-IAD, cache-sna10739-LGB, cache-iad-kiad7000099-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 24 Sep 2023 21:45:40 GMT server nginx surrogate-reporting width=600,height=300,bytes=28233,owidth=3840,oheight=2160,obytes=1669635 x-timer S1697387377.136615,VS0,VE1519 etag "dddeefdef07b86ebb7f40b2021511f5d" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0, 0, 0
GET H2	200	https%3A%2F%2Fc.ndtvimg.com%2F2023-10%2Fjp0i46m_-israeli-american-family_625x300_15_October_23.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	21 KB 22 KB	12ms 9ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fc.ndtvimg.com%2F2023-10%2Fjp0i46m_-israeli-american-family_625x300_15_October_23.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 4aeb7ae9ad0708844c09b027efa23335909786f9d5ad0263c18593967dd88e9c Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 2 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fc.ndtvimg.com%2F2023-10%2Fjp0i46m_-israeli-american-family_625x300_15_October_23.jpg age 1628 edge-cache-tag 550516552866114492180386585353878328431,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 550516552866114492180386585353878328431,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 754 req-referer https://en-in.obnews.co/Index/newsDetail/id/1453103.html?val=3e5bf14b78645406feda2dcb16f13aff&keyword=Aadhaar content-length 21240 x-request-id 7de830007f7e089518eaa538b5da7377 x-backend-name US_nlb101 x-served-by cache-iad-kiad7000049-IAD, cache-iad-kiad7000135-IAD, cache-iad-kcgs7200078-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 11:47:52 GMT server nginx surrogate-reporting width=450,height=450,bytes=28314,owidth=1200,oheight=738,obytes=69304 x-timer S1697387377.136175,VS0,VE2 etag "433adf6906eed460a7506cbf249711d6" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 21, 1
GET H2	200	https%3A%2F%2Ffeeds.abplive.com%2Fonecms%2Fimages%2Fuploaded-images%2F2023%2F10%2F07%2Ff19977bbfab31bdbfb8bc061710991781696661288939315_original.jpg%3Fimpolicy%3Dabp_cdn%26imwidth%3D1200%26imheight... images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	25 KB 26 KB	13ms 9ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Ffeeds.abplive.com%2Fonecms%2Fimages%2Fuploaded-images%2F2023%2F10%2F07%2Ff19977bbfab31bdbfb8bc061710991781696661288939315_original.jpg%3Fimpolicy%3Dabp_cdn%26imwidth%3D1200%26imheight%3D628 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash a721e7f4a94def72de4ae0cd91e869c70fc4eeb37263ca14468d1563aaf893a7 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Ffeeds.abplive.com%2Fonecms%2Fimages%2Fuploaded-images%2F2023%2F10%2F07%2Ff19977bbfab31bdbfb8bc061710991781696661288939315_original.jpg%3Fimpolicy%3Dabp_cdn%26imwidth%3D1200%26imheight%3D628 age 1627 edge-cache-tag 596479444584656390186191499191250482708,572557035644805359113287664057264530371,29ecf9b93bbf306179626feeda1fab70 cache-tag 596479444584656390186191499191250482708,572557035644805359113287664057264530371,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 748 req-referer https://en-in.obnews.co/Index/newsDetail/id/1453103.html?val=3e5bf14b78645406feda2dcb16f13aff&keyword=Aadhaar content-length 25564 x-request-id c5296df91ce6835f1e181332f6bcc657 x-backend-name CH_nlb802 x-served-by cache-iad-kiad7000164-IAD, cache-iad-kjyo7100163-IAD, cache-chi-kigq8000084-CHI, cache-iad-kcgs7200085-IAD, cache-fra-eddf8230073-FRA last-modified Sat, 07 Oct 2023 07:03:43 GMT server nginx surrogate-reporting width=540,height=540,bytes=39289,owidth=720,oheight=540,obytes=36496 x-timer S1697387377.136931,VS0,VE1 etag "22c640cdb83f0d55c01a433f8755d54b" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0, 20, 1
GET H2	200	https%3A%2F%2Ffeeds.abplive.com%2Fonecms%2Fimages%2Fuploaded-images%2F2023%2F10%2F15%2F22f13fe909b337485d2f0618222bd59b1697360371667272_original.png%3Fimpolicy%3Dabp_cdn%26imwidth%3D1200%26imheight... images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	14 KB 15 KB	14ms 11ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Ffeeds.abplive.com%2Fonecms%2Fimages%2Fuploaded-images%2F2023%2F10%2F15%2F22f13fe909b337485d2f0618222bd59b1697360371667272_original.png%3Fimpolicy%3Dabp_cdn%26imwidth%3D1200%26imheight%3D628 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f2d822fbcd9daf6e86c1bc9de535fddefcf9b6bcd0e2272385e8fe02e0695ac2 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 2 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Ffeeds.abplive.com%2Fonecms%2Fimages%2Fuploaded-images%2F2023%2F10%2F15%2F22f13fe909b337485d2f0618222bd59b1697360371667272_original.png%3Fimpolicy%3Dabp_cdn%26imwidth%3D1200%26imheight%3D628 age 23970 edge-cache-tag 318915676372929279580931926361753312570,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 318915676372929279580931926361753312570,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 1332 req-referer https://en-in.obnews.co/Index/newsDetail/id/1451261.html?val=838bd11245baf41126ca811d58fda42a&keyword=rates content-length 14608 x-request-id f3e9fed1876289de06b0e61dffc1eb0a x-backend-name LA_nlb204 x-served-by cache-iad-kiad7000089-IAD, cache-iad-kjyo7100116-IAD, cache-sna10724-LGB, cache-iad-kcgs7200167-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 09:09:14 GMT server nginx surrogate-reporting width=450,height=450,bytes=20620,owidth=720,oheight=540,obytes=22225 x-timer S1697387377.136897,VS0,VE2 etag "46d9d23d749d3dca3b6b44c19c0ce1c0" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0, 25, 1
GET H2	200	http%3A%2F%2Fcdn.taboolasyndication.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa9935c8d58814ab85f51aacbe7bf3163.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	27 KB 28 KB	1074ms 1071ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/http%3A%2F%2Fcdn.taboolasyndication.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa9935c8d58814ab85f51aacbe7bf3163.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 450310cbd315c9ba37b0643a447ba7483d6b8a627b602296fc102a29b3fc97d0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 1064 date Sun, 15 Oct 2023 16:29:38 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/http%3A%2F%2Fcdn.taboolasyndication.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa9935c8d58814ab85f51aacbe7bf3163.jpg age 0 edge-cache-tag 518642089823804226359101567031791349746,435307806623357549776301002288288581646,29ecf9b93bbf306179626feeda1fab70 cache-tag 518642089823804226359101567031791349746,435307806623357549776301002288288581646,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, MISS, MISS, MISS x-envoy-upstream-service-time 953 req-referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO content-length 27726 x-request-id e29edd2ee121a942a7c00576b02b6691 x-backend-name CH_nlb802 x-served-by cache-iad-kcgs7200075-IAD, cache-iad-kjyo7100105-IAD, cache-chi-kigq8000137-CHI, cache-iad-kiad7000034-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 24 Sep 2023 20:38:47 GMT server nginx surrogate-reporting width=1000,height=500,bytes=62108,owidth=1000,oheight=750,obytes=119015 x-timer S1697387377.136628,VS0,VE1064 etag "8846af9852fe2f2e726c5fa1376cff40" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0, 0, 0
GET H2	200	https%3A%2F%2Fwww.filmibeat.com%2Fimg%2F2023%2F10%2Fnewproject-2023-10-15t135708-014-1697358462.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	25 KB 26 KB	15ms 11ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fwww.filmibeat.com%2Fimg%2F2023%2F10%2Fnewproject-2023-10-15t135708-014-1697358462.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0d8ff57d5bdc181322b1370b078effcbfaa179c4e361403732781f5942f5f8c5 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 2 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fwww.filmibeat.com%2Fimg%2F2023%2F10%2Fnewproject-2023-10-15t135708-014-1697358462.jpg age 23965 edge-cache-tag 615396640279386075060408731982454719491,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 615396640279386075060408731982454719491,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 1018 req-referer https://en-in.obnews.co/Index/newsDetail/id/1451261.html?val=838bd11245baf41126ca811d58fda42a&keyword=rates content-length 25638 x-request-id 377bbe1b9cb8d000f9bdb69f85296a51 x-backend-name US_nlb104 x-served-by cache-iad-kiad7000140-IAD, cache-iad-kjyo7100139-IAD, cache-iad-kcgs7200090-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 09:11:37 GMT server nginx surrogate-reporting width=450,height=450,bytes=37064,owidth=1200,oheight=675,obytes=103219 x-timer S1697387377.136618,VS0,VE2 etag "0e89e4b72ec0f248e47e068e17ee8fad" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 23, 1
GET H2	200	https%3A%2F%2Fimages.indianexpress.com%2F2023%2F10%2FWhatsApp-Image-2023-10-10-at-1.43.20-PM.jpeg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	29 KB 30 KB	12ms 10ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fimages.indianexpress.com%2F2023%2F10%2FWhatsApp-Image-2023-10-10-at-1.43.20-PM.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 6e4f99c31004c56e92624c6914e63dc1c717210af6aae1ce28ac5e198d0957ec Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 0 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fimages.indianexpress.com%2F2023%2F10%2FWhatsApp-Image-2023-10-10-at-1.43.20-PM.jpeg age 443775 edge-cache-tag 361732677401396377826544534880300123026,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 361732677401396377826544534880300123026,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, HIT, MISS, HIT, HIT x-envoy-upstream-service-time 316 req-referer https://en-in.obnews.co/Index/newsDetail/id/1449563.html?val=2c853c56c5eb6c93a21776d3be60d69f&keyword=murder content-length 29276 x-request-id 346c3c1ef6c4d29a88e825946ecc2f92 x-backend-name US_nlb101 x-served-by cache-iad-kjyo7100113-IAD, cache-iad-kiad7000127-IAD, cache-iad-kcgs7200179-IAD, cache-fra-eddf8230073-FRA last-modified Tue, 10 Oct 2023 12:49:25 GMT server nginx surrogate-reporting width=450,height=450,bytes=37274,owidth=1200,oheight=667,obytes=81036 x-timer S1697387377.151012,VS0,VE0 etag "fdff3941bdb54b4c8f2fe8e374523c15" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 0, 8, 6
GET H2	200	https%3A%2F%2Fcdn.dnaindia.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Ffull%2Fpublic%2F2023%2F10%2F15%2F2611596-a-69.png images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	19 KB 20 KB	13ms 12ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fcdn.dnaindia.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Ffull%2Fpublic%2F2023%2F10%2F15%2F2611596-a-69.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 814fad6331adf12f9959e56ad7ff1e665975dd44b50802d5caeaa624a4afae1b Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fcdn.dnaindia.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Ffull%2Fpublic%2F2023%2F10%2F15%2F2611596-a-69.png age 16485 edge-cache-tag 345031337938572160371258973334140164806,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 345031337938572160371258973334140164806,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 987 req-referer https://en-in-np.obnews.co/Flow/News/id/1009437.html content-length 19776 x-request-id f6c996371118f69b7f1bef36e3581fa3 x-backend-name US_nlb101 x-served-by cache-iad-kiad7000024-IAD, cache-iad-kjyo7100179-IAD, cache-iad-kjyo7100176-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 10:00:53 GMT server nginx surrogate-reporting width=450,height=450,bytes=26371,owidth=1280,oheight=720,obytes=131474 x-timer S1697387377.150739,VS0,VE1 etag "d40e7bf08ff8f05e6cd48d9359765767" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 23, 1
GET H2	200	http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d5fc7af10eeb6145d03f3961d967323.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	22 KB 23 KB	803ms 802ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d5fc7af10eeb6145d03f3961d967323.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c86198c1d31ac3d532bc40bbc0a3112dfe1e2f10ca459920a1fa6cbbc4527518 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 793 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d5fc7af10eeb6145d03f3961d967323.jpg age 0 edge-cache-tag 380248760600196144174147741220553031852,435307806623357549776301002288288581646,29ecf9b93bbf306179626feeda1fab70 cache-tag 380248760600196144174147741220553031852,435307806623357549776301002288288581646,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, MISS, MISS, MISS x-envoy-upstream-service-time 635 req-referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO content-length 22872 x-request-id 4068fab9db45b6a722d7ba674fc88251 x-backend-name LA_nlb204 x-served-by cache-iad-kiad7000094-IAD, cache-iad-kjyo7100032-IAD, cache-sna10726-LGB, cache-iad-kiad7000080-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 17 Sep 2023 21:19:25 GMT server nginx surrogate-reporting width=827,height=413,bytes=40676,owidth=827,oheight=553,obytes=130075 x-timer S1697387377.150696,VS0,VE793 etag "7e4aaaacaf14abc2d9faaa3455c45256" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0, 0, 0
GET H2	200	https%3A%2F%2Fcdn.siasat.com%2Fwp-content%2Fuploads%2F2020%2F08%2Fdigvijay-singh.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	19 KB 20 KB	12ms 12ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fcdn.siasat.com%2Fwp-content%2Fuploads%2F2020%2F08%2Fdigvijay-singh.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 5a0a9915cb71aea06de2bf87e3db7bbda4dc1602f2f03eb11a1d087aca4d5f4f Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fcdn.siasat.com%2Fwp-content%2Fuploads%2F2020%2F08%2Fdigvijay-singh.jpg age 1622 edge-cache-tag 623781745991578220529091829412150783277,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 623781745991578220529091829412150783277,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 792 req-referer https://en-in.obnews.co/Index/newsDetail/id/1449563.html?val=2c853c56c5eb6c93a21776d3be60d69f&keyword=murder content-length 19152 x-request-id 8420ea3aa74e3256f9f781d60df398ad x-backend-name US_nlb106 x-served-by cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100121-IAD, cache-iad-kiad7000096-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 15:01:04 GMT server nginx surrogate-reporting width=450,height=450,bytes=26979,owidth=1200,oheight=900,obytes=33737 x-timer S1697387377.150729,VS0,VE1 etag "73e89424eafdca59eaff62b904534471" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 15, 1
GET H2	200	https%3A%2F%2Fcdn.wionews.com%2Fsites%2Fdefault%2Ffiles%2F2023%2F10%2F15%2F386621-wion-images-2023-10-15t164804509.png images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	12 KB 12 KB	9ms 8ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fcdn.wionews.com%2Fsites%2Fdefault%2Ffiles%2F2023%2F10%2F15%2F386621-wion-images-2023-10-15t164804509.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 332d30b6171eea3bacaa9457a25ae4a9835db251ff78403a7635f8817591174c Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fcdn.wionews.com%2Fsites%2Fdefault%2Ffiles%2F2023%2F10%2F15%2F386621-wion-images-2023-10-15t164804509.png age 9259 edge-cache-tag 317570066222214338265742052984693349705,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 317570066222214338265742052984693349705,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 1092 req-referer https://en-in.obnews.co/Index/newsDetail/id/1455915.html?val=52006d211fc7c1a80e9d721e1eae7054&keyword=Instagram content-length 11954 x-request-id cd054745f266cde80c0950f7fd3b8a8f x-backend-name CH_nlb801 x-served-by cache-iad-kjyo7100051-IAD, cache-iad-kjyo7100116-IAD, cache-chi-klot8100131-CHI, cache-iad-kiad7000088-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 11:44:26 GMT server nginx surrogate-reporting width=450,height=450,bytes=18426,owidth=1200,oheight=675,obytes=60780 x-timer S1697387377.162613,VS0,VE1 etag "88b540fd7aae80f0759db7f5816c89d7" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0, 14, 1
GET H2	200	https%3A%2F%2Fimages.moneycontrol.com%2Fstatic-mcnews%2F2023%2F03%2FXi-Putin-1-770x433.png images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/	23 KB 24 KB	9ms 9ms	Image image/webp	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fimages.moneycontrol.com%2Fstatic-mcnews%2F2023%2F03%2FXi-Putin-1-770x433.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 20996e46449eede2c0a9a0252b63e8c9b913d595551b73be1715475d5c7d9498 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-vcl-time-ms 2 date Sun, 15 Oct 2023 16:29:37 GMT via 1.1 varnish, 1.1 varnish x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_450%2Cc_fill%2Cg_auto:subject_100:classic_50%2Ce_sharpen/https%3A%2F%2Fimages.moneycontrol.com%2Fstatic-mcnews%2F2023%2F03%2FXi-Putin-1-770x433.png age 9286 edge-cache-tag 591742588357890306418911098775843065037,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 cache-tag 591742588357890306418911098775843065037,449116823522841213685340903382393289194,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache Miss from cloudfront, MISS, MISS, MISS, HIT, HIT x-envoy-upstream-service-time 504 req-referer https://en-in.obnews.co/Index/newsDetail/id/1419319.html?val=7ac58c9fe1f12a97c7afa72426b9fe3c&keyword=UPI content-length 23234 x-request-id 96c843c184b1bec66dc40164d9972c89 x-backend-name CH_nlb802 x-served-by cache-iad-kcgs7200123-IAD, cache-iad-kiad7000110-IAD, cache-chi-kigq8000176-CHI, cache-iad-kjyo7100022-IAD, cache-fra-eddf8230073-FRA last-modified Sun, 15 Oct 2023 12:49:19 GMT server nginx surrogate-reporting width=450,height=450,bytes=32803,owidth=770,oheight=433,obytes=34909 x-timer S1697387377.162728,VS0,VE2 etag "243137ba2f172c07c20eef66cb335e7a" x-ratelimit-remaining 100 vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0, 16, 1
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	158ms 157ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310090101&jk=407560818686247&bg=!goGlgc7NAAbFpEfJ5aQ7ADQBe5WfOIulZM6n8TTz858TelRk56VQccZ-ChtK9jsKHNvN3D724n6tAvfKsJHn43MyyXxvAgAAAFBSAAAAF2gBBwoAfYl8EohkYMnQj_4nv26SeaMqRfWyehVMKyMKvaGAyPxrApCJd7UbFf00MyWx0PuQ6ghOtAhR7PHmZuiigVBaa21z4wccuknI75bzHQqC7zjA7iGC3ybSrgPw8yuc5IfZrQGmuV9WgECFiGLphgLkYEBQU36XnyDUF9asL83bmQMDXsMPa_6hWr_3K9SYJBDVuKVSeCFs4IVR1QHUxrGqnVhIF7wwYE0df9Bi9A3L1Lz6v4kdPT3j1A0qo6RFrvGtCWjaWvDgOSL27sK0APSVyhjCspq08dTqDX-twoOjdH2iD5VmJcCOR2PnJZE0Xd-Lhvurc76EepWfrKmdK5Asqz3sDiVkhOFzHr3Z6J0V9sQ4eZg7QqE4uLFfSBUEP2BuQwugFRizjvXOvDwWxmoZ3SvGK66auQzszsgiHtEqaFaWcbKhgG7YY4tFXaihn6XoB87Cq7KWCokpx5xvqd7OUyUrQ3T9NkYvCoflJ2nq1Q2Q8FbYRezzQEkvXKtdoCjvJQsGni93d-VePCdd35jJkpuqaJTCk2n39wLoWudj4aGmDhWttxf_junVNDFOKMXodG1eVy-7bwN9f5t5BDsbpEcItT6SxKUjhhBoibNCFFJmPJVtv4g4o2L1NSH9PPeW_W6mXlAljMHaaEOszwmgpgwzW3mQ2dz25i06grabf4fGn6JqBORjju0iSCZWD3RMoKeg8F3v0grK34kpAGUOMw_uhxVJUFDk8XoBp9t6xcuZ4FH6oYV3eEGP7N-TemkD5fXscDGcPgAdYB8YSSLYehrUVpl7lN5O7Fp54mh2ghDYvM5NwHafyZHMijTVXBNQIz81PhF5AsSy3TuW9WekPmAniQVnYZ9uWEZdgLsO-NXBwBOGfvQzKI07wPHLD6__YbHbvMOZwj9C81Nf0z1hWGHIJ-NXTb2JAryquaA9aS3no9IXLjUIyvjuwfX0xiM-Wb_8XWGxZ4Q33ASO3RQtk7S3N18-zAVxm68msn5SUffxlePOcFZt4JUcv3EWc4KKCTviLuJzO2nCpIXN_-Rlz5EdQMkrqAe2yN84NAzRgGVB_mrABEdWYuN32TQ4ABUH4WYLMeRUcM4DJwUzU9_5mbCi0NnUU-lvjQ8ylJaEBqn-W0nph0YZ7kINYLAYfbk8-H1LrRSqm5KNqp2w-AamyQ9c9WHj0_XFKa9kgTXxjITaFOf5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/022309290141000/ Frame 6823	196 KB 55 KB	13ms 10ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022309290141000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f3e705bf8776c18d4970d21e39b1d58d50a6d1f38f666442b09e7a195f589b8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 12 Oct 2023 20:56:29 GMT age 243188 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56048 x-xss-protection 0 server sffe etag "564b55190130f1c3" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 11 Oct 2024 20:56:29 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/022309290141000/v0/ Frame 6823	15 KB 5 KB	15ms 12ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022309290141000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 18:15:37 GMT age 425640 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5226 x-xss-protection 0 server sffe etag "b67abf1ac5d05c62" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 18:15:37 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/022309290141000/v0/ Frame 6823	94 KB 28 KB	18ms 16ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022309290141000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 18:04:19 GMT age 426318 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29036 x-xss-protection 0 server sffe etag "f80aeafaeae93075" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 18:04:19 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/022309290141000/v0/ Frame 6823	5 KB 2 KB	16ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022309290141000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 18:15:37 GMT age 425640 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1915 x-xss-protection 0 server sffe etag "5fa0b581892e5d76" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 18:15:37 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/022309290141000/v0/ Frame 6823	40 KB 13 KB	17ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/022309290141000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 10 Oct 2023 18:04:38 GMT age 426299 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12962 x-xss-protection 0 server sffe etag "f431afcc9b21c868" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 09 Oct 2024 18:04:38 GMT
GET H2	200	css fonts.googleapis.com/ Frame 6823	6 KB 802 B	21ms 18ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 15 Oct 2023 16:29:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 15 Oct 2023 15:58:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 15 Oct 2023 16:29:37 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6823	2 KB 2 KB	19ms 18ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 00:18:28 GMT x-content-type-options nosniff server cafe age 58269 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Mon, 16 Oct 2023 00:18:28 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6823	295 B 319 B	19ms 18ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 15:21:19 GMT x-content-type-options nosniff server cafe age 4098 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Mon, 16 Oct 2023 15:21:19 GMT
GET H3	200	2076313506083323656 tpc.googlesyndication.com/simgad/8713707925352896608/ Frame 6823	31 KB 31 KB	19ms 19ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8713707925352896608/2076313506083323656 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0569e528f24359a33fb973515c793b0a45c00aa73c29b326fad1e434e454040d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 10 Oct 2023 05:50:38 GMT x-content-type-options nosniff age 470339 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32066 x-xss-protection 0 last-modified Thu, 30 Jun 2022 19:07:26 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 09 Oct 2024 05:50:38 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/5764291513729847510/ Frame 6823	4 KB 4 KB	20ms 19ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5764291513729847510/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: en-in.obnews.co URL: https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ad2011589699e6f1fbd716af022e7069cca8e54f4bf8637143c2eaf876c02f83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 10 Oct 2023 07:37:09 GMT x-content-type-options nosniff age 463948 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4548 x-xss-protection 0 last-modified Fri, 24 Jun 2022 17:40:17 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 09 Oct 2024 07:37:09 GMT
GET DATA	200 OK	truncated / Frame 6823	221 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 6823	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9d5b20b7654b77dbbb21e4fd72bcfd8738e3c8c63e6f80e86a570b38309626df Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B02E	0 20 B	154ms 149ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4496066550132&version=m202309260101&ct=76&x=1&cor=13741231241107968000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 6823	15 KB 16 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://en-in.obnews.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 13:37:19 GMT x-content-type-options nosniff age 96738 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Oct 2024 13:37:19 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 6823	15 KB 15 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://en-in.obnews.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 15:22:55 GMT x-content-type-options nosniff age 176802 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Oct 2024 15:22:55 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6823	2 KB 2 KB	7ms 7ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/022309290141000/amp4ads-v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 00:18:28 GMT x-content-type-options nosniff server cafe age 58269 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Mon, 16 Oct 2023 00:18:28 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6823	295 B 319 B	7ms 7ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/022309290141000/amp4ads-v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 15:21:19 GMT x-content-type-options nosniff server cafe age 4098 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Mon, 16 Oct 2023 15:21:19 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 6823	0 0	52ms 51ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C_VkccBMsZfOgLLH7gAfhrLqwAfng-4tz1O69-c8RvMPU9YwcEAEgzufKlwFgleKQgqAHoAG62-OYA8gBCeACAKgDAcgDCqoEoQNP0KHACxy-gFXFi1SEndlYIHYOQ8k2SyT7v94rMg-VGiUvVbXgPIeXL_wNsbbgeqfk8roGHai1ODvt1igGNQhpt2htEige-6P-EZH5bH7VvC_4qVvTb1aBYZutIlJew7fTjV_zJy7cc012f0btiqgl5o0IG0gXrlL_aW3FEsgv1btrbKndlwKn45zG7MrhpzmpZDNlCu-f-OQQmo50NBlu2dXNsJKZNfYwgMU0o49cF7SjjoBfBud0Gi2u4WvnFZwwuyHHpFSTfE4nkPay-YzEMYY4YhqBQCHksobSyid8G-pyb4DRlN_rgHzx78VjZUu91HkuFp6ktYI-xM5elLQxAb7_ocH4T8uyq47ag4fl2f05vNj9tOEf0QPxTiUXPAiWV7KZ1XAoGPJbP58Cjh_BpX_6CLk55adHjqQb-hmuscgWY8N9hKZ4mL2xU-bZrrpVkAsPYj4bBWm5rNr_s7r3-_jpUf89in9rlP4tv2XqdgXjzHzVPVngKG6nmrvmnvJ7H0uExiEpZVK4b8qvAPFOECCr7kc4wS86pzroB8YnVHbABLL947DtA-AEAYgF75Wz4kCSBQQIBBgBkgUECAUYBKAGLoAHrqScZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJLKJdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCaEBaHR0cHM6Ly93d3cuaW5mcmFnaXN0aWNzLmNvbS9wcm9kdWN0cy9pZ25pdGUtdWktYmxhem9yP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1pZ25pdGUtdWktYmxhem9yJnV0bV90ZXJtPWdlcm1hbnktZGlzcGxheS1jaGFydHMtbG0tbmV3LTIzLjGACgPICwHiDRMInNbd3Lz4gQMVsT3gCh1hlg4WuBPkA9gTDYgUAdAVAZgWAYAXAbIXHwodCAASFHB1Yi0xOTEyMTYxNTM3MTQ2ODQyGIDxjAE&sigh=32HbfmrJOX4&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNyyggUfTankH7R_3_JWZgIl3Cuv0CNWfGHzTIcDw0qodkbMrFEQaqmvIhZ8FBc7idDGAiwut4LEpQlapQ0IhjwNXr3ZpzcyUYAQ&template_id=484&cbvp=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H3	200	container.html Show response 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74F6	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 15 Oct 2023 16:29:36 GMT expires Mon, 14 Oct 2024 16:29:36 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 74F6	23 KB 9 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 22:51:42 GMT content-encoding br x-content-type-options nosniff age 63476 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9145 x-xss-protection 0 server cafe etag 13066256994748809036 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 28 Oct 2023 22:51:42 GMT
GET H3	200	css fonts.googleapis.com/ Frame 74F6	8 KB 750 B	18ms 17ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 15 Oct 2023 16:29:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 15 Oct 2023 16:25:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 15 Oct 2023 16:29:38 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame 74F6	15 KB 3 KB	63ms 8ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.css Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:10:09 GMT content-encoding gzip x-content-type-options nosniff age 353969 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2920 x-xss-protection 0 last-modified Wed, 11 Oct 2023 10:41:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 10 Oct 2024 14:10:09 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame 74F6	372 KB 129 KB	64ms 9ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ed307b9176ce74e8ec5cd56461795d1c63e3a2df73afe3dbb03731e20a8e7101 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:10:09 GMT content-encoding gzip x-content-type-options nosniff age 353969 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132010 x-xss-protection 0 last-modified Wed, 11 Oct 2023 10:41:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 10 Oct 2024 14:10:09 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 74F6	20 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 22:47:03 GMT content-encoding br x-content-type-options nosniff age 63755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8337 x-xss-protection 0 server cafe etag 13483435759450910196 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 28 Oct 2023 22:47:03 GMT
POST H2	204	csi csi.gstatic.com/ Frame 74F6	0 54 B	378ms 14ms	Ping image/gif	216.239.32.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lnromb9d&c=5047892507222&slotId=2523946253611&qqid=CMC9yt28-IEDFfsJVQgdBvEMWQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:38 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 74F6	15 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 13:37:19 GMT x-content-type-options nosniff age 96739 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Oct 2024 13:37:19 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 74F6	15 KB 15 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 04:06:52 GMT x-content-type-options nosniff age 217366 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Oct 2024 04:06:52 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 74F6	0 20 B	155ms 154ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CpLLlcRMsZYDBLvuT1PIPhuKzyAXWzue4c4zk4OC-EfAuEAEgzufKlwFgleKQgqAHyAEFqQLe9ToZ5KGxPqgDAcgDmwSqBKcCT9BZxZOzQGoi8vppZp-FepuHAtnHFi6-TV4GZPV81ek6KZ2cDn8a-pNNo_0yosG4-RWrxmCSx18JjyaZILgrIr3aHF-PasK88rx6YQAuqY8lQBWvr_j6PHm1IAej8L74TVxwR426-FcqiEGTfvKwIPSasTplQ2yXsofgY7DKlvxSAZSKRY9b2wExR12KyEvNhm93ApZupENcSto9WrsJBz2sYIbNr9x94bxEr9brSHwlMJLLzjadlD8TWz7LTc-KjtS0MewCUGBfQPhBUvuC4k09ix4j8FgNehNTQYbPkhF0faDRtfdMJ0EF8k54U6WCCuI0okJWtxu5Skaggpw83lUDpS0AZPYHV5vdIjD5vCMMv-dCNImrQQSmemGhO8RRFWKTXM05FsAE0IWBv7wE4AQDiAWq-r23TJAGAaAGdoAHjf_nsAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0B4g0TCKml3ty8-IEDFfsJVQgdBvEMWbAT6rPSFMgT087T4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1697387378318&ai=CpLLlcRMsZYDBLvuT1PIPhuKzyAXWzue4c4zk4OC-EfAuEAEgzufKlwFgleKQgqAHyAEFqQLe9ToZ5KGxPqgDAcgDmwSqBKcCT9BZxZOzQGoi8vppZp-FepuHAtnHFi6-TV4GZPV81ek6KZ2cDn8a-pNNo_0yosG4-RWrxmCSx18JjyaZILgrIr3aHF-PasK88rx6YQAuqY8lQBWvr_j6PHm1IAej8L74TVxwR426-FcqiEGTfvKwIPSasTplQ2yXsofgY7DKlvxSAZSKRY9b2wExR12KyEvNhm93ApZupENcSto9WrsJBz2sYIbNr9x94bxEr9brSHwlMJLLzjadlD8TWz7LTc-KjtS0MewCUGBfQPhBUvuC4k09ix4j8FgNehNTQYbPkhF0faDRtfdMJ0EF8k54U6WCCuI0okJWtxu5Skaggpw83lUDpS0AZPYHV5vdIjD5vCMMv-dCNImrQQSmemGhO8RRFWKTXM05FsAE0IWBv7wE4AQDiAWq-r23TJAGAaAGdoAHjf_nsAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0B4g0TCKml3ty8-IEDFfsJVQgdBvEMWbAT6rPSFMgT087T4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU Requested by Host: 8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com URL: https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:38 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 74F6	0 234 B	357ms 14ms	Ping image/gif	216.239.32.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lnromb9s&c=5047892507222&slotId=2523946253611&qqid=CMC9yt28-IEDFfsJVQgdBvEMWQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1u1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:38 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 74F6	31 KB 18 KB	111ms 54ms	XHR text/xml	64.233.184.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AWV4DFhn50VaQE3ed6_0MicLADnQyA9mate5rQo-lXAQEXIOaVqHT3BFvz0YuT4h5hL1O68Vo-3m_51rpFuvV55Mt_TQ&cry=1&dbm_d=AKAmf-BX4a1fCiL1a1ItmPx4Kb1HD_rGVSGCg9xvUvHMyYP--L_EZgnYcGxNU423336-ftKvW5n1k7FcrnbVD45ilPmxhtkwzK4FD92XcfA7pNLgZ5oUV9w3GWtIHvOx0FRWlP0sg-IT15qeVCLtRSrkItTDKOkevJHGRnR1UJ0XC5431ZXyyPr-On4gziWEOYgqNqPWmH0IYTRKdCoUvAAbljT0LlEPw4TcXFRzMVRDBxHks6Vi7I3AUUoL-jylK4B5ypr1GyjH_I5zzBeSZiPl0qd3dtwLGL2SAO03jmchXyaI8RpMgArBcLNo9ueEN5YPqQpqVMXsW62_44X13K9kqMrknE08S0YAHrMSc8GtjIcYf9ZSUe0jJyuEU029j2Gl2rIDarVkiiDq44zY2gOB05Fb-TXiJUtYqNV1FEDpd00qfJz-QPT_dwfbgdF7Ur3IKpxrKsVjbjuYm6FswLoip0QUbPxHr7bx6Mx9xMLfIwV4Xt7TRSUlTpx5uD7EfxX3bgD62PP73dbivELy3h5foNXYPbGS4y3mBV9U5i08T0Q_C_254ec4r-l20nRhJI4vAMlD_8d8Wga-A0vax9sim9KJzD1u8-tGm290oAVeCj1YhOsaD-afzPvHC950VE6WBBv3ucHHMZCZWK9BJCto4Ayd89FJ-Ax7fjRAsMwiC3QTIqSL3kg1CZS8v-uj-OSZGC2foY4gb4Fx1zBJAeUWptR-KcOL7xv7mag7uTRLSckMPmZjBQo--5NJyyRvZlquU5ysTP1bUDBBJhtDSYnKigFrsBg-QufysnUF_mXhJufalznXVLUchw44YLCOpx2SI0tXhmVUi-l2HZVGzPZagUvuqKJlycikf4GiA5PGjwdIMdnckJJEvixrrVT6mx5srMctGqCIkQmKNUbH6SR1ZNmO6y1GzxJ3UsK7airHgGYpqJSPAlUzDSSD58TRVF-qRJjKfPEcH9DgNJspNA-jwck9ojJ4EVsdzSKrB10AtT3NtWyfuU73gzqsWK6fKqKOZvC7NQyXYdOWqbjmwq2KdZDcIsuLnrD-iiNURH1fjmDjzZbiq4ZB43wgwXhAMKGzaUxNRch-fPYO7cNMw1KvAbMg64874YIanLkpdD3vZ3D9hVepOKPzWqiaxCy9_8VsFEEfa3ydj5VylkIGRYv0QO4PiRxHwxEGkzDRlMMIEdUcUu6uGYiRBrV_uZu87lYgn0ChZ0SPl1qI39eclEfwaWBa97zh1cdZxyjC1zyP0QiUsb59Z2y15wXoAjWHZN-p-kVkK4-q_RVSuiZAHs0zOSS9CBrdxSS0GwV56Aq0xQEeDFQSvdu5EyWL6wXaeGClBkVN_lRw2xJEuKC5GCGNUVRG-OYZeB7l8TxjFHZRZHnurzddFLpx2WvXcdC1gIhqEA04Osjioup3yDiwNGNEY7-d6WHBWs4cA1jboaT2CXQ8DNAJpiWGvQ1H2Ag2H28qJ0j2QTg-sFysxzPhhqtjGgxltb91yHnRmakQ-1_8kcYbClih-LWNPoUC8l8szGNCpHHK_Gv959QE-ls6igwwZ83wbXgibO-L2LIJ8FGS-9Lqsyoa_P3vnGu8ADb0c0w4f1wYS0-7UgHSWMk0ClbpJN5dgvofsGEljqeCymflu0DreEYLOtBN7zqg5_z6148d_TONTw6szB5fR8uS4P0sPDwhQiE23QaydyzwjnojeNfFWP9wkTCxxLS1FJ67DJjzVMx5Hbs0iHoqZnRjjMSURs3ohlZmNYfcnujhy8L2XavGFjJUI2O9KXzhktHVO5Uakl3N9g4PrK-PKhYyMNfYsN5cWUj3Un_LqGW9Z-rybmXc4Um8_GXW1wyDZi2_MUw3x8yD9ePeYtDxe1NJYutfraQrGrHnC5WWgLfqZgmlk1D5diEVmFWnTwq9Re12LLDavCCsIk0JnPIrEfTjsysnhmvJHE-9D-_9G6Yc_iVkEpY0ixoB2zfIsf_DsI11mpdWtXj6nwzQOsVIIbwmuujTXCCHvgjGhU_rdnn2QMxktY8stSCCxD63MKEc3XMbEa-Wao8t8Y5oZ1dwEtfr3yD9vw_fckyhoqjPqk2KUoMMfEgx7Q84YvQ8i9-mszaZkVm1VkxrRcXri95KZZc7C0SLZ3FfUwhIkponNXEgZx262kpqqLTP9_zAsNyg3QnL1_4wBsUNnc0I1gnxVPvt_eqWJwSXMGiUsblHIWY7OuEiLPNq7UGlzZ1mcAng_AcrpTDLKXOe-eQ_6Fg2VEKHTinmiFXhuLh3kLBa7H39umE0ezbLeolLO0bZeyiErqqAmt33QTl4cCkk6R9FaZ244mUB-Kbcle-YgDfQNoWrkf_NKV61TMojHfcX-4pEgAbrY-d13Pv3XHtjTXzFXomY9USarEX_EHZDK-aaEOqzRoFqrhyblZHCKHyumzvxrVs6V7cbqv4bYK0Av0-ek1oVhNJFDesyVr94D2tUrfCXDktMlvj_hLnEcfGZvRfW84QTfHfzzODZ5qKF5Vtm1kEx7yrPTay9GWTQ8iAzTkHnQbCEfXNPsLHYGMoDpVQTRsAxexHMdIGdE6fIeb887u7sfpF7jlb7wqLD23ZzGoghIehHrrk-f7ISP3ZjmVbxpvVbHMq_UpwEDwAc7Jy77thkOn3SBMnV1g52VflN6hokePiigVN8tlZXKZ58pxgG0vQEnjcoX62bKFKNNZTkoi3xeeHNzxp_QOtZoP6LTQFs20pRLg4zS9Oc-WmRNJ88omRIP_UQgSrcmMVDYt_JVdTjxOF5IxGW5Qa2QiVibuWVfuXCkfXquXxunv4AOzJ_kQsY-xkza_TIET8JekPLW0Y85gKuVjRYloC_UQzZekhNZzg3dmVfqzX7s6pxt2-Ldr20b-1ZNZ7Qe2CQ15e7-jes7yFvRNb0CJvgv_nx4EWhrco6MPz4_aenYfA3QX4SQYiC0xdSKuU8DfwVASscN7A5QyuxCZ7I8WpP9dEihNDyDd7zsxDUc2RD3eoKL1A4SbPEsEcxmx4j9zJroPQaWISeR8C2lXKWg1tDjlRe71PLrg-lV84Ff8TAeRaEnf5H63CSzuq3wQHupANymnLNu86JfWS9CL49PJdXRwkm4yDY811VSMZNOXYfHch05LJYtqSfBpjrtzPPXVKC0TuP04TDjsuNNRqjs9YPQSrR0O21jQMs9VP5K0bPlSY_3xQWF4aI0RF7PTWDVEGE_QaLoEumBCOuPiKt9Z_E8Mgv9e1GWM6Sc-faToTxTYNoyTp56RCykPhIOG-I6glln51AYDHjQz14UBkAaMKRyzuACi_2agQLh4SDX42dySiKzOSIyFpwgJD6wkbKedPj65iMWtITQRNMAZYnORqrAqSCFZYjaenBbxAPoEwiE5ZRlFBsz0p4FX9vH-SWD8T0p7J-okj6nqujdM9SBI2TV32xXltcxou86reaSNZGzBY1GuCwxwCHKmC_hZnc30H2w9STVgHBp_eRWv8Nums5P-DoEjT2l1rTGJu-XxgC2-z2wXCvE-KY4cGb49Gbb4vUsPtCemg55Df3QoVmd7DUVMaXF3-2AODd2M0o-MYlZPMyu6VVhj4ObfOX8AQLJKx_wBOWG7gbgpTBr4pN2lSmDjq0KI2pO64jkaiOZZqTWAGFJXVFZxWhoms-yZRjWLXrpMIirasM4jXW7gP4FzU4pYif1mP2v3qFeKI8l_oH1p5Mx8Q6Oa1M_NZ_ckjnfoDiEtVZgaLiV9GXHith5LXpp77v8U2c4BoY4RRFzeowTuTr9ikWd9Yd_OXBd7mTImFYPxcfDvQ4Qy0L-LmEqYTUL4L_TRplThsQieZbfVn4Mj1_FXJr3ix2rOb370FCBxvGW61l3LTvGbgqkbqABHoB9_DJ-WAfxQWI8RxrGKhaN_kDGc5YD_ZLh2dzZGFilfS6H0weFWd196Cb2jbdIvJ2UbqbWA2yFp53R6RJjoV8qjb2X4tPNmnHSnJiBHe1SgE8o064_NKGr9fP4xzHjSJG8HMhGtN8mDuk-7BIM1yPWcNpXGmijod3f15bYWoDIyxtFIYuUJJ6sVeMGMcqMKd2SdkkRyYaonbsyau4duSWIKaas_vzk5LQ0L5myk1HRizFdOJ2oIYxUM9lTDaLEYXyfJcPrP_1kzGnu2PpT5mIjAlZ-c4JXs5mIWFfg8cVOgQcjcTbIjAED63pqOaKBv2ruZh0MaYlPzqZ234B13B887Ju9g8f4b_y8ZM9cPwhlRn7o9ebC3bD1oKeucyQBKU3925Iz946sIhNcYGhcM-1e0B3HnTZZyCezcLeXad7s8bv&cid=CAQSTADICaaN46a_PYKURq1s82ypYinWyLvDXsG5Lvur8owqSB-FHrrSeMgrBZxJHIHw5LL-VadsrZToMYS3yueP9YGnh96eNc_0J5NAH04YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.184.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wa-in-f154.1e100.net Software cafe / Resource Hash 22285aa104aa7a3750248bb9c108f3a6359e3a0cc08c187ae8dac875e817ca28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sun, 15 Oct 2023 16:29:38 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17585 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 74F6	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e3d3a4de408472ef8739d1a95e649b254f285f93653132ef78924dd92f89f67 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
POST H2	204	csi csi.gstatic.com/ Frame 74F6	0 45 B	237ms 15ms	Ping image/gif	216.239.32.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lnrombab&c=5047892507222&slotId=2523946253611&qqid=CMC9yt28-IEDFfsJVQgdBvEMWQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:38 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame 74F6	41 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 15:06:37 GMT content-encoding gzip x-content-type-options nosniff age 91381 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Oct 2024 15:06:37 GMT
HEAD H/1.1	200 OK	file.mp4 r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 74F6 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa... https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	102ms 13ms	Fetch video/mp4	2a00:1450:400e:5::7 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5689514D291C78416A353F9AB4F9A18D6F32F888.5CE085A13862605FDAEE329F182AD4F36FA86B83/key/cms1/cms_redirect/yes/mh/Ss/mip/2001:ac8:20:3a00:1011:38a:8706:ca26/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1697387091/mv/m/mvi/2/pl/50/file/file.mp4 Protocol HTTP/1.1 Server 2a00:1450:400e:5::7 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Sun, 15 Oct 2023 16:29:38 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2867749 Last-Modified Tue, 12 Sep 2023 07:34:37 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Sun, 15 Oct 2023 16:29:38 GMT Redirect headers date Sun, 15 Oct 2023 16:29:38 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 665 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com location https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5689514D291C78416A353F9AB4F9A18D6F32F888.5CE085A13862605FDAEE329F182AD4F36FA86B83/key/cms1/cms_redirect/yes/mh/Ss/mip/2001:ac8:20:3a00:1011:38a:8706:ca26/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1697387091/mv/m/mvi/2/pl/50/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame 3D6A	23 KB 8 KB	16ms 15ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 372159 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 7799 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 11 Oct 2023 09:06:59 GMT expires Thu, 10 Oct 2024 09:06:59 GMT last-modified Sun, 25 Jun 2023 02:58:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 74F6	0 0	47ms 46ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CLbR9cRMsZYDBLvuT1PIPhuKzyAXWzue4c4zk4OC-EfAuEAEgzufKlwFgleKQgqAHyAEFqQLe9ToZ5KGxPqgDAaoEpAJP0FnFk7NAaiLy-mlmn4V6m4cC2ccWLr5NXgZk9XzV6TopnZwOfxr6k02j_TKiwbj5FavGYJLHXwmPJpkguCsivdocX49qwrzyvHphAC6pjyVAFa-v-Po8ebUgB6PwvvhNXHBHjbr4VyqIQZN-8rAg9JqxOmVDbJeyh-BjsMqW_FIBlIpFj1vbATFHXYrIS82Gb3cClm6kQ1xK2j1auwkHPaxghs2v3H3hvESv1utIfCUwksvONp2UPxNbPstNz4qO1LQx7AJQYF9A-EFS-4LiTT2LHiPwWA16E1NBhs-SEXR9oNHt9t7p0p-P3JbAR-a1AFthtBFO7dS6rZZyX2T5X6CvBBiDKekQYgmCHdek7t1M0bL9coZtHErcm8WE08bJjnSmwATQhYG_vATgBAOIBar6vbdMkgUGCAMQAhgBkgULCCIQAhgBSOzWiAKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB43_57ADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQx9EJGMKOlfYB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAeINEwippd7cvPiBAxX7CVUIHQbxDFmwE-qz0hTIE9PO0-MD0BMA2BMKiBQE2BQB0BUBgBcBshcfCh0IABIUcHViLTE5MTIxNjE1MzcxNDY4NDIYgPGMAegXBQ&sigh=T43snx1wZ34&uach_m=[UACH]&cid=CAQSTADICaaN46a_PYKURq1s82ypYinWyLvDXsG5Lvur8owqSB-FHrrSeMgrBZxJHIHw5LL-VadsrZToMYS3yueP9YGnh96eNc_0J5NAH04YAQ&vt=10&cbvp=2&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H3	200	QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response pagead2.googlesyndication.com/bg/ Frame 3D6A	37 KB 14 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 11 Oct 2023 21:56:19 GMT content-encoding br x-content-type-options nosniff age 325999 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14709 x-xss-protection 0 last-modified Tue, 10 Oct 2023 07:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 10 Oct 2024 21:56:19 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3D6A	0 20 B	156ms 156ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BmhACchMsZZG5Ge2qmLAP17i9mAwAAAAAOAHgBAI&bg=!8vGl8b7NAAZy-tsgUvo7ADQBe5WfODsh_7aLVyibiGr-lPqcOD0Q4ZLPNYoIFPKnkWfNAoIaY23eg93e6p6R-JayfdHUAgAAAE1SAAAAB2gBB5kDOhTEGy0AVVAygjfL1atQYXrIQFLOT6ZpUulr9i4qcDlFUH0OooWz7eGo1UxkQL0oyRXu3VVr40WqVfN6UP5gPF-8Tk6DAEK1rbhAjiGuwW8RG3QF4zb2O6n3q_oeVPV8Dbt7ZVH6h9FQS-zscnB-oTpybgLxo7wgWh0mZ-w2e7Okv7zcuvjMmF-CsyAIi1uU-uyTBnKHwdANEzGl_ORgakYX8wqxlLfJyPU3qh9QYOMy2Urs-dqycVqxyqheG5Imu7I3EPIe7i2KqdQgSarMSJcu8Y2AOISuTRLyC13SMAMKIHUywzC7t_r8pGqm3kBDFTMEtTbmnKAWgbUl1nZg9-SC5rpZWNmx3F4qYpMqOCS7AEzFoAGk1X0iXS7crL4qTu9pGONDR1Oi_75F6Fhdf69NxjFEfzTX39gUdMHwgnZujEtfU8n04s8AtBZKQk9vsiFzZDMfPXBKKr9TA44u4INNpyhPLb7kI0JrnJLzPA6qf3UqO3eYWg4TL3qJ23P0fRA_1-aM0T-pgiOVXA9eCOc2f4zW8v6mBc8xEvjpaKT99gOyXtpeG7LiMd9Ak5X8tQHDDEbmdabtVnrb5lwqOEqnzWh_hTMwEawYAqAdl3w5ipzGU7NSE07FJic0OaalmqYXTDpyuoDNbMqjDYdLUmQYyb8ojTBq93YuIIES9Ys8iD0BwNOGWVICAYDVRxQ--3S0-JjLbqNoYYoa0WGI9UKWM_vrhwsdBVmrmONi-5q-byrl93BxUTbpEbt895BADydl8qXk-gGBAl64rU10sZZBuKNaZWdaP6I1u_QYkxqCtL_I0NlAjG5hNHa9k5RCkRRfAEpuPunnJx8jy-RadieJuma3BXR_-5M-slQ6LFJpqcPEGgmVQATJEoUlsUsaWpBkJgEjQ8KSoBr3G1yZT20yUN_5Y7tcCaykw0AOCPLFyUsPg66Ncn6XudmrnLdzNdOBEEAUrpO7e3WGpxKjPs0EMaAMubtU2H2P6IQeQKoeFC8pBe_MCDftCRGvmhZ4dP-_ji2BpvK_jdCwGDD9NuLhh2U2aPF8y0e7V1dbxYjup9wBb9TRFRMbuFTW_r0-m7uiTbyg2TpldvM Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:38 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	206	file.mp4 r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 74F6	311 KB 0	29ms 13ms	Media video/mp4	2a00:1450:400e:5::7 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/6327fa31a31184fb/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728923378/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5689514D291C78416A353F9AB4F9A18D6F32F888.5CE085A13862605FDAEE329F182AD4F36FA86B83/key/cms1/cms_redirect/yes/mh/Ss/mip/2001:ac8:20:3a00:1011:38a:8706:ca26/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1697387091/mv/m/mvi/2/pl/50/file/file.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:5::7 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Range bytes=0- Response headers expires Sun, 15 Oct 2023 16:29:38 GMT date Sun, 15 Oct 2023 16:29:38 GMT x-content-type-options nosniff Content-Range bytes 0-2867748/2867749 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2867749 last-modified Tue, 12 Sep 2023 07:34:37 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com client-protocol quic
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 6823	42 B 64 B	157ms 157ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuyVh05SoDegcN3DXgXwCg_FXPiLNBUuNvZB7C7g-Pfb6Gg7A5Eu2u6ygxs0XQNipYL3TlS0KiD9X55OD0u-XllZHdSNI0qikiSYObzx_-dWfHz4qBcG99Z7jXfjPWrrMavx-b0bCIdScE&sai=AMfl-YRLb27NlFkyySGqLqZogzW4aerB4-sw_UpkNStM3N4EWBNDe7_wKbedsSLgHegnpcsxwKa9QeYFp0LeFl2HHe0auOoaiynd2rV_1YtOalClzAEs8C20Get8_ZeqcaN58A_uckmDzEoFDyqqJw&sig=Cg0ArKJSzAiLCjE_uQuBEAE&cid=CAQSTADICaaNyyggUfTankH7R_3_JWZgIl3Cuv0CNWfGHzTIcDw0qodkbMrFEQaqmvIhZ8FBc7idDGAiwut4LEpQlapQ0IhjwNXr3ZpzcyUYAQ&id=ampim&o=360,10&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=121&tls=1121&g=100&h=100&tt=1121&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:39 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 74F6	0 54 B	14ms 14ms	Ping image/gif	216.239.32.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lnrombdp&c=5047892507222&slotId=2523946253611&qqid=CMC9yt28-IEDFfsJVQgdBvEMWQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2090&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1xl~vil.24p&ua_e=1&ape=1&ple=0&umsem=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8b7221aabea74210e1d298c4cdc07fd3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:39 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	15ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DWX6Q6TDMK&gtm=45je3ab0&_p=562488653&cid=2099275874.1697387376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697387375&sct=1&seg=0&dl=https%3A%2F%2Fen-in.obnews.co%2FIndex%2FnewsDetail%2Fid%2F1438112.html%3Fval%3D2df636272b724e34c835e218e4100aa9%26keyword%3DEPFO&dt=EPFO%20Withdrawal%20Big%20Update%3A%20EPFO%20%E2%80%8B%E2%80%8Bemployees%20are%20in%20trouble%2C%20this%20is%20how%20they%20can%20withdraw%20the%20entire%20money.&en=view_search_results&ep.search_term=EPFO&_et=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://en-in.obnews.co/Index/newsDetail/id/1438112.html?val=2df636272b724e34c835e218e4100aa9&keyword=EPFO User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sun, 15 Oct 2023 16:29:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://en-in.obnews.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT