www.deccanherald.com Open in urlscan Pro
2606:4700::6812:5ac6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/...
Effective URL:
https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/...
Submission: On August 31 via api (August 31st 2024, 3:01:47 am UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 22 domains to perform 74 HTTP transactions. The main IP is 2606:4700::6812:5ac6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.deccanherald.com. The Cisco Umbrella rank of the primary domain is 173188.
TLS certificate: Issued by E6 on July 23rd 2024. Valid for: 3 months.

This is the only time www.deccanherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700::68... 2606:4700::6812:5ac6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.208.254 34.149.208.254	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:16bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:ff40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:10:... 2606:4700:10::6816:1ad4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:5000:11:c3fe:5b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4013:c18::54	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:44f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	18.245.31.65 18.245.31.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	51.8.71.184 51.8.71.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	44.209.204.25 44.209.204.25	14618 (AMAZON-AES) (AMAZON-AES)
74	29

7 2606:4700::6812:5ac6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.deccanherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.208.254 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 254.208.149.34.bc.googleusercontent.com

cdn-in.amuselabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:16bf (United States)

ASN13335 (CLOUDFLARENET, US)

go.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nh.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sbp.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:1ad4 (United States)

ASN13335 (CLOUDFLARENET, US)

fea.assettype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:5000:11:c3fe:5b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4013:c18::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:44f0 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.atmtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.8.71.184 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.204.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-204-25.compute-1.amazonaws.com

prod-analytics.qlitics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gstatic.com fonts.gstatic.com	327 KB
8	google.com accounts.google.com — Cisco Umbrella Rank: 46 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 region1.analytics.google.com — Cisco Umbrella Rank: 3773	215 KB
8	assettype.com fea.assettype.com — Cisco Umbrella Rank: 168599	370 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 pm-widget.taboola.com — Cisco Umbrella Rank: 4404	462 KB
7	deccanherald.com 1 redirects www.deccanherald.com — Cisco Umbrella Rank: 173188	243 KB
5	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 13270 nh.izooto.com — Cisco Umbrella Rank: 79580 sbp.izooto.com — Cisco Umbrella Rank: 165836	89 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999	84 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1114 a.clarity.ms — Cisco Umbrella Rank: 17945	28 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	225 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	182 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	70 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	184 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	21 KB
1	qlitics.com prod-analytics.qlitics.com — Cisco Umbrella Rank: 97320	560 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	6 KB
1	atmtd.com scripts.atmtd.com — Cisco Umbrella Rank: 98200	110 KB
1	gumlet.com cdn.gumlet.com — Cisco Umbrella Rank: 101247	5 KB
1	automatad.com go.automatad.com — Cisco Umbrella Rank: 98499	42 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	4 KB
1	amuselabs.com cdn-in.amuselabs.com	10 KB
74	22

	Domain	Requested by
9	fonts.gstatic.com	www.deccanherald.com fonts.googleapis.com
8	fea.assettype.com	www.deccanherald.com fea.assettype.com
7	www.deccanherald.com	1 redirects www.deccanherald.com fea.assettype.com
5	cdn.taboola.com	fea.assettype.com cdn.taboola.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	www.deccanherald.com pagead2.googlesyndication.com
3	c.amazon-adsystem.com	go.automatad.com c.amazon-adsystem.com
3	accounts.google.com	fea.assettype.com accounts.google.com
3	cdn.izooto.com	www.deccanherald.com cdn.izooto.com
2	a.clarity.ms	www.clarity.ms
2	www.facebook.com	www.deccanherald.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	connect.facebook.net	www.deccanherald.com connect.facebook.net
2	www.clarity.ms	www.deccanherald.com www.clarity.ms
2	www.googletagmanager.com	www.deccanherald.com www.googletagmanager.com
2	securepubads.g.doubleclick.net	www.deccanherald.com securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	www.deccanherald.com go.automatad.com
1	sbp.izooto.com	cdn.izooto.com
1	nh.izooto.com	cdn.izooto.com
1	prod-analytics.qlitics.com	www.deccanherald.com
1	www.google.de	www.deccanherald.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	scripts.atmtd.com	go.automatad.com
1	cdn.gumlet.com	www.deccanherald.com
1	go.automatad.com	www.deccanherald.com
1	cdn.jsdelivr.net	www.deccanherald.com
1	cdn-in.amuselabs.com	www.deccanherald.com
74	30

This site contains links to these domains. Also see Links.

Domain
epaper.deccanherald.com
www.whatsapp.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
t.me
play.google.com
apps.apple.com
www.printersmysore.com
www.prajavani.net
www.sudhaezine.com
www.mayuraezine.com
www.exammastermind.com
dhclassifieds.com
printersmysore.com

Subject Issuer	Validity	Valid
www.deccanherald.com E6	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.amuselabs.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-13` - `2025-03-13`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
go.automatad.com E5	`2024-07-12` - `2024-10-10`	3 months	crt.sh
izooto.com WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
assettype.com E5	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.gumlet.com Amazon RSA 2048 M03	`2023-10-27` - `2024-11-24`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
accounts.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-09` - `2024-09-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
atmtd.com Cloudflare Inc ECC CA-3	`2024-07-28` - `2024-12-31`	5 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google.de WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.qlitics.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-18`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Frame ID: 7EBCD3114879BFDFDB421EAA9660D7F9
Requests: 69 HTTP requests in this frame

Frame: https://www.deccanherald.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js
Frame ID: 0D8E15373B58C1C56B024C6C38F5BCE3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: B42BBBFABC96CB59FEDCE6DFA91F63E4
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=undefined&shape=undefined&logo_alignment=undefined&width=undefined&locale=undefined&click_listener=undefined&client_id=997955211260-m9n5bfqvm209j4nnumu5qcm51aptc5v8.apps.googleusercontent.com&iframe_id=gsi_303037_20153&as=EPVbavqnwSdUTb%2FNTfAU8w
Frame ID: EF6B0D668F8E393542962FDDC952095F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 86081F58AD8463EA04877C2D260E0777
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: F4326EC339ABBF69D8D32B3D40E5B465
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 - Page not found

Page URL History Show full URLs

http://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-sei... HTTP 307
https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-sei... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

74
Requests

99 %
HTTPS

75 %
IPv6

22
Domains

30
Subdomains

29
IPs

4
Countries

2681 kB
Transfer

9530 kB
Size

10
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://epaper.deccanherald.com/
Title: ePaper

Search URL Search Domain Scan URL

URL: https://www.whatsapp.com/channel/0029Va4ifN6AYlULZASc7V3S

Search URL Search Domain Scan URL

URL: https://www.facebook.com/deccanherald

Search URL Search Domain Scan URL

URL: https://twitter.com/DeccanHerald

Search URL Search Domain Scan URL

URL: https://www.instagram.com/deccanherald/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/deccanherald

Search URL Search Domain Scan URL

URL: https://t.me/DeccanHeraldNews

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.tpml.dh

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/deccan-herald-news/id1511179557

Search URL Search Domain Scan URL

URL: http://www.printersmysore.com/
Title: The Printers Mysore Ltd

Search URL Search Domain Scan URL

URL: http://www.prajavani.net/
Title: Prajavani

Search URL Search Domain Scan URL

URL: http://www.sudhaezine.com/
Title: Sudha

Search URL Search Domain Scan URL

URL: http://www.mayuraezine.com/
Title: Mayura

Search URL Search Domain Scan URL

URL: https://www.exammastermind.com/
Title: Exam Mastermind

Search URL Search Domain Scan URL

URL: https://dhclassifieds.com/deccanonline/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://printersmysore.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: http://printersmysore.com/
Title: About

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957 HTTP 307
https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.deccanherald.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.deccanherald.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

404

Primary Request -3139957 Show response
www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/
Redirect Chain

http://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

1 MB
173 KB

364ms
313ms

Document
text/html

2606:4700::6812:5ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5ac6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

110dadd91d79728e5db4d71b6795541dc5c1492c171cc1725b56034d06f58656

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=15,s-maxage=60, stale-while-revalidate=150,stale-if-error=3600
cf-cache-status: MISS
cf-ray: 8bb9c70a99d21c2a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 31 Aug 2024 03:01:42 GMT
server: cloudflare
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

Location: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtPK-F2qC0s.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 19 KB
19 KB 48ms
12ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtPK-F2qC0s.woff2

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4ff2f07870007176638f0dce5abd4060fda80a13cd4fbfd767b5beb09a4b99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 01:38:30 GMT
x-content-type-options: nosniff
age: 4992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 01:38:30 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtPK-F2qC0s.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 21 KB
21 KB 49ms
15ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtPK-F2qC0s.woff2

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89cd6d709716cfa21bc02753b2d92f66e39e77b2efc26891db46256ae3f390d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 18:38:27 GMT
x-content-type-options: nosniff
age: 116595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21132
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 18:38:27 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2RjV9Su1cai.woff2
fonts.gstatic.com/s/robotoslab/v25/ 14 KB
14 KB 42ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2RjV9Su1cai.woff2

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a651c60a0a45e4610027be77b32b5dec4180e6036fb870108f06a44e7503c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 17:58:08 GMT
x-content-type-options: nosniff
age: 119014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14104
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 17:58:08 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2RjV9Su1cai.woff2
fonts.gstatic.com/s/robotoslab/v25/ 14 KB
14 KB 43ms
9ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2RjV9Su1cai.woff2

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4184b2f4d5878c005aa22c1cf131f297f426ea91fcf5569b1c9d28d86c514a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 18:38:27 GMT
x-content-type-options: nosniff
age: 116595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:54:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 18:38:27 GMT

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 41ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 185969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9d%2FIE%2BHeT8iLj%2BdRCg6FFN%2B39Heb4EbeZNhl%2BQuT2Y3MqJ%2Fhn%2BhD%2B33gq%2FVKcRSXp%2BftwYh29SKYG70GAoXUBh6%2FIs8v%2Fw%2BCdb96mnr%2BFMYR1nZ%2Ffs%2FH7UNRv7913jnVI7KJW4WWnJ0efLOwUBhzXeT0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb9c70cc9ebd381-FRA
expires: Thu, 21 Aug 2025 03:01:42 GMT

GET
H2 200 puzzleme-embed.js Show response
cdn-in.amuselabs.com/pmm/js/ 35 KB
10 KB 52ms
17ms Script
application/javascript 34.149.208.254
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-in.amuselabs.com/pmm/js/puzzleme-embed.js
Requested by: Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.208.254 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 254.208.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 65439062867206bee60070bf225a893c726932aa126bc72190d368f7dfae3565

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 23 Aug 2024 07:09:46 GMT
etag: W/"36066-1724396986000"
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
32 KB 64ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

975f7d9b648e4ed913467457f9c2805817c86454d7f5c34c252b5249a017fdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33213
x-xss-protection: 0
server: cafe
etag: 766 / 19966 / m202408270101 / config-hash: 12776032365580462639
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 31 Aug 2024 03:01:42 GMT

GET
H2 200 lightgallery.min.css
cdn.jsdelivr.net/npm/lightgallery.js@1.2.0/dist/css/ 20 KB
4 KB 38ms
7ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lightgallery.js@1.2.0/dist/css/lightgallery.min.css

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

814eba54011def7fdeead06ae5cf964a245c347d0f4972e71cc3de1482b1b473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 31 Aug 2024 03:01:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2065575
x-jsd-version: 1.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4114
x-served-by: cache-fra-eddf8230068-FRA
x-jsd-version-type: version
etag: W/"4ff3-1Jp7TCJCouqRDUbi3/MYVlAo3vM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 afihbs.js Show response
go.automatad.com/geo/mAfXoQ/ 160 KB
42 KB 97ms
43ms Script
application/javascript 2606:4700:10::ac43:16bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.automatad.com/geo/mAfXoQ/afihbs.js
Requested by: Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:16bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b156e6c60471b72c47600c29baf7b9d7b67638973b52acb8d358c7bd52cf526a

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: 6fPuUr389GoBcZO0vlLEySP2OOEwkLau
content-encoding: br
cf-cache-status: HIT
age: 629
x-amz-request-id: J1B08TVCCGVAYRZ4
x-amz-server-side-encryption: AES256
x-automatad-hbs-version: v2
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 52l4k8y4c6p6OvOo1bUETeBY6N2AU/t+bYxKjdQCz39meF0k7PNRoqAq/3yIdYPDQiAcVfLIQAk=
last-modified: Fri, 16 Aug 2024 05:48:39 GMT
server: cloudflare
etag: W/"77f81175b5f0c67eb407380460a73169"
vary: Accept-Encoding
content-type: application/javascript
x-automatad-country: DE
cache-control: max-age=120
cf-ray: 8bb9c70d8dbad253-FRA
x-automatad-device: W

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
51 KB 52ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6098511427863223

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afd59a8bd6557aa17b0727b00b1406cb34e68ba1672f14624e73fa2e32f791fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52589
x-xss-protection: 0
server: cafe
etag: 378601627458098481
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 31 Aug 2024 03:01:42 GMT

GET
H2 200 c9f8d2b38118e02a670466b9dde70a81902a4383.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 59ms
27ms Script
application/javascript 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/c9f8d2b38118e02a670466b9dde70a81902a4383.js

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3af448eae34e078812132e415eab1d641ddcb706a4cbe2e8b014efe72c22b9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 10 Jun 2024 04:53:04 GMT
server: cloudflare
age: 1029910
etag: W/"666686b0-754"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 8bb9c70cd959bba9-FRA
x-xss-protection: 1; mode=block
expires: Sun, 01 Sep 2024 03:01:42 GMT

GET
H3 200 list-686124644bbb75d62d55.js Show response
fea.assettype.com/deccanherald/assets/ 280 KB
41 KB 51ms
27ms Script
application/javascript 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/list-686124644bbb75d62d55.js
Requested by: Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b3944fe27b050eed9f34f0fff79fcd399faecc0fbe74cf728ba2d1f1de49ab9

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: ATkwneG5o1MagHRD4xqCNd4M1wkOUFr3
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 134959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Aug 2024 12:10:43 GMT
server: cloudflare
etag: W/"8e5c9cf0d22c0052e280e922d3874545"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70cecd36adc-FRA
x-amz-cf-id: aSXKNvzw0R9Wl0tKNYrwJ1c02vGx1BMwUbjbO8YKiGpxlvhfaNzChQ==

GET
H2 200 gumlet.min.js Show response
cdn.gumlet.com/gumlet.js/2.2/ 14 KB
5 KB 46ms
7ms Script
text/javascript 2600:9000:225e:5000:11:c3fe:5b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gumlet.com/gumlet.js/2.2/gumlet.min.js
Requested by: Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5000:11:c3fe:5b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc7a0b52cfdd3adc4ca2893e4d155b9067dd7dd27ebce043e19583e7ced6f033

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 19:19:47 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 10:04:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 152770
x-amz-server-side-encryption: AES256
etag: W/"38f548e1c1a1e3b957b6a3093ca42f3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=172800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: v6aifRVCYBGTyyyCgMO5JeJUnhzCpB12KAHaxh7lRUk6A_MzlSBCZA==

GET
H3 200 app-686124644bbb75d62d55.js Show response
fea.assettype.com/deccanherald/assets/ 749 KB
208 KB 38ms
36ms Script
application/javascript 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js
Requested by: Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5faf8997565629c888e824f8c9acdd5efa1f9cb584c194b86d0568d5d178fbf

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: aRDkBBR4hqXSrculwwMUbLbrkYmDI9xq
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 139796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Aug 2024 12:10:41 GMT
server: cloudflare
etag: W/"c59d2f28deaf9e028d46967684099ce9"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70d3cf76adc-FRA
x-amz-cf-id: tx1OEKbIdiAovoGEhsUmiuLthxbeRgHpZveMyL_MvZYW_xNSbaGw3A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
80 KB 45ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T46PRBZ

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7c5502e979ab954a79502b2ef1f405199fdba14fd08d0aa5a71369bcc5488f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 31 Aug 2024 03:01:42 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 366 KB
85 KB 36ms
35ms Script
application/javascript 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/c9f8d2b38118e02a670466b9dde70a81902a4383.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4db21441a864a9c1fa837fc4ad0baf1c9a158e4e39b20e148114478ed2b066c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 07 Aug 2024 10:20:28 GMT
server: cloudflare
age: 837633
etag: W/"66b34a6c-5b6e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 8bb9c70d398fbba9-FRA
x-xss-protection: 1; mode=block
expires: Mon, 16 Sep 2024 03:01:42 GMT

GET
H3 200 svg-sprite-39ec39c5b3d32c0adb9732979a5c9627.svg
www.deccanherald.com/deccanherald/assets/ 87 KB
58 KB 36ms
36ms Other
image/svg+xml 2606:4700::6812:5ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deccanherald.com/deccanherald/assets/svg-sprite-39ec39c5b3d32c0adb9732979a5c9627.svg

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5ac6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2edf44d7c0eb76c4d91a87a29c74a77116b81a1e238c4643fdb742348f012964

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2024 06:46:27 GMT
server: cloudflare
strict-transport-security: max-age=86400
age: 5599208
x-powered-by: Express
etag: W/"15b5e-190587209b8"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=31104000,s-maxage=31104000
cf-ray: 8bb9c70d3acf1c2a-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3

200

main.js Show response
www.deccanherald.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/ Frame 0D8E
Redirect Chain

https://www.deccanherald.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.deccanherald.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?

8 KB
4 KB

26ms
26ms

Script
application/javascript

2606:4700::6812:5ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deccanherald.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Server

2606:4700::6812:5ac6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc688edb816e7d77bbcf1778b35fff9a917d89bf2911b9cd67372edb67ebd307

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8bb9c70dcb001c2a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 31 Aug 2024 03:01:42 GMT
strict-transport-security: max-age=86400
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8bb9c70d9aef1c2a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/ 479 KB
149 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea1688602474180b02e1a6c1e9b2058c98622f78d3d9b9e55211258723e9c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 18:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30208
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152754
x-xss-protection: 0
server: cafe
etag: 3412434405602474095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Aug 2025 18:38:14 GMT

GET
H2 200 iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame B42B 0
0 40ms
23ms Document
text/html 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.deccanherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 1337321
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 8bb9c70dfb462c5a-FRA
content-encoding: br
content-type: text/html
date: Sat, 31 Aug 2024 03:01:42 GMT
expires: Tue, 01 Oct 2024 03:01:42 GMT
last-modified: Tue, 14 May 2024 14:09:56 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 87 KB
30 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6098511427863223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aabe59611e961e31bf948c7672d55388de6d2ad91900af3e56597438f075fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30992
x-xss-protection: 0
server: cafe
etag: 2348259299439778836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 31 Aug 2024 03:01:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 428 KB
143 KB 51ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6098511427863223&plah=www.deccanherald.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6098511427863223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceed42bec7830fb5a9d7bd68b43136b81bc585bac9dbcb3ed7b5a779524d1039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146442
x-xss-protection: 0
server: cafe
etag: 16235433169403601128
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 31 Aug 2024 03:01:42 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
86 KB 77ms
24ms Script
application/javascript 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

214ff51aebadd5555bfd82d6979967644506951ed708fd3355aceba87195c308

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Krx7sbbvffrdBliDJqQS4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-Krx7sbbvffrdBliDJqQS4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 31 Aug 2024 03:01:42 GMT

GET
H3 200 178-686124644bbb75d62d55.js Show response
fea.assettype.com/deccanherald/assets/ 78 KB
21 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/178-686124644bbb75d62d55.js
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6494276b3404d52addfe9eb114ac17bfb5bd08b8ec7723d048d971dad7040960

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: xfdP9e2uBkluOMk7sCbI42rvPEo8ygFa
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 139736
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Aug 2024 12:10:30 GMT
server: cloudflare
etag: W/"48434a64ae9e8d61ed91da8af9123fe9"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70e9d8f6adc-FRA
x-amz-cf-id: OAjHsl_eRMK-Fq3ColzEG3yqbWBTqyjzAbw_KSfmpTVLrcPaJFYcMA==

GET
H3 200 448-686124644bbb75d62d55.js Show response
fea.assettype.com/deccanherald/assets/ 32 KB
10 KB 23ms
22ms Script
application/javascript 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/448-686124644bbb75d62d55.js
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36fa127f40952331aab2d3da2ae49568b6c28aa9ee78c3cb2962d59ce623074c

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: DOPF2PAPKDmICaAoc8M6CTeNO47rsNzL
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 139432
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Aug 2024 12:10:31 GMT
server: cloudflare
etag: W/"6e17f395c4832e4f08c3c2acf294d723"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70e9d936adc-FRA
x-amz-cf-id: CmOgdqPBQD1S_7DWxd3NDTE-9oa397jo_B9UHsNvrQUaf4swDksfcQ==

GET
H3 200 724-686124644bbb75d62d55.js Show response
fea.assettype.com/deccanherald/assets/ 84 KB
33 KB 25ms
24ms Script
application/javascript 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/724-686124644bbb75d62d55.js
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 725b47b389689329af5917f2e403485167cc92829e5c8ff69d1a04f80bb1ccf0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: GZR0k18628Dp9B4PAtBBH1tIs_VX5o9x
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 139737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Aug 2024 12:10:32 GMT
server: cloudflare
etag: W/"7508fc9fd9dc6d7494524c9c1f7e75b8"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70e9d956adc-FRA
x-amz-cf-id: tz7c24ayPkOxUjI6Aqjk4GPZ7Sw35YJIrtHvPz3Yn24rHimvBHDzEA==

GET
H3 200 36-9679d7bbe07efd19fc56.css
fea.assettype.com/deccanherald/assets/ 49 KB
10 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/36-9679d7bbe07efd19fc56.css
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d796e5802c34e4a5b58222d2f11ddf5eab20450a79229a011c2106fa052bb6ed

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: tWzf787ZF1GqXZsWLaNGVRBZ9gvZL9k8
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 171931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 Jul 2024 10:07:09 GMT
server: cloudflare
etag: W/"127ddf8446d700d3821da5f3588bcaf6"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70e9d966adc-FRA
x-amz-cf-id: zdz3fklQrDRvpPh0iwPRoM30MNnWsYliZolVH6ywaBZbU2bEBhV4aw==

GET
H3 200 36-686124644bbb75d62d55.js Show response
fea.assettype.com/deccanherald/assets/ 309 KB
40 KB 27ms
26ms Script
application/javascript 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/36-686124644bbb75d62d55.js
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f060e6a5b131bb9e1d1bfbb0b15d1f86dd51e2de8d23abb5dcd7fab417d63a95

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: IkN1SmUeLLh0_PTRSISuNRJE19k0lAzv
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 139432
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Aug 2024 12:10:31 GMT
server: cloudflare
etag: W/"cb5b8570b9e611f30a2b8d845030dfc3"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70e9d986adc-FRA
x-amz-cf-id: qzXN7XTcdNKSvUlz-w14aq8xgtqm3na1fGPtqwjmhtmNPdPHzLAflQ==

GET
H3 200 601-686124644bbb75d62d55.js Show response
fea.assettype.com/deccanherald/assets/ 17 KB
7 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:1ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/deccanherald/assets/601-686124644bbb75d62d55.js
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75328c08861a40089fc42197395126da517a308fe5683db5ff59bc810686dc9

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
x-amz-version-id: leyn4izceea94QphXPcBWbmJTPox7sDa
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 139737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Aug 2024 12:10:32 GMT
server: cloudflare
etag: W/"e7cd49968592cc2862d32c354c584989"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 8bb9c70e9d996adc-FRA
x-amz-cf-id: cSFQqyefkiUKJJLF2L6ld76NkzMaskqB-zdSJLJbWSqzLMgFJ8-Pow==

GET
H2 200 1013527 Show response
fundingchoicesmessages.google.com/i/ 206 KB
68 KB 61ms
32ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1013527?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f12893df9e3f54083f2d74cd2f6e9ad2a2e13011e2e59a22179b353476f7499

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Pz54UpA9FHFzqPiQp6feqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Pz54UpA9FHFzqPiQp6feqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2B-P66S6zPgXjvx0usR4FYiIdjWv-pbWwCPzbtWsuspJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgYWSuZ2AUX2AAAAflQ5o"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
104 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F45W975H2J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T46PRBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

707dbfb6cfd2971f6950f94253b9f4ecb7abf872878f27de7b8df20800c62293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 31 Aug 2024 03:01:42 GMT

GET
H2 200 nn5u2kgn0r Show response
www.clarity.ms/tag/ 513 B
769 B 141ms
94ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/nn5u2kgn0r?ref=gtm2
Requested by: Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bcbb52a21327bcae17483077fd57bc3d102ea31b2aae52a329812bf7ba33ea72

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date: Sat, 31 Aug 2024 03:01:43 GMT
x-azure-ref: 20240831T030142Z-166b9c58d6c9rvdb40vxa22fks00000001000000000026sq
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 513
expires: -1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 31 Aug 2024 03:01:42 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4322, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 1CfXdLqV20XOOJvEbrcBBpoJvmok2eD9Rx7Ewe7R4M/9uDxUHcX8nD8PZ3kwzlOGlBphvGz2gns7dXDKCFxbQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 8bb9c70a99d21c2a Show response
www.deccanherald.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0D8E 0
664 B 23ms
18ms XHR
text/plain 2606:4700::6812:5ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deccanherald.com/cdn-cgi/challenge-platform/h/g/jsd/r/8bb9c70a99d21c2a

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5ac6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 31 Aug 2024 03:01:42 GMT
strict-transport-security: max-age=86400
server: cloudflare
cf-ray: 8bb9c70f6bb21c2a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 51ms
8ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/mAfXoQ/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 02:20:30 GMT
content-encoding: gzip
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
last-modified: Wed, 28 Aug 2024 22:46:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 2474
etag: W/"f2dd6786b4537f2bb6a3e22886b855f2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: l589wA-sRyoQ26QN78BPIpadm3Ps-Ke1iNXKosTjtaCwqRXL-AqjHQ==

GET
H3 200 prebid_mAfXoQ.js Show response
scripts.atmtd.com/yetijs/ 344 KB
110 KB 58ms
27ms Script
application/javascript 2606:4700:10::6816:44f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.atmtd.com/yetijs/prebid_mAfXoQ.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/mAfXoQ/afihbs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:44f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c0ebd1aad8c434946e9a34b4e016d12e37349f4f6518b46318c704297c317df

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
x-amz-version-id: r1IVUFDGPmKFP8NZ7TNP7VuZj4arBmZo
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 May 2024 12:15:39 GMT
server: cloudflare
x-amz-request-id: 0NR8VNS69TWDJ9A3
age: 74447
etag: W/"78ae175e2ce1b812ee9d54523e7c0ecb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8bb9c70fcfafd24f-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4FjeC5HIh/pfEliqdItgbVs4nBUwYch/ayb0lbhkiMxhza4HS45Xjg/NlYAYsKzwHqEhxGPFCRE=

GET
H3 200 sizzle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 19 KB
7 KB 33ms
22ms XHR
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js

Requested by

Host: go.automatad.com
URL: https://go.automatad.com/geo/mAfXoQ/afihbs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1397463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6679
last-modified: Mon, 04 May 2020 16:16:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd4-4dc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xg7ay8R0mv6CVBSjknXjDsEwRiear%2BiDLDwXY1SBVB7fCa8gbVuaDvctVY7MLjswBQgT8exnYoRJyZ7o73s45UNB0j2eff88V3FHv99QhE57kpCnczWQK%2FLv3xv%2FZdJ1kXP50trfmdrsknfZ3e7oxuzj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb9c70faaa4a025-FRA
expires: Thu, 21 Aug 2025 03:01:42 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 25ms
24ms Stylesheet
text/css 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QTmjpt_5ejmsREjWdZCz5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-QTmjpt_5ejmsREjWdZCz5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 31 Aug 2024 03:01:43 GMT

GET
H2 200 button
accounts.google.com/gsi/ Frame EF6B 0
0 89ms
57ms Document
text/html 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?type=standard&theme=outline&size=large&text=undefined&shape=undefined&logo_alignment=undefined&width=undefined&locale=undefined&click_listener=undefined&client_id=997955211260-m9n5bfqvm209j4nnumu5qcm51aptc5v8.apps.googleusercontent.com&iframe_id=gsi_303037_20153&as=EPVbavqnwSdUTb%2FNTfAU8w

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-NwTlaVEQpc30BJd_Ohdvbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-NwTlaVEQpc30BJd_Ohdvbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Sat, 31 Aug 2024 03:01:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/deccanherald-deccanherald/ 981 KB
250 KB 41ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/deccanherald-deccanherald/loader.js
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/724-686124644bbb75d62d55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c8c06ca2e311e6c37ea4d00cabba7b3438f9442cfc332c081a762a826a8f4b36

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: vYzwmoDoYIPM52fIOyV8u6wgFc4J17KE
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Aug 2024 03:01:43 GMT
x-amz-request-id: J7GC1FESN8393N38
age: 9406
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 5
x-amz-replication-status: FAILED
content-length: 255015
x-amz-id-2: egrBeS0r542iPlHARJDBLOLuxX+vr/jDqeTeeK9U/5AWCE9a01zbXHAwF8RDf+HV+KVkzrqe9rs=
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 30 Aug 2024 23:27:52 UTC
server: nginx
x-timer: S1725073303.080155,VS0,VE1
etag: "2875bda36f10a26751ed842e0e14529a7f8dc379"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 28
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 AGSKWxUHpJT8ZoMhZFKQ_zUFEjiyK3y61y2yNyqZEHiWJ67BMbs1VAfGlwp-eG5ZWi3SYaviglN8NDf-d-Wnjfwn-Zku5A4Qc6GRpz_2LYIdpyivMfXU_iOoflnrjoqYnaKo7hzCoCdL2g== Show response
fundingchoicesmessages.google.com/f/ 389 KB
60 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUHpJT8ZoMhZFKQ_zUFEjiyK3y61y2yNyqZEHiWJ67BMbs1VAfGlwp-eG5ZWi3SYaviglN8NDf-d-Wnjfwn-Zku5A4Qc6GRpz_2LYIdpyivMfXU_iOoflnrjoqYnaKo7hzCoCdL2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1MDczMzAzLDc4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5kZWNjYW5oZXJhbGQuY29tLy9pbmRpYS8va2FybmF0YWthLy9iZW5nYWx1cnUvL3RocmVlLy1oZWxkLy1pbi8tYXRtLy1mcmF1ZC8tYnVzdC8tcG9saWNlLy1zZWl6ZS8tNjkvLWZha2UvLWNhcmRzLy0zMTM5OTU3IixudWxsLFtbOCwibW5ma2dnUnE3NDQiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMwctVC55fA0p5N97fVao6kVU62PNQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02f77bbc3d768f42948d9b17068a2c121c436724eac54250f727862cf3c1657a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fHNUDU9DZdSu3dwSv2lQ7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-fHNUDU9DZdSu3dwSv2lQ7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1pBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2B-P66S6zPgXjvx0usR4FYiJtjev-pbWwCH648s1bSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwMtczMIovMAAAzp5DcQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 520307438489541 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 96ms
96ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/520307438489541?v=2.9.166&r=stable&domain=www.deccanherald.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3f03b503cf3110bb4a6d53d690facaf6fa8b896dd346c7c37e1d20c1fa1c618

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 31 Aug 2024 03:01:43 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=68, mss=1232, tbw=66992, tp=63, tpl=0, uplat=89, ullat=0
pragma: public
x-fb-debug: 8B94I8hrJ4MBQrea2a0N7TO82OOa8Kp2FaDPVyZBnwfBk0nc4/bTWl5W1RnL1byuzitNIFXb/OpgiH61oEAIaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6098511427863223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 20ms
19ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/nn5u2kgn0r?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-encoding: br
last-modified: Wed, 28 Aug 2024 19:57:49 GMT
etag: W/"0x8DCC79BB1C5F66A"
vary: Accept-Encoding
x-azure-ref: 20240831T030143Z-166b9c58d6c9rvdb40vxa22fks00000001000000000026sx
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 91b292d3-901e-006b-0414-faa92f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 393a121e-26bf-4c86-adda-154909cc8e5d Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 32ms
6ms Script
application/javascript 18.245.31.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/393a121e-26bf-4c86-adda-154909cc8e5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-65.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: a49c4139a3df83be86686cb3ebd043d48c48afe6353f3fce05e95e90083c384c

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 02:06:38 GMT
via: 1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 3305
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: Fc8NYUIr6tIbafnvBu_e4xCsHDc3LzQYL2fgSYwifY7ZwaytnwWu3w==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
314 B 9ms
8ms XHR
text/plain 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.deccanherald.com&pubid=393a121e-26bf-4c86-adda-154909cc8e5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 22:31:16 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 16227
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.deccanherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: vCdK0lZ_4nRGNgcK9yOFckCc5zl8rdRDqmWMJcbSTdcYy_zqpTD05g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
6ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 06:07:10 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 75273
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: HFA-n9ly1F4IvFkpmkoYmZau0iEC2VYdKwufqZejDyIZMJe3K8DJgg==

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 44ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwjNNVj8kPNq9pbqhf2bIWH1V35nA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 31 Aug 2024 03:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 31 Aug 2024 03:01:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 31 Aug 2024 03:01:43 GMT

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 8608 0
0 22ms
7ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/deccanherald-deccanherald/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.deccanherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

abp: 39
accept-ranges: bytes
access-control-allow-origin: *
age: 79281
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Sat, 31 Aug 2024 03:01:43 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: WJ7HUWSXwQk7466uNAlUKnkvOaQ+POcvqF9iHiQx6M6a4TrwqSMJNOtgmd6o8plWeZEczvb4/r4=
x-amz-replication-status: COMPLETED
x-amz-request-id: AKPH57N3AWSG1NJ9
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 105166
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1725073303.261759,VS0,VE0

GET
H2 200 load.js Show response
pm-widget.taboola.com/deccanherald-deccanherald/ 3 KB
1 KB 15ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/deccanherald-deccanherald/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/deccanherald-deccanherald/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e1fc86fe0a070aee2e8b2ad8fbc552c5dd91930c734f15aa79c5b2f1e1ccabb

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: cvatIf__CKiF6FR.XR_IqQR8bz7bgTwV
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Aug 2024 03:01:43 GMT
x-amz-request-id: MHTJEFA71MPXBSKV
age: 1346
x-cache: HIT
content-length: 1134
x-amz-id-2: dXXH1pROW3fi6uQii3rwTtZ8ZPw2FE7N0jsN/Cq2Up/zcqtcJTJuoddQZ83jZeKuNITUReXcAMo=
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 08 Mar 2024 08:02:35 GMT
server: AmazonS3
x-timer: S1725073303.253279,VS0,VE1
etag: "5b2c126c071796fcba2aeb816ca985cb"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impl.20240830-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 921 KB
185 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240830-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/deccanherald-deccanherald/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b985d1add51693e2b45f3eb6e46fc229125aff80b28bb94d3d20f61f9c6286ea

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: qBuX3ff7e7edJEofElRTlFgSm87vaLar
content-encoding: br
via: 1.1 varnish
date: Sat, 31 Aug 2024 03:01:43 GMT
x-amz-request-id: FZ549K50ZBGWZR00
age: 24210
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 189103
x-amz-id-2: ROieiWQyBP4482oJ16EtRFivJ0+JGQdcutHrAO/OzT54Ui2FG88N4Dd6zwTTFDCd47cH9qxQjIg=
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 30 Aug 2024 12:16:49 GMT
server: AmazonS3-br
x-timer: S1725073303.249936,VS0,VE0
etag: "bd44d7303adf1cc7d4ac03aa9143bb0c"
vary: Accept-Encoding
content-type: application/javascript
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 31848

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 04:40:43 GMT
x-content-type-options: nosniff
age: 166860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 04:40:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 00:52:45 GMT
x-content-type-options: nosniff
age: 7738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 00:52:45 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v61/ 33 KB
34 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v61/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 21:55:42 GMT
x-content-type-options: nosniff
age: 18361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34184
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 17:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 21:55:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 22:14:45 GMT
x-content-type-options: nosniff
age: 17218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 22:14:45 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 34 KB
34 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 18:11:55 GMT
x-content-type-options: nosniff
age: 118188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 18:11:55 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 47ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-F45W975H2J&gtm=45je48s0v9104653861z89104463922za200zb9104463922&_p=1725073302574&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1893464773.1725073303&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725073303&sct=1&seg=0&dl=https%3A%2F%2Fwww.deccanherald.com%2F%2Findia%2F%2Fkarnataka%2F%2Fbengaluru%2F%2Fthree%2F-held%2F-in%2F-atm%2F-fraud%2F-bust%2F-police%2F-seize%2F-69%2F-fake%2F-cards%2F-3139957&dt=404%20-%20Page%20not%20found&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1173
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F45W975H2J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 03:01:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.deccanherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 75ms
22ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F45W975H2J&cid=1893464773.1725073303&gtm=45je48s0v9104653861z89104463922za200zb9104463922&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F45W975H2J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 03:01:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.deccanherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWDDorby0NfBS77o8IypxyfflwDiDbNdekN0oy52drX92KY4u3vYbI576AG3TlNXCdjqEgCRwgvkY3Z6K4nQjhPZztX4hdY-Sb_VBnAgxFW-wWBgafkRVsEM3aaNFdn2WpLuLE9SQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
18ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWDDorby0NfBS77o8IypxyfflwDiDbNdekN0oy52drX92KY4u3vYbI576AG3TlNXCdjqEgCRwgvkY3Z6K4nQjhPZztX4hdY-Sb_VBnAgxFW-wWBgafkRVsEM3aaNFdn2WpLuLE9SQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T5PVQ_NORIQFR9JSxcSrvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-T5PVQ_NORIQFR9JSxcSrvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDim95_axiYwoePtDEYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWSpZ2AaX2AAAEMgLc4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.deccanherald.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWDDorby0NfBS77o8IypxyfflwDiDbNdekN0oy52drX92KY4u3vYbI576AG3TlNXCdjqEgCRwgvkY3Z6K4nQjhPZztX4hdY-Sb_VBnAgxFW-wWBgafkRVsEM3aaNFdn2WpLuLE9SQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
56ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWDDorby0NfBS77o8IypxyfflwDiDbNdekN0oy52drX92KY4u3vYbI576AG3TlNXCdjqEgCRwgvkY3Z6K4nQjhPZztX4hdY-Sb_VBnAgxFW-wWBgafkRVsEM3aaNFdn2WpLuLE9SQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Op-AN1d9VBQm6esrefFLDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Op-AN1d9VBQm6esrefFLDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDim95_axibQcW_LakYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWSpZ2AaX2AAAEr7Le4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.deccanherald.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 37ms
19ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F45W975H2J&cid=1893464773.1725073303&gtm=45je48s0v9104653861z89104463922za200zb9104463922&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1580987232

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Aug 2024 03:01:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 31ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=520307438489541&ev=PageView&dl=https%3A%2F%2Fwww.deccanherald.com%2F%2Findia%2F%2Fkarnataka%2F%2Fbengaluru%2F%2Fthree%2F-held%2F-in%2F-atm%2F-fraud%2F-bust%2F-police%2F-seize%2F-69%2F-fake%2F-cards%2F-3139957&rl=&if=false&ts=1725073303414&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725073303414.813201644406067484&ler=empty&cdl=API_unavailable&it=1725073303092&coo=false&rqm=GET

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2804, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 31 Aug 2024 03:01:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 76ms
52ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=520307438489541&ev=PageView&dl=https%3A%2F%2Fwww.deccanherald.com%2F%2Findia%2F%2Fkarnataka%2F%2Fbengaluru%2F%2Fthree%2F-held%2F-in%2F-atm%2F-fraud%2F-bust%2F-police%2F-seize%2F-69%2F-fake%2F-cards%2F-3139957&rl=&if=false&ts=1725073303414&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725073303414.813201644406067484&ler=empty&cdl=API_unavailable&it=1725073303092&coo=false&rqm=FGET

Requested by

Host: www.deccanherald.com
URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 31 Aug 2024 03:01:43 GMT
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409133419884812166", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=3121, tp=-1, tpl=-1, uplat=44, ullat=0
pragma: no-cache
x-fb-debug: 04TgONk4G6oVXTz923rwkEgi/69IM/V8R8MbdOj7WNX3pB5apcT+7YobJIf4ePsEbxMB/5MvY6HsCkEvg9qPHQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409133419884812166"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
284 B 286ms
92ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.deccanherald.com
Date: Sat, 31 Aug 2024 03:01:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 pmk-20220605.3.js Show response
pm-widget.taboola.com/deccanherald-deccanherald/ 84 KB
24 KB 26ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/deccanherald-deccanherald/pmk-20220605.3.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/deccanherald-deccanherald/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c83e1470513fb068ea0df6f87a5992e1146fd30891dbd153a77484d4dfefdc80

Request headers

Referer: https://www.deccanherald.com/
Origin: https://www.deccanherald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: u9yi.Vq5r2XYFF_AWHVg6ZrB.smBnjpi
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Aug 2024 03:01:43 GMT
x-amz-request-id: BV4JCEB7CEGQT49Y
age: 859649
x-cache: HIT
content-length: 24283
x-amz-id-2: 11ImW/V4UVeDefdmk5HejYP6hL0A/bAqvxQOUmKOBTSCaH1EHTVHyf8Ta1fzoy4jjhbcHzHiKEY=
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Fri, 08 Mar 2024 08:02:35 GMT
server: AmazonS3
x-timer: S1725073303.442748,VS0,VE1
etag: "332ed5d1dd27ad8a89b0eeac8777bbef"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 google-topics-api.20240830-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240830-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/deccanherald-deccanherald/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afffd976a6a66b94add742a600c3ff50f9f1d65c60942afb58a0504195108204

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: pPRB5hMdQFJCCElPO5akYhHr1RnYKvL0
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Aug 2024 03:01:43 GMT
x-amz-request-id: SV1Z1J6YDCYY5WYK
age: 52917
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1058
x-amz-id-2: C41azQquvwxPLceUTQcawFS/u7PEpBmAhF8BCc3O5mrAGAsjtxLFn2ns9Sy7Ran1VXNjJCsU+G4=
x-served-by: cache-fra-eddf8230040-FRA
last-modified: Fri, 30 Aug 2024 12:19:47 GMT
server: AmazonS3
x-timer: S1725073303.441571,VS0,VE0
etag: "fbb7db27227ca8ab300608af02ebcdf6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 78
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 76065

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame F432 0
0 0ms
0ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240830-4-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.deccanherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

abp: 39
accept-ranges: bytes
access-control-allow-origin: *
age: 79281
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Sat, 31 Aug 2024 03:01:43 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: WJ7HUWSXwQk7466uNAlUKnkvOaQ+POcvqF9iHiQx6M6a4TrwqSMJNOtgmd6o8plWeZEczvb4/r4=
x-amz-replication-status: COMPLETED
x-amz-request-id: AKPH57N3AWSG1NJ9
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 105166
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1725073303.261759,VS0,VE0

GET
H3 200 qlitics.js Show response
www.deccanherald.com/ 12 KB
5 KB 31ms
30ms Script
application/javascript 2606:4700::6812:5ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deccanherald.com/qlitics.js

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/deccanherald/assets/app-686124644bbb75d62d55.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5ac6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a6a0df8c096800d928ff2d747187997f961fb4263b3e821f0c5d32ada143879e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.3)
cf-cache-status: HIT
strict-transport-security: max-age=86400
age: 192
x-powered-by: Express
x-cache: MISS
qt-trace-id: 885ade92-472f-4b7f-bd3a-f550ea397b5a
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 31 Aug 2024 02:52:35 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 529178650
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=60,s-maxage=600,stale-while-revalidate=7200,stale-if-error=7200
cf-ray: 8bb9c712ed211c2a-FRA

GET
H2 200 device-tracker-id Show response
prod-analytics.qlitics.com/api/ 60 B
560 B 317ms
100ms XHR
application/json 44.209.204.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-analytics.qlitics.com/api/device-tracker-id
Requested by: Host: www.deccanherald.com
URL: https://www.deccanherald.com/qlitics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.204.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-204-25.compute-1.amazonaws.com
Software: /
Resource Hash: 17dec4e5072ce95d1470a5c9c32653613c4f6c60a246f2f2e8eff8e38f4bc76c

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
access-control-allow-option: POST, PUT, GET
access-control-max-age: 30
content-type: application/json
access-control-allow-origin: https://www.deccanherald.com
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, content-type, origin, accept

GET
H3 200 favicon.svg
www.deccanherald.com/icons/ 2 KB
2 KB 33ms
33ms Other
image/svg+xml 2606:4700::6812:5ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deccanherald.com/icons/favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5ac6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2175240107aac91e899a90e649a43f944a55a5e2a7d89b2128c33c7373a99f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:01:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Aug 2024 11:42:50 GMT
server: cloudflare
strict-transport-security: max-age=86400
age: 525
x-powered-by: Express
etag: W/"828-1919df20690"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 8bb9c7134d461c2a-FRA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
284 B 93ms
92ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.deccanherald.com
Date: Sat, 31 Aug 2024 03:01:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 0.json Show response
nh.izooto.com/nh/c9f8d2b38118e02a670466b9dde70a81902a4383/ 11 KB
3 KB 67ms
23ms XHR
application/json 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nh.izooto.com/nh/c9f8d2b38118e02a670466b9dde70a81902a4383/0.json

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8203fa734f349c338605439ce7180bb59cd69bffe8e89acb8751cfd3203ab1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 31 Aug 2024 03:01:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 30 Aug 2024 17:01:57 GMT
server: cloudflare
age: 50
etag: W/"66d1fb05-2b7a"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 8bb9c71e6bc62c21-FRA
x-xss-protection: 1; mode=block
expires: Sat, 31 Aug 2024 03:21:45 GMT

POST
H2 200 nblk Show response
sbp.izooto.com/ 0
66 B 320ms
310ms XHR
text/plain 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sbp.izooto.com/nblk
Requested by: Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.deccanherald.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 31 Aug 2024 03:01:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bb9c727af7f2c21-FRA
content-length: 0

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards	1970-01-20 23:11:18	Name: qtype-session Value: 220c145f-6120-47a9-bc47-63085b0ce98c
.automatad.com/	1970-01-20 23:11:15	Name: __cf_bm Value: 5pm5T1SLjurf1TsYhs1tuld8rHhTXL2BKXc9St_THNc-1725073302-1.0.1.1-Fh68GyhvgQ4wFQqqzyoFhbnKwwHT9oYeoEjSzNXeUYXiDQXJnlQdgWdhOHcgroDuBACXMvT0FxmD9GuSvc4B3g
.izooto.com/	1970-01-21 08:47:13	Name: IZCID Value: b9b043e3-48d0-45ca-84e3-97c4e4170558
.www.deccanherald.com/	1970-01-21 07:56:49	Name: cf_clearance Value: Qe6ZDLZofx5zkQbCBlbsDn8Vl82_nfVoYjmEWLcwo50-1725073302-1.2.1.1-62a5kABm749QBLXPShLC16CIyfynqjmmTpxE41krryVfnrFKaFGedFTkIrU_JgOmqwtN3D1597UVVShsctm.NYDmDwb.q3hFVLO2i90w9XSaX5vQRijBObfu6NmmN_SUimBNTB9SeU6QAljaR7oTUky1.7hwy0hfytyLbCeHkJ2hlBDeB6i8NFyxatRr9knr266i.ycuXkO392b.JTJthrmBomEnb0uWyNEXyKt_UBA929MuAXUHRWy.VIzVjzQ9crqDsRIebR2R0fFsIMpB55cbB7cCa41NLT0_WAUhJ9Lr1ZSOW.cC9kiTM1_kb3i6c_ZviAM2FIV9LvykJp7UlQ7C_1e1nBSEjnJVNvCtdjsr2no_F8uHpxhol2D.mku2
.atmtd.com/	1970-01-20 23:11:15	Name: __cf_bm Value: l.KEP4v3xurq.EFxlliOYqiF8YijNvpPR6dNojjJQ9w-1725073303-1.0.1.1-GH7qPHuHPUb6WcvFpgV.utLAQbEISWUjLDk4WNvKCuvFDOOwymwcZbgN_mE0Dx1kgPKXGOqIy.VDMXq1Qn8E2g
.deccanherald.com/	1970-01-21 08:47:13	Name: _ga Value: GA1.1.1893464773.1725073303
.deccanherald.com/	1970-01-21 01:20:49	Name: _fbp Value: fb.1.1725073303414.813201644406067484
.deccanherald.com/	1970-01-21 08:47:13	Name: _ga_F45W975H2J Value: GS1.1.1725073303.1.0.1725073303.60.0.0
.qlitics.com/	1970-01-21 08:47:13	Name: thinmint Value: fe39f90b-c32c-497f-a98a-6f7818fcdbdc
www.deccanherald.com/	1970-01-21 08:47:13	Name: thinmint Value: fe39f90b-c32c-497f-a98a-6f7818fcdbdc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957 Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://www.deccanherald.com//india//karnataka//bengaluru//three/-held/-in/-atm/-fraud/-bust/-police/-seize/-69/-fake/-cards/-3139957 Message: Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
accounts.google.com
c.amazon-adsystem.com
cdn-in.amuselabs.com
cdn.gumlet.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
connect.facebook.net
fea.assettype.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
go.automatad.com
nh.izooto.com
pagead2.googlesyndication.com
pm-widget.taboola.com
prod-analytics.qlitics.com
region1.analytics.google.com
sbp.izooto.com
scripts.atmtd.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.clarity.ms
www.deccanherald.com
www.facebook.com
www.google.de
www.googletagmanager.com
13.224.186.120
151.101.193.44
151.101.65.44
18.245.31.65
2001:4860:4802:34::36
2600:9000:225e:5000:11:c3fe:5b00:93a1
2606:4700:10::6816:1ad4
2606:4700:10::6816:44f0
2606:4700:10::ac43:16bf
2606:4700::6810:ff40
2606:4700::6811:190e
2606:4700::6812:5ac6
2620:1ec:bdf::60
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c1d::9c
2a00:1450:4013:c18::54
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::485
34.149.208.254
44.209.204.25
51.8.71.184
02f77bbc3d768f42948d9b17068a2c121c436724eac54250f727862cf3c1657a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
110dadd91d79728e5db4d71b6795541dc5c1492c171cc1725b56034d06f58656
17dec4e5072ce95d1470a5c9c32653613c4f6c60a246f2f2e8eff8e38f4bc76c
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
214ff51aebadd5555bfd82d6979967644506951ed708fd3355aceba87195c308
2175240107aac91e899a90e649a43f944a55a5e2a7d89b2128c33c7373a99f75
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
2edf44d7c0eb76c4d91a87a29c74a77116b81a1e238c4643fdb742348f012964
36a651c60a0a45e4610027be77b32b5dec4180e6036fb870108f06a44e7503c9
36fa127f40952331aab2d3da2ae49568b6c28aa9ee78c3cb2962d59ce623074c
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4184b2f4d5878c005aa22c1cf131f297f426ea91fcf5569b1c9d28d86c514a3d
4b3944fe27b050eed9f34f0fff79fcd399faecc0fbe74cf728ba2d1f1de49ab9
4f12893df9e3f54083f2d74cd2f6e9ad2a2e13011e2e59a22179b353476f7499
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
6494276b3404d52addfe9eb114ac17bfb5bd08b8ec7723d048d971dad7040960
65439062867206bee60070bf225a893c726932aa126bc72190d368f7dfae3565
6e1fc86fe0a070aee2e8b2ad8fbc552c5dd91930c734f15aa79c5b2f1e1ccabb
707dbfb6cfd2971f6950f94253b9f4ecb7abf872878f27de7b8df20800c62293
725b47b389689329af5917f2e403485167cc92829e5c8ff69d1a04f80bb1ccf0
7aabe59611e961e31bf948c7672d55388de6d2ad91900af3e56597438f075fbe
814eba54011def7fdeead06ae5cf964a245c347d0f4972e71cc3de1482b1b473
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89cd6d709716cfa21bc02753b2d92f66e39e77b2efc26891db46256ae3f390d7
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
975f7d9b648e4ed913467457f9c2805817c86454d7f5c34c252b5249a017fdc3
9c0ebd1aad8c434946e9a34b4e016d12e37349f4f6518b46318c704297c317df
a49c4139a3df83be86686cb3ebd043d48c48afe6353f3fce05e95e90083c384c
a4ff2f07870007176638f0dce5abd4060fda80a13cd4fbfd767b5beb09a4b99f
a6a0df8c096800d928ff2d747187997f961fb4263b3e821f0c5d32ada143879e
a7c5502e979ab954a79502b2ef1f405199fdba14fd08d0aa5a71369bcc5488f6
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afd59a8bd6557aa17b0727b00b1406cb34e68ba1672f14624e73fa2e32f791fa
afffd976a6a66b94add742a600c3ff50f9f1d65c60942afb58a0504195108204
b156e6c60471b72c47600c29baf7b9d7b67638973b52acb8d358c7bd52cf526a
b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b
b3f03b503cf3110bb4a6d53d690facaf6fa8b896dd346c7c37e1d20c1fa1c618
b5faf8997565629c888e824f8c9acdd5efa1f9cb584c194b86d0568d5d178fbf
b985d1add51693e2b45f3eb6e46fc229125aff80b28bb94d3d20f61f9c6286ea
bcbb52a21327bcae17483077fd57bc3d102ea31b2aae52a329812bf7ba33ea72
c4db21441a864a9c1fa837fc4ad0baf1c9a158e4e39b20e148114478ed2b066c
c83e1470513fb068ea0df6f87a5992e1146fd30891dbd153a77484d4dfefdc80
c8c06ca2e311e6c37ea4d00cabba7b3438f9442cfc332c081a762a826a8f4b36
cc7a0b52cfdd3adc4ca2893e4d155b9067dd7dd27ebce043e19583e7ced6f033
ce8203fa734f349c338605439ce7180bb59cd69bffe8e89acb8751cfd3203ab1
ceed42bec7830fb5a9d7bd68b43136b81bc585bac9dbcb3ed7b5a779524d1039
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
d75328c08861a40089fc42197395126da517a308fe5683db5ff59bc810686dc9
d796e5802c34e4a5b58222d2f11ddf5eab20450a79229a011c2106fa052bb6ed
dc688edb816e7d77bbcf1778b35fff9a917d89bf2911b9cd67372edb67ebd307
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
eea1688602474180b02e1a6c1e9b2058c98622f78d3d9b9e55211258723e9c30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f060e6a5b131bb9e1d1bfbb0b15d1f86dd51e2de8d23abb5dcd7fab417d63a95
fe3af448eae34e078812132e415eab1d641ddcb706a4cbe2e8b014efe72c22b9
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

www.deccanherald.com Open in urlscan Pro 2606:4700::6812:5ac6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

75 %IPv6

22 Domains

30 Subdomains

29 IPs

4 Countries

2681 kBTransfer

9530 kBSize

10 Cookies

17 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.deccanherald.com Open in urlscan Pro
2606:4700::6812:5ac6 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

75 %
IPv6

22
Domains

30
Subdomains

29
IPs

4
Countries

2681 kB
Transfer

9530 kB
Size

10
Cookies

74 HTTP transactions
1 data transactions